|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
Thread Tools |
06-26-2008, 08:01 AM
|
#1 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 13
OS: xp sp 2
|
1001 problems with my VAIO
My laptop has lost it completely!!! I have problems with nearly everything. Some details:
1. i have been recently dealing with tonnes of pictures (I'm talking thousands here). Basically I have been talking snapshots of dvds, then renaming them, moving to different files etc. I was using the option of renaming/moving/copying multiple pictures. Even though most of the time i marked all files in the folder, it would only move/rename/copy some of them. Like 100 out of 1000 or even less. I then have to repeat the action multiple times and if i am lucky it will finally do it with all the pictures. On the top of that it freezes my laptop to death whilst doing the above actions. Also, when i am browsing the pictures in the windows fax and picture viewer it takes ages to generate the preview. Each picture is only about 1mb. 2.When I scan my laptop with True Sword 4, it finds a Netsky backdoor in startup. When i delete it, it basically removes MSN msger from running at startup. then each time i run msn, i get warned by spybot and ArcaVir about a new registry entry being created. If i allow it, i get that Netsky thing in my startup again. 3. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains True Sword keeps picking bugs such as 108Solutions, Common, Dialer, Golden Palace Casino, Win32. Backdoor.Agent in this folder. I always remove the WHOLE folder from the registry because its full of crap to begin with! It contains tonnes of advertasing names or even porn names and all that. I have been removing the folder for quite a few months now but it keeps coming back, usually about once a week. All the virus names mentioned above were found on my system today, AGAIN. 4. My computer freezes constantly out of blue. I could be browsing something on the net (not downloading or loading anything) and then the browser freezes (i use opera and maxton). Or my windows explorer freezes and it wont stop till i shut it. 5. It is soooooo slow. It constantly seems to be loading something. I got a pop up ballon saying today that i was running low on virual memory whilst all i had open was one window (folder). My CPU jumps from 100 to 0 and back again when i am not doing anything. 6. Another problem with browsers, I used to use opera only but recently it has been freezing so much and taking ages to 'start connecting to the internet' at the beginning so i switched to maxton. The SAME problem. i always have the same browsers open and then the tabs are saved and restarted, could it be one of the websites causing it? (i dont have any nasties webbies there). 7. It freaked me out a few minutes ago when i turned on my laptop, it seemed to finish loading (wireless connected and skype automatically logged in). then i clicked on maxton and nothing happened, the icon didnt even highlight. I clicked again and nothing. I clicked on another icon, then on start menu and NOTHING. it was completely nonrespondive!!! i could open task mngr but thats about it. I tried to run something by clicking on new task but it totally froze my computer. i was able to restart it and then it worked but i honestly thought my laptop had died!!! CAN ANYONE HELP ME PLEASE?????? i'm posting my hijack log. By the way, you will probably bring to notice that i have two main antiviruses on my system (NOD32 and AcraVir). I normally use NOD and my problems had started BEFORE i installed AcraVir. It is only a trial version , which will expire in a few weeks and i installed it to hopefully solve my problems but that didnt happen. I know it's not good to have two antiviruses but in my case this is not the reason for my problems. Thanks again in advance!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:59:01 PM, on 6/26/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\ArcaBit\Common\ArcaBit.Core.Configurator2.exe C:\PROGRA~1\ArcaBit\ArcaUpdate\update.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\rpcnet.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\PROGRA~1\ArcaBit\ArcaVir\FileMonSV.exe C:\Program Files\ArcaBit\ArcaVir\NetMonSV.exe C:\PROGRA~1\ArcaBit\Common\taskscheduler.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe C:\Program Files\ArcaBit\ArcaVir\ABregmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Maxthon2\Maxthon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com.au/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.tpg.com.au:3128 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Switcher.exe] "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AvMenu] C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe O4 - HKLM\..\Run: [ABRegmon] C:\Program Files\ArcaBit\ArcaVir\ABregmon.exe O4 - HKLM\..\Run: [ArcaCheck] C:\Program Files\ArcaBit\ArcaVir\ArcaCheck.exe /startup O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user') O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O8 - Extra context menu item: Use ViDown to download - C:\Program Files\ViDown\vd_link.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: ArcaVir >> - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - C:\Program Files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll O9 - Extra 'Tools' menuitem: ArcaVir >> - {40525A66-DB98-480D-BCF9-7AF88C1AF438} - C:\Program Files\ArcaBit\WebExtensions\ie\ArcaIEExt.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase9563.cab O16 - DPF: {700EF03F-A472-4D26-8ACB-300F4D04FD96} (Recovery ActiveX Control Module) - https://www.lojackforlaptops.com/ctmweb/testoc.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1B5780D3-EB3B-4AB8-9A6B-BCC7EA4E2C17}: NameServer = 203.12.160.35,203.12.160.36 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: ArcaBit FileMonitor (ABFileMon) - ArcaBit - C:\PROGRA~1\ArcaBit\ArcaVir\FileMonSV.exe O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit - C:\Program Files\ArcaBit\ArcaVir\NetMonSV.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ArcaBit.Core.Configurator - ArcaBit - C:\PROGRA~1\ArcaBit\Common\ArcaBit.Core.Configurator2.exe O23 - Service: ArcaBit.Core.LoggingService - ArcaBit - C:\PROGRA~1\ArcaBit\Common\ArcaBit.Core.LoggingService.exe O23 - Service: ArcaBit.TaskScheduler - ArcaBit - C:\PROGRA~1\ArcaBit\Common\taskscheduler.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ArcaBit Update Service (AVUpdate) - ArcaBit - C:\PROGRA~1\ArcaBit\ArcaUpdate\update.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Absolute Software Corp. - C:\WINDOWS\system32\rpcnet.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- End of file - 11552 bytes |
|
     
|
|
06-29-2008, 04:01 PM
|
#2 (permalink) | |
|
Analyst, Security Team
Join Date: Jun 2006
Location: No U-Turn Syndrome Land
Posts: 419
OS: XP Professional, Vista Business
|
Re: 1001 problems with my VAIO
Hi,
Welcome to Tech Support Forum.  Quote:
With regards to True Sword, it looks like it may be back to its old ways. Some information on True Sword - http://www.spywarewarrior.com/rogue_...tm#tsword_note After uninstalling ArcaVir, please do the following:
__________________
 
|
|
|
|
|
|
06-29-2008, 08:02 PM
|
#3 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 13
OS: xp sp 2
|
Re: 1001 problems with my VAIO
HI, thanks a lot for your reply. However I totally got the crap with my laptop last night and i did a full system reinstalation, hence everything is running nice and smooth now. I would still like to know a bit more about true sword though.... is there a chance it's a false software? i put it on my laptop again after the reinstallation so i am very keen of finding out if there is anything suspicious about it. and i still dont understand why that registry key kept coming back. it couldnt have been true sword that was making it up because the key was actually physically there. thanks again
|
|
|
|
|
06-29-2008, 10:14 PM
|
#4 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2006
Location: No U-Turn Syndrome Land
Posts: 419
OS: XP Professional, Vista Business
|
Re: 1001 problems with my VAIO
True Sword is a real software, however, it's not a real anti-spyware software.
As stated in Spyware Warrior's website, it produced lots of false positives to force a user to buy its products to remove the "spyware" it detected. In most cases, the files aren't really spyware. What registry entry kept coming back? That would help a lot in what's making True Sword removing MSN Messenger from starting up.
__________________
|
|
|
|
|
06-30-2008, 03:54 AM
|
#5 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 13
OS: xp sp 2
|
Re: 1001 problems with my VAIO
Now I am really keen on finding out whether or not true sword is lying or not in my case, as my msn problem persists even after a full system reinstalation. But first, the registry key that kept coming back is a different case. The key name is:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains and it includes lots of names and all of them finish with .com The names are pretty much advertising stuff and sometimes even porn. True Sword always finds trojans and other stuff in there, I always remove the whole domains folder but it always comes back usually once a week. And then true sword finds even more stuff in there. No other scanner picks that so i am seriously starting to have doubts. But then again, why does the key keep coming back??? Anyways, the msn problem: True Sword says: Known worm win32.worm.netsky in start up Like i mentioned I had this problem before the reinstallation and now, after it i still get that worm. When i reinstalled Windows Live messanger (msn) i downloaded a new setup from their website, so it's not like i used the same (possibly infected) set up. if i delete that netsky worm, msn gets removed from the startup. any ideas anyone??? |
|
|
|
|
06-30-2008, 06:31 AM
|
#6 (permalink) | |
|
Analyst, Security Team
Join Date: Jun 2006
Location: No U-Turn Syndrome Land
Posts: 419
OS: XP Professional, Vista Business
|
Re: 1001 problems with my VAIO
I will get True Sword re-tested and let you know.
Quote:
Please open Internet Explorer. Click on Tools > Internet Options. Select the Security tab. Click on Restricted Sites and click on the Sites button. Can you give a sample of the sites listed there? Please untick this box under Additional Options before clicking on Submit Reply - Automatically parse links in text. This is to prevent anyone from accidentally clicking on the links and getting themselves infected. 
__________________
|
|
|
|
|
|
06-30-2008, 06:40 AM
|
#7 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 13
OS: xp sp 2
|
Re: 1001 problems with my VAIO
Thanks for checking true sword for me.
Here are some of the site examples: *.007guard.com *.1800searchonline.com www.180solution.com and thats the exact same **** i would find in the domains folder |
|
|
|
|
06-30-2008, 06:53 AM
|
#8 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2006
Location: No U-Turn Syndrome Land
Posts: 419
OS: XP Professional, Vista Business
|
Re: 1001 problems with my VAIO
Looks like it may be a false positive from True Sword.
Those sites are in Restricted Zone. Restricted Zone in Internet Explorer has the highest security settings. Nearly nothing can run there. A little explanation - http://www.mvps.org/winhelp2002/restricted.htm
__________________
|
|
|
|
|
06-30-2008, 06:58 AM
|
#9 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 13
OS: xp sp 2
|
Re: 1001 problems with my VAIO
that's good news then. HOWEVER these names actually physically exist in that folder. and it's got nothing to do with true sword, as i can view them by going to regedit. Are they harmful to my computer by just being there?
|
|
|
|
|
06-30-2008, 07:04 AM
|
#10 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2006
Location: No U-Turn Syndrome Land
Posts: 419
OS: XP Professional, Vista Business
|
Re: 1001 problems with my VAIO
Nope, they are not harmful.
By being in the Restricted Zone, it helps to protect your computer.
__________________
|
|
|
|
|
06-30-2008, 07:07 AM
|
#11 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 13
OS: xp sp 2
|
Re: 1001 problems with my VAIO
so can i actually expose my laptop to danger by removing them from the domains folder? i mean, do they have to be in that folder in order for my computer to be immunised against them? any thoughts on that other issue with msn? thanks heaps for your healp, really appreciated
|
|
|
|
|
06-30-2008, 07:14 AM
|
#12 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2006
Location: No U-Turn Syndrome Land
Posts: 419
OS: XP Professional, Vista Business
|
Re: 1001 problems with my VAIO
Yes, you can actually infect your computer if you accidentally visit one of these sites.
If they are not in the Restricted Zone, Internet Explorer, by default, will run these malicious programs. They are one form of immunization. To be better protected, I recommend installing a HOSTS file instead. http://www.mvps.org/winhelp2002/hosts.htm When installing the HOSTS file, be sure to turn off the DNS Client service. It can slow down a computer a lot. http://www.mvps.org/winhelp2002/DnsManual.bat - This file will change the DNS Client service startup type to Manual. http://www.mvps.org/winhelp2002/DnsDisabled.bat - This file will disable the DNS Client service. If this is a personal computer, you can safely disable the DNS Client service. If this computer connects to a company or school's network, you will need to consult with your company or school's technicians before disabling it.
__________________
|
|
|
|
|
| Thread Tools | |
|
|
