Semi-Urgent Computer Help Found!

Last night while aimlessly wandering the Internet looking for nothing much in particular, I must have stumbled past one of those script-kiddie sites, or something similar. No idea when or where, and I only discovered something was amiss today when I fired up IE6 and was directed to some spyware-infested search/index/banner-farm thing. I`ve met these before and didn`t worry about it - something probably just switched my homepage settings. But, on trying to change it back to my usual blank page, I found that the IE settings panel had been disabled, throwing up some warning about "this operation has been cancelled due to restrictions enabled on this computer". WTF?!! I then go to the Control Panel and launch the internet settings from there, and find the home-page controls all greyed out so I can`t change them either. Only by manually editing the registry could I remove this nasty page.

Running Spybot and Ad-Aware only found Alexa-related components and one tracking cookie which were removed. AVG and Trend Micro Housecall havn`t found anything viral. I ran the IE "auto repair" which didn`t do anything. I tried reverting back to the previous install of IE and then reinstalling IE6, which also did nothing.

Now IE is running very slowly, there would seem to be some kind of keylogger in place cos everything I type takes ages to show up. I`m reluctant to do much of anything until I get this crap off my machine, whatever it is. So I`m turning to you guys for help.

Please - does anyone know what I might have picked up? Does anyone know how I can get rid of it? I did do a full backup not so long ago so formatting is a resort, even if just a last one. I`d prefer not to do that though.

I would say I`m a reasonably knowledgeable home user but not an expert. I`ve tried looking for nasties in the registry but just don`t know my way round there well enough, and I don`t want to try deleting things from the system folders either.

Please help! /ubbthreads/images/graemlins/icon15.gif

Suffice to say I`m not entering any passwords, credit card details or other sensitive information until I`m sure this serious problem has been dealt with.

Many thanks in advance!

/ubbthreads/images/graemlins/mad.gif /ubbthreads/images/graemlins/ooo.gif /ubbthreads/images/graemlins/frown.gif /ubbthreads/images/graemlins/confused.gif

Re: Semi-Urgent Computer Help Sought!

What operating system are you running...w95, w98, w98se, w2k, xp?

Anyhow, try this possibility.

Let us know if this helps.

Re: Semi-Urgent Computer Help Sought!

Is your Ad-Aware current?

Re: Semi-Urgent Computer Help Sought!

Sorry, I should have said - Win98SE. Mike - thanks! You solved the cause of the one part. I remember seeing that setting now and it has been a while since I had to restore IE`s blank start page. I also rembered having X-Setup installed just now, so used that to restore control over the homepage. *That* part is back to normal now /ubbthreads/images/graemlins/grin.gif

Roy - now that you mention it, I don`t think I`ve updated it since I first downloaded it. Spybot has an "update" button but Adaware doesn`t. I guess the updates are avaliable on their web site? I`ll go have a look right now. Text is still taing a long time to show up, accompanied by an unnerving amount of disk activity. So there`s still something here.

I`ll be back later.

/ubbthreads/images/graemlins/ooo.gif

Re: Semi-Urgent Computer Help Sought!

When was the last time you booted your computer up?

Re: Semi-Urgent Computer Help Sought!

Chris M,

Ok, now it's time to see what's running at startup on your Win98SE machine. There are a couple of ways to do this.....lets go this route.
1)Click on your Start button.
2)Scroll up and click on Run.
3)At the runline type "msconfig" (without the quotes).
4)Hit your enter key.
5)At the top of this new window click on Startup.

msconfig screen shots

You will see a bunch of items, some you need...some you don't. Some could have been put there without your knowledge and that you may not want. Here are a couple of links to help you decide what's good, bad and ugly.

link #1

link #2


Link #2 is more complete and may take a few minutes to load depending on your connection speed...so be patient.

Or.....you can throw more software at it.

This next link is the actual down load for Startup Cop zipped. It's off my webpage, it's a clean file. But always no matter where you get a file from...scan it for viruses before opening it.
Startup Cop

or...

Startup Control Panel

Re: Semi-Urgent Computer Help Sought!

OK, I updated Ad-aware and I`m glad I did so thanks for reminding me Roy /ubbthreads/images/graemlins/grin.gif . Didn`t know it was up to V6 already - I was running the old V5! And........it found four more data miner cookies and most importantly a "CSS Hijack" Malware registry entry which seems to be the thing that was slowing everything down. Removed it, restarted IE, and now what I type shows up right away. The disc activity is back to normal (which is still more than it used to be cos ever since the Blaster worm and that other one that counter-attacked it, I`ve been pummeled by ICMP pings that ZoneAlarm blocks every time).

I`ve rebooted the system about a half dozen times tonight, what with the IE downgrading/upgrading.fixing, and applying every last MS Update patch I could find (gotta check Windoze Update more often!) /ubbthreads/images/graemlins/rolleyes.gif . I know what you mean though - once upon a time my old P100 computer was in such a sorry state that it would frequently hang on startup so I left it on for what must have been 3 months without restarting. Given the fact that it had Windows 98 First Edition on, it was pretty good going that it lasted that long without falling over. At the end of that time it was so slow it was like trying to type in molasses in the winter time, or something like that! Took a half hour to update the system settings when I finally did reboot it. What a state that old thing was in....

Mike - thanks for those links, they were very interesting and useful. I checked MSConfig and found no nasties, plus turned off a couple of useless things too. Anything to get this old former-supermarket-checkout-terminal to boot faster! The long page came up just fine, I`m on 600K cable here.

Well, looks like everything`s back to normal and may just be a little better too. Many thanks for your help!

And the moral of the story is - never use AltaVista Web Search cos you never know what you might wander into. Oh,and keep your antivirus and Spyware programs up to date!

Now on to catching up on the day`s activity at CPF....

/ubbthreads/images/graemlins/grin.gif /ubbthreads/images/graemlins/grin.gif /ubbthreads/images/graemlins/grin.gif

Re: Semi-Urgent Computer Help Sought!

Chris M. and Roy and yam -

Well, I wanted to let you know how much this helped me.

Ding Dong was over here on Ad-aware 4.6. Last week I upgraded to NAV 2004. It was finding all these "Brilliant somethin somethins". It wouldn't delete them though. It gave me instructions on how to find them in my registry and make sure I was deleting the correct ones. I just Ran Ad-aware v6.181 and it not only found them and others but zapped them all! Dern, that makes me happy.

"Anything to get this old former-supermarket-checkout-terminal to boot faster!"

Why do I think you may not be kidding?

BTW I sure like watching a good fix like Chris M.'s. Way to go fellers.

Re: Semi-Urgent Computer Help Sought!

[ QUOTE ]
Chris M. said:
OK, I updated Ad-aware and I`m glad I did so thanks for reminding me Roy /ubbthreads/images/graemlins/grin.gif . Didn`t know it was up to V6 already - I was running the old V5!

[/ QUOTE ]

Don't forget that you need to update the reference file periodically, too. Each time you run Ad-Aware, first click on the "check for updates" button. Just as antivirus software needs updates of virus definitions, Ad-Aware needs updates of spyware definitions.

Re: Semi-Urgent Computer Help Sought!

<font color="800080">Why do I think you may not be kidding?</font>

It`s an IBM PC300GL, probably about 4-5 years old. There`s a PC-World store in this town that has them driving the checkouts and I`ve seen one or two now and then in department stores too. I bought it on Ebay as a refurbished unit done up for home use, cos I couldn`t afford a proper new one at the time and the old one was in such a sad state as previously mentioned. It actually performs really well for what I need it for. Upgraded the Ram to 160Mb and stuck an old but reasonable ATI graphics card in there cos I couldn`t find a driver for the onboard one. And it now has nifty blue LEDs in the case now too! It`ll do for a little while longer i`m sure.


<font color="800080">Don't forget that you need to update the reference file periodically, too.</font>

Of course - will do! Adaware 5 didn`t have a "check for updates" button that I could find, but 6 does so it`ll become a regular thing to check before scanning. Upgraded it on the machine at work too and it found a few things that had been missed previously.


/ubbthreads/images/graemlins/grin.gif /ubbthreads/images/graemlins/thumbsup.gif

Re: Semi-Urgent Computer Help Sought!

actually, your standard IBM checkout terminal IS an intel machine. It's got a custom motherboard and I think a microchannel interface vs ISA or PCI so you can't put regular cards in it.

What you normally see in stores will be running an operating system called "4690" (typical IBM naming scheme huh?) but they can also run OS/2 and now I believe that IBM has a linux kernel running on them but I'm not sure about that as I'm out of the industry now.

I used to program those for a living years and years ago. What fun!

Re: Semi-Urgent Computer Help Sought!

TweakXP forum

This seems like it may be somewhat related-