Old Nick wrote in news: snipped-for-privacy@4ax.com:
Handy little website here:
If you have things like wzkskrz.exe, gbb.exe, bt.exe, aalkdlk.exe , those are most likely trojans or malware.
Old Nick wrote in news: snipped-for-privacy@4ax.com:
Just be thankful that it wasn't one of those dialer hijackers that place toll calls to places like Guam and Indonesia....you would be looking at a $$$$$$$$$$$$ phone bill too.
Your fire wall, or other software may be looking for an update. Real player will also do this. Check the settings. If it's Real Player, the best solution is to remove the .exe file in the program files\common\real folder (win 9XX).
Steve R.
Click start\run\ enter "msconfig"
Review all your entries both in start up and in the various other files uncheck any you doent want to start or be loaded. Make a list of what/where on paper before doing this. Repair as needed
Gunner
The two highest achievements of the human mind are the twin concepts of "loyalty" and "duty." Whenever these twin concepts fall into disrepute -- get out of there fast! You may possibly save yourself, but it is too late to save that society. It is doomed. " Lazarus Long
On Thu, 04 Mar 2004 08:46:02 +0800, Old Nick vaguely proposed a theory ......and in reply I say!:
hmmm...nasty little beast. Neither SpyBot nor Ad-Aware picked it up.
Bum! I was going to send them a real blast via a fake email address.
I renamed any files named "powerr*" and checked the Registry.
It's under Leadertech. Again found by "powerr"
**************************************************** sorry.........no I'm not! remove ns from my header address to reply via email
Spike....Spike? Hello?
On Wed, 3 Mar 2004 18:24:15 -0600, "Paul K. Dickman" vaguely proposed a theory ......and in reply I say!:
See my latest post. I think I found it. IT's a known wanker...err...phoner.
**************************************************** sorry.........no I'm not! remove ns from my header address to reply via email
Spike....Spike? Hello?
On Thu, 04 Mar 2004 01:16:38 GMT, Anthony vaguely proposed a theory ......and in reply I say!: Why would anyone _do_ that?
Ah! I remember something about then using the call?
**************************************************** sorry.........no I'm not! remove ns from my header address to reply via email
Spike....Spike? Hello?
On Wed, 3 Mar 2004 17:43:32 -0800, "Udie" vaguely proposed a theory ......and in reply I say!:
I think I found it. It's a known dialler.
**************************************************** sorry.........no I'm not! remove ns from my header address to reply via email
Spike....Spike? Hello?
But first be sure to disable the System Restore feature (if your version of Window has it), otherwise even deleted virii, worms, and bots will be restored.
-Carl
Use sysdiff.exe from the resource kit
Mark Rand RTFM
Thanks, Mark and Steve.
No Resource Kit was available for WinXP Pro and I didn't want to buy the NT kit or a special editor.
I ended up exporting various registry backup files to my Linux machine and used 'diff -a ' at the command line.
It was educational and reassuring.
I appreciate the help.
--Winston
PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.