Re: Databaseben, I need to talk to you again, please

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Here's a couple of things to ponder:
1) Configure it properly so as not to do anything without permission,
or
2) UNINSTALL RealPlayer.

If you need to have a player to view Real file format files, uninstall RealPlayer and try RealAlternative:
http://www.free-codecs.com/download/Real_Alternative.htm

Another option is to replace it with RealPlayer Enterprise, a version of RealPlayer designed for corporate use, where their background processes and advertisments are not permitted:
http://forms.real.com/rnforms/products/tools/red/index.html

Fill out the form, use any company name you like ("Black Hills Mountain Women" sounds good to me), and submit, then download when you get the link for it, AFTER uninstalling the current version of RealPlayer.
--
Glen Ventura, MS MVP Shell/User, A+
http://dts-l.org/
http://dts-l.org/goodpost.htm


"MtnLadyinBlackHills1986" <MtnLadyinBlackHills1986@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:949F4EA3-56DF-4E21-9F31-C1921AFFF3C9@xxxxxxxxxxxxxxxx
Just a quick note... A surprise development (for me, anyway!). Earlier when
I had changed msconfig, I left without rebooting. I reactivated the ISP's
Internet tool and bingo! Up jumped a Real Player pop-up about some music
artist. I looked at msconfig and the Real Player command was still disabled.
Now where did that pop-up come from?

More for you to ponder, DatabaseBen.

Sue

"MtnLadyinBlackHills1986" wrote:

First, I'd like to thank everyone for being so understanding when I sent my
distress message that too many people were trying to help and I was
hopelessly confused. Wouldn't it be a nice world if everyone could be that
way in all walks of life?

Anyway, DatabaseBen, I actually do have some good news to tell you. We do
indeed have dial-up, and our ISP offered a package of Internet tools which
included an "Internet Accelerator" (as they called it). And as I look at the
icon in my toolbar, it appears to be shut off. So I think it is safe, and I
will just reactivate that one item.

BTW, you mentioned earlier about cutting down my start menu. Well,
surprise, I did find out about that awhile back. I have de-activated
everything that I don't think is necessary. The one that does bother me is
one called (Startup Item) realsched (Command) "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot

I have checked and every time I turn on the computer (even if I'm not using
Real Player), this comes up, even though I disabled it the time before. None
of the other start-up commands I disabled do that. I believe it was Nass who
suggested it might be an advertiser on Real Player. The fact that it keeps
reactivating itself seems suspicious to me. What do you think? Is there a
way to permanently disable that command?

Can I dare hope that there might be a "light at the end of the tunnel"?
I've got to get off and leave for a little while, but I will definitely be
back to see what you have to say!

Thanks again, DatabaseBen (I assume your name is Ben?)

Sue

"DatabaseBen" wrote:

> thats great!
>
> youre doing really good at
> figuring out some of these things.
>
> i looked up that proxyconn service
> your mentioned. It is designed to boost
> your internet speed.
>
> The question is was it provided to you
> by your internet service provider or
> you downloaded it manually or
> you clicked an ok button somewhere and it
> was automaticallyinstalled with another software.
>
> If it was provided by your internet service
> provider than it is likely to be safe and may
> even be required-depending on your service.
>
> But if it wasn't provided by your ISP
> and it came from some internet site
> as somekind of freeware it may
> not be safe.
>
> There are different methods to boost internet
> speed.
>
> But what this particular program is likely do is
> to download and store your favorite webpages
> onto your harddrive automatically and without your
> knowledge.
>
> It would do this so that when you visit a site,
> that webpage would pop up on your screen "instantly"
> since it has been stored on your harddrive.
>
> The fact that webpages are being downloaded onto your harddrive
> automatically is a problem that could become serious because
> you have no control over it,.
>
> Your not given the opportunity to decide
> what you want or don't want stored on your pc .
> And there are malicious webpages that are designed
> to pop up 100's of other webpages, like those porn sites.
> Who knows, webpages with unlawful pics could
> secretly get stored on your pc and you would never know
> because of these so -called web accelerators.
>
> without going into too much detail take
> a look at the source of this proxyconn software and
> uninstall it if it was not provided to you by
> your internet service provider.
>
> If you have DSL you really
> don't need it.
>
> But if you still use regular
> internet, it may be required for you to use by
> your ISP as some kind of turbo charger between
> your modem and their servers.
>
> Let me know....
>
>
> "MtnLadyinBlackHills1986"
> <MtnLadyinBlackHills1986@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:643E7C34-7770-4F38-B4EE-9E5DFD2A6A8C@xxxxxxxxxxxxxxxx
> > Doggone it! Right after I sent the last message, I found that the
> > unknown
> > "toolbar" I told you about is actually a Browser Helper Object. Just
> > wanted
> > you to know that, as it might make a difference.
> >
> > "DatabaseBen" wrote:
> >
> >> hey there mtnlady,
> >>
> >> don't be scarred about this, it isn't as bad
> >> as you think. There are trojans that are not
> >> evil, instead they act in a way to obtain
> >> statistics from the people who use there
> >> "freeware". They are designed to work
> >> in the background and silently thus they
> >> are looked upon as trojans by some software,
> >> including software companies that are competing
> >> against each other.
> >>
> >> It might be that you are in a funny situation,
> >> whereas your antiviral that discovered the
> >> toolbar is a direct competition with the
> >> maker of the toolbar.
> >>
> >> The statistics they get from your
> >> activity and the millions of others
> >> via its toolbar can help
> >> improve there services and or
> >> get money from marketing companies.
> >>
> >> "And" if you really "read" the fine print
> >> of those end user license agreements,
> >> there will be an itty bitty line stating something
> >> like "by using this free software you agree
> >> to share information about your usage with us...."
> >>
> >> I think an easy way to fix this is simply
> >> is to restore your computer to the date
> >> when we got you back up and running
> >> a few months ago.
> >>
> >> Or figure out what program you
> >> installed that subsequently may
> >> have asked you if you wanted to use
> >> a toolbar and said ok so you can
> >> unintall it.
> >>
> >> If you are not sure, you can
> >> open you ie browser, go
> >> to managing addins and disable
> >> any toolbars. You don't need
> >> any extra toolbars added to your system.
> >>
> >> If you like the ie browser from microsoft
> >> download the new version released a few
> >> days ago and be sure to say yes
> >> to protecting you with anti phising
> >> technology.
> >>
> >> I think you'll be ok and I don't
> >> think you will have any problems.
> >> But its a good thing that you had
> >> a place like this to find
> >> earnest people who want
> >> to help and get you through this,
> >> However this is a positive opinion for you,
> >> but I have others as well.
> >>
> >> Incidently, i know you have found
> >> and use some anti viruls already. But I would
> >> like for you to know that out of
> >> many years of trying out "and paying"
> >> for anitviruls, I discovered that using
> >> the "spywareterminator" with the
> >> "clam anitvirus addin" and the "defender"
> >> from microsoft to be an excellent
> >> combination and reliable too.
> >>
> >> take a look at these next time
> >> you are unsure about the ones
> >> you have now....
> >>
> >>
> >> "MtnLadyinBlackHills1986"
> >> <MtnLadyinBlackHills1986@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> >> news:8E6944D7-93C9-4BAE-9E69-9C020EEAA459@xxxxxxxxxxxxxxxx
> >> > Hi again, Databaseben. OMG, what have I gotten myself into this time?
> >> >
> >> > Did you read the answer to my original question, that was posted by
> >> > "Glee"?
> >> > If not, could you read it? I'm such a novice, I don't know if I
> >> > understand
> >> > what he/she is trying to tell me.
> >> >
> >> > I did read the article you linked to me, and it was really scary. What
> >> > is
> >> > more scary is thinking I might still have a Trojan Horse on my system!
> >> > I
> >> > rercently ran all the security software I have - Ad-Aware SE, Webroot
> >> > Spy
> >> > Sweeper, and Norton Anti-Virus scans. I also ran Norton's One-Button
> >> > Checker, Windows Doctor, Disk Doctor and Check Disk. I have also added
> >> > all
> >> > of the October Windows Security Updates to my system. And everything
> >> > (except
> >> > the code I sent you) checked out fine.
> >> >
> >> > I have not added any toolbars in a very long time. The only thing I
> >> > can
> >> > think of that I've done differently is that I switched to Real Player
> >> > from
> >> > Windows Media Player. I have a large bunch of commercial music CD's
> >> > that
> >> > I
> >> > wanted to put in a library in case a disk got damaged. When I did it
> >> > with
> >> > WMP, I found that none of the song titles, artist, album name or genre
> >> > came
> >> > through, just track numbers. Not wanting the very long, tedious job of
> >> > typing all this in manually, I tried Real Player, which worked fine. I
> >> > was
> >> > connected to the Internet at the time to get the CD information. Could
> >> > Real
> >> > Player be the cause of a Trojan? I thought they were reputable. I
> >> > never
> >> > did
> >> > get a toolbar from them...
> >> >
> >> > Please help! I need to know how to find and get rid of this Trojan if
> >> > all
> >> > I've done above security-wise didn't find it. I've tried so hard to
> >> > avoid
> >> > all the "pitfalls" of these Internet Monsters. I'm about ready to have
> >> > the
> >> > Internet taken off my computer - I just don't know if it's worth the
> >> > dangers
> >> > out there.
> >> >
> >> > Thanks, Databaseben, for your interest and for any help you can give
> >> > me....
> >> >
> >> > "DatabaseBen" wrote:
> >> >
> >> >> hey mtnlady,
> >> >> here is an article of what i
> >> >> mentioned to you earlier...
> >> >>
> >> >> http://www.eweek.com/article2/0,1759,2034680,00.asp?kc=EWRSS03119TX1K0000594
> >> >>
> >> >> but it isnt a new concept, just recently
> >> >> made newsworthy to the uninformed..
> >> >>
> >> >>
> >> >> "DatabaseBen" <databaseben@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> >> >> news:uKwd9GV9GHA.1252@xxxxxxxxxxxxxxxxxxxxxxx
> >> >> > hello mtnlady,
> >> >> > yeh found the other posting with
> >> >> > your discovery.
> >> >> >
> >> >> > i'm very interested with your analysis
> >> >> > and will take a look into it.
> >> >> >
> >> >> > but, lets not be hasty in considering
> >> >> > that the ntregopt is the perpetrator of
> >> >> > a trojan. i checked that website and
> >> >> > followed that link to the home page at
> >> >> > http://www.larshederer.homepage.t-online.de/erunt/index.htm
> >> >> > and when the file sizes are compared they are both 472kb.
> >> >> > Then when i clicked to download a copy from majorgeek
> >> >> > the file size was also 472. (Of course i already had
> >> >> > a copy for a long time, but wanted to double check
> >> >> > out the download.)
> >> >> >
> >> >> > This is important to know, because if the file
> >> >> > size was bigger or smaller than the original file
> >> >> > found at http://www.larshederer.homepage.t-online.de/erunt/index.htm
> >> >> > then we know the code was rewrittened.
> >> >> >
> >> >> > now a days, there are softwares that
> >> >> > pretend to have discovered something
> >> >> > bad, but they are the cause of
> >> >> > the infiltration. But trojans can also
> >> >> > be snucked onto your system, with
> >> >> > music, videos and lots of other ways.
> >> >> >
> >> >> > remember that a trojan by design hides
> >> >> > malacious code but figuring out
> >> >> > how it got on your system and where
> >> >> > that file is located is the question.
> >> >> > you disovered the malacious code but
> >> >> > the trojan imay still on your system and
> >> >> > hiding until the time is right to unleash
> >> >> > the malware....
> >> >> >
> >> >> > Have you downloaded or allowed somekind
> >> >> > of toolbars to be installed recently?
> >> >> >
> >> >> > Just to top of my head

.

Quantcast