News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About
The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot your password?

It Figures - The need for a firewall

2001.02.01 01:29 by C.G.


My day off. I'm messing with my computer, tweaking my Cable connection to the max, upgrading my software, and so on. Well, I was updating my MS Office 2000 when something very interesting and alarming happened. I got to the installation of the Office update, when Office Update informed me that there were some Programs running. ATITv Player (I was watching some TV too,) and RegLoad. Well, I have seen Regload.exe before, when I looked in MSConfig to turn some startup programs off. But what is Regload.exe, you may ask, well I wanted to know. So I did a search on my Computer for regload. I came up with 3 hits. 1)Regload.exe 2)Regload.hlp and 3)Regload.lgc. My curiosity has gotten the better of me I was thinking at this point. I almost dismissed it as a part of Windows 98. Boy was I wrong. Well I right clicked on Regload.exe and chose properties.
Here's what I found:

Comments: Registry Loading device.
Company Name: Microsoft Corporation
Internal Name: Key Phr33k

Wait a second, what in the world is that? Not being a computer idiot, I know what phreaking is, but what is a phreak proggie doing on my computer? Well the name kind of gives it away. It copies all my keystrokes into a file. But what file? Then I clicked on Regload.hlp.

*ding*

" The Regload.hlp file is not a valid help file, or is corrupted." Really, then what is taking up One Meg of disk space??? That's where Right click , Open With comes into play. Well well well, I opened it with WordPad and boy was I surprised. Everything I had typed on my keyboard from 12/16/99 to 9/9/00 was staring me in the face. Oh my God. Everything, passwords, bank accounts, credit card info, social security number, EVERYTHING, was in this file. It was only recently that I started using a firewall to block access to and from my computer. It kind of explains why my Active Light on my Cable Modem has been flashing randomly. Time to put a Stop to this garbage. I immediately stopped Regload from running, deleted all the Regload files, opened the registry, did a search for all Regload instances, deleted them all. Made sure there were no entries in MSConfig that tried to load Regload. I probably have successfully deleted all references, but now I'm paranoid. I'm going to format C: and reload Windows.

This is to inform everybody of the dangers of the Internet. It is a warning, don't let it happen to you. I may never know where my keystrokes are or what they are being used for, but it can't be good. Get a firewall, secure your computer. We may never stop this from happening, but a least we can slow it down a little.

Thanks for your time,

C.G.

  User Reviews/Comments:
    rate:
   avg:
by websr3 - 2007.04.13 08:53
Sounds like you had some sort of back door Trojan that you could have downloaded at a site, or with no firewall you were invaded from hits to your computer. Best thing was installing a firewall. I use ZoneAlarm I believe it is the best free firewall out there. Also a antivirus program that can detect Trojan's. I also use Windows Defender, so far the past few years I have been lucky (knock on wood).
comment print discuss top

exec. time: 0.01517 s
Copyright © 1998-2014 Speed Guide, Inc. All rights reserved.
Terms of Use | Privacy Policy