The Broadband Guide
SG
search advanced

It Figures - The need for a firewall

2001-02-01 (updated: 2014-08-17) by

My day off. I'm messing with my computer, tweaking my Cable connection to the max, upgrading my software, and so on. Well, I was updating my MS Office 2000 when something very interesting and alarming happened. I got to the installation of the Office update, when Office Update informed me that there were some Programs running. ATITv Player (I was watching some TV too,) and RegLoad. Well, I have seen Regload.exe before, when I looked in MSConfig to turn some startup programs off. But what is Regload.exe, you may ask, well I wanted to know. So I did a search on my Computer for regload. I came up with 3 hits. 1)Regload.exe 2)Regload.hlp and 3)Regload.lgc. My curiosity has gotten the better of me I was thinking at this point. I almost dismissed it as a part of Windows 98. Boy was I wrong. Well I right clicked on Regload.exe and chose properties.

Here's what I found:

Comments: Registry Loading device.
Company Name: Microsoft Corporation
Internal Name: Key Phr33k

Wait a second, what in the world is that? Not being a computer idiot, I know what phreaking is, but what is a phreak proggie doing on my computer? Well the name kind of gives it away. It copies all my keystrokes into a file. But what file? Then I clicked on Regload.hlp.

*ding*

" The Regload.hlp file is not a valid help file, or is corrupted."

Really, then what is taking up One Meg of disk space??? That's where Right click , Open With comes into play. Well well well, I opened it with WordPad and boy was I surprised. Everything I had typed on my keyboard from 12/16/99 to 9/9/00 was staring me in the face. Oh my God. Everything, passwords, bank accounts, credit card info, social security number, EVERYTHING, was in this file. It was only recently that I started using a firewall to block access to and from my computer. It kind of explains why my Active Light on my Cable Modem has been flashing randomly. Time to put a Stop to this garbage. I immediately stopped Regload from running, deleted all the Regload files, opened the registry, did a search for all Regload instances, deleted them all. Made sure there were no entries in MSConfig that tried to load Regload. I probably have successfully deleted all references, but now I'm paranoid. I'm going to format C: and reload Windows.

This is to inform everybody of the dangers of the Internet. It is a warning, don't let it happen to you. I may never know where my keystrokes are or what they are being used for, but it can't be good. Get a firewall, secure your computer. We may never stop this from happening, but a least we can slow it down a little.

Thanks for your time,

C.G.

  User Reviews/Comments:
    rate:
   avg:
by websr3 - 2007-04-13 08:53
Sounds like you had some sort of back door Trojan that you could have downloaded at a site, or with no firewall you were invaded from hits to your computer. Best thing was installing a firewall. I use ZoneAlarm I believe it is the best free firewall out there. Also a antivirus program that can detect Trojan's. I also use Windows Defender, so far the past few years I have been lucky (knock on wood).
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About