[AccidentalClick]

Actually, my modem is a router as well.

As for WinsockFix, what do you mean by "internet connection settings" and "manual configuration"? Do you mean things like passwords?

Attached Files

•  Magnet.txt   912bytes   93 downloads
•  magnet2.txt   168bytes   89 downloads

Edited by AccidentalClick, 21 July 2008 - 12:17 PM.

[Advertisements]

Go to Start->Run and type in regedit and hit OK. Go to File->Export and save the registry somewhere as a backup. Close the Registry Editor now. Go to Start->Run and type in notepad and hit OK. Then copy and paste the following into Notepad:

REGEDIT4

[-HKEY_CLASSES_ROOT\.magnet]

[HKEY_CLASSES_ROOT\Magnet]
@="URL:Magnet Protocol"
"URL Protocol"=""

[HKEY_CLASSES_ROOT\Magnet\Content Type]
@=""

[HKEY_CLASSES_ROOT\Magnet\DefaultIcon]
@=""

[HKEY_CLASSES_ROOT\Magnet\shell]
@="open"

[HKEY_CLASSES_ROOT\Magnet\shell\open]

[HKEY_CLASSES_ROOT\Magnet\shell\open\command]
@=""

Save the file as "delete.reg". Make sure to save it with the quotes. Close Notepad. Double click on the delete.reg file and choose Yes to merge/add it to the registry. You may delete the file afterwards.

Restart the computer and see if your scanner is still picking anything up.

[greyknight17]

Go to Start->Run and type in regedit and hit OK. Go to File->Export and save the registry somewhere as a backup. Close the Registry Editor now. Go to Start->Run and type in notepad and hit OK. Then copy and paste the following into Notepad:

REGEDIT4

[-HKEY_CLASSES_ROOT\.magnet]

[HKEY_CLASSES_ROOT\Magnet]
@="URL:Magnet Protocol"
"URL Protocol"=""

[HKEY_CLASSES_ROOT\Magnet\Content Type]
@=""

[HKEY_CLASSES_ROOT\Magnet\DefaultIcon]
@=""

[HKEY_CLASSES_ROOT\Magnet\shell]
@="open"

[HKEY_CLASSES_ROOT\Magnet\shell\open]

[HKEY_CLASSES_ROOT\Magnet\shell\open\command]
@=""

Save the file as "delete.reg". Make sure to save it with the quotes. Close Notepad. Double click on the delete.reg file and choose Yes to merge/add it to the registry. You may delete the file afterwards.

Restart the computer and see if your scanner is still picking anything up.

[AccidentalClick]

Done. I'm running the scan now.

Something has happened though. For some reason, my modem's wireless and internet lights are continuously flashing even when I'm not using the internet. And when I am, the internet from this end is extremely slow. Could some program be secretly using my internet connection and downloading stuff onto my computer? Should I post a new HijackThis log in case?

EDIT: Grokster's still there.

Edited by AccidentalClick, 23 July 2008 - 02:15 PM.

[greyknight17]

See if you can find those two magnet entries again in the registry....if so, export them and attach them here.

Confirm that the lights are still flashing by turning off all your computers. If it is, I suggest changing your SSID name and password. You might also want to change you WEP/WPA passwords (which I hope you're using) and enable MAC address filtering. You need to refer to your router's manual on how to do this if you are unsure. This is more for the Networking board if you need more help with it.

If someone is accessing your internet without your knowledge, they can do harmful things to your other computers on the same network. This is especially true if your computers are not password protected properly.

[AccidentalClick]

I can't find any "magnet" entries in the registry at all.

As for the networking thing, I'll get on it.

[greyknight17]

So where is the scanner picking up the Grokster entry now?

[AccidentalClick]

It's actually in the same place. hkey_classes_root \magnet

[greyknight17]

Leave that key alone. Ignore the message found by your scanner. Uninstall Limewire and you should be set to go.

[AccidentalClick]

Well... I never had Limewire. I only had Azureus.

OK, now, regarding a previous question. After running smitRem, I now have to press Control + Alt + Delete before logging in. Why is that?

[greyknight17]

Go to Start->Settings->Control Panel and click on User Accounts. Then click on the option that says Change the way users log on or off. Make sure the Use Welcome Screen option is checked.

[AccidentalClick]

Um, are you sure that's for Vista? I can't find it.

As for Grokster, could there have been another program that could have got it?

[greyknight17]

Sorry about that....forgot you had Vista.

Go to Start->Run and type in control userpasswords2 and hit OK. Then click on Continue if you get a warning message. Go to the Advanced tab and make sure the bottom box there is unchecked so it doesn't require you to hit ctrl+alt+del before you can log in.

[AccidentalClick]

Ah, thanks.

Do you know exactly what the Grokster spyware does though, since we can't seem to get rid of it?

[greyknight17]

I'm wondering if it is Grokster at all now since there is a legitimate magnet key in that location as well. It could just be a false positive. Keep the anti-spyware programs running in real-time and you should be fine.

If you want, run the following registry script also:

Go to Start->Run and type in regedit and hit OK. Go to File->Export and save the registry somewhere as a backup. Close the Registry Editor now. Go to Start->Run and type in notepad and hit OK. Then copy and paste the following into Notepad:

REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.magnet]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Magnet]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Magnet\Content Type]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Magnet\DefaultIcon]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Magnet\shell]

Save the file as "delete.reg". Make sure to save it with the quotes. Close Notepad. Double click on the delete.reg file and choose Yes to merge/add it to the registry. You may delete the file afterwards.

I wouldn't worry about it much.

[AccidentalClick]

Well, OK, then.