Hello Everyone! I searched this forum and so far nothing has helped. I have ran Ad Aware, Spybot, CWShredder, AVG, and HiJackThis-which all programs have been updated. I have been on Computer Cops website and tried to follow the instructions given my Mosiac1, but the download tool for killmsg.118 is no longer available. I have also downloaded Killbox, but I am sure how to use it. If there is anybody that could help I would really appreciate it. Also, Is there anybody that knows about Killbox? I have also tried finding the related files to these annoying viruses, but none of them come up. If anyone needs my latest HijackThis file please let me know.

Thank you,
Casinowoman

OOPS!! On above post I meant to say I am Not sure on how to use Killbox.

Thank you,
Casinowoman

This is a fix for Zestyfind that I have from another forum, use at your own risk or course. Reference for Look2Me is below.

Thresher
__________________________________

with due respect to these fixes which make a lot of sense, you may if you wish try this out also:
first priority is to get a good anti-virus, either a good free one like avg, or a good payware anti-virus such as nod32
you might have the adware spyware Alchemy & browser hijacker Zestyfind.
get your latest virus defs, go to safe mode.
next:
Click Start, and then click Run.
Type regedit
Then click OK.
Navigate to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
In the right pane, delete the value that refers to the file detected as Alchemy and Zestyfind etc.
you will have to right click on these values
For example right click on the value: "Alchem"="C:\Windows\System\Alchem.exe" and a box will pop up click on delete.
Exit the Registry Editor.
next:
run your anti-virus, adaware, and spybot etc.
delete any file that you av comes up with, same with adaware, spybot etc.
clean your temp. internet files, temp files, history files, and cookies. do a search for the files that showed up in your in your task list and delete them from there.

also to see if zestyfind is still in your computer, go to tools, internet options, in the temporary internet section, click on the settings button, next a box will open up click on view objects. right click on each entry you find there, a box will open up hit the properties button, it should tell you the name of the company that puts out the active x control, or browser helper, make note of it, go to google and do a search, if it turns out negative, go back and click on remove
empty your recycle bin.
reboot your computer.
__________________________

Look2Me

http://www.pchell.com/support/look2me.shtml

Thresher,
Thank you so much for your advice. While waiting for reply I was finally able to download the Look2Me uninstaller which in order to do so I had to lower my security in Internet options. So for it has seemed to work. I am now going to carefully follow your instrustions for the ZestyFind problem. I will post back with results. Thank you again for taking the time to help me.

Thank you,
Casinowoman

Ok, but just in case you are a lawyer, the disclaimer: they are not my instructions, as stated, I got them from another forum some time ago, and I do not know if they will help you or not. Your Pc might turn into a giant broccoli for all I know...no butter sauce....

BTW, after all this is passed do yourself a favor and do a good general clean up, right?

Expose your hidden files and dump your TIF, cookies, %TEMP, and recycle bin.

Run disk clean-up, scan disk, and defrag. If the scan disk does not go through, ctrl-alt-delete and end task on everything except explorer and systray, then go back to scan disk, etc.

Make sure you are updated on everything--IE, Outlook (settings will affect IE even if you are not using Outlook), Windows 98, AV.

If you are not using a firewall, I use this one, free, simple and effective:

Sygate firewall:

http://smb.sygate.com/products/spf_standard.htm

Download spybot and adaware, update and run spybot an adaware every 3 days or so.

Spybot:

Download and Read the SpyBot tutorial here:

http://s89223352.onlinehome.us/mirror/spybot/index1.php

Download it, Unzip the program, and immediately check for updates, install the updates and then do the scan.

Let it fix everything marked in red. Reboot but not with restart, shut it down for two full minutes. You’ve got two measely minutes and it’s worth it, and let Spybot run if it indicates.

To add an item to your ‘Ignore List” click on the little ‘+’ sign next to the item and left click it to highlight it, then right click it and a menu appears, select the function you want.

When you are done reboot again same way. I shut down for two full minutes.

Also, go to the update page. Notice 3 icons across the top. Between "Search For Updates" and "Download Updates" there is an icon for the download mirror location. After you click on ‘search for updates,’ the one in the middle will change. If it doesn't say "Spybot.US by Rootboxen.net USA" click on the dropbox arrows and click on Rootboxen, and use only that one. If you got a "checksum error" trying to download --that's why.

Ad-Aware:

Download AdAware from http://www.lavasoft.de/

check for updates at "webupdate".

I use these settings (green check)

From main window click "Start" then make sure " Activate in-depth scan" has a green check next to it.

Put a black dot nest to "Use custom scanning options” and click Customize" next to it, then green check these options:
"Scan within archives" ,"Scan active processes", "Scan registry",
"Deep scan registry" ,"Scan my IE Favorites for banned URL"
"Scan my host-files"

At the top of the “STATUS” page notice the Tweak (gear) icon. Click on it.

The first setting is “Scanning Engine.” Click on the little plus sign next to it, and in the drop-down green check "Unload recognized processes during scanning", and “include basic Ad-Aware settings in log file”. Next click on the ‘+’ next to "Cleaning Engine" and in the drop-down green check "Let windows remove files in use at next reboot" and Delete quarantine objects after restoring”

Click "proceed", that will save those settings.

Click "Scan"

When the scan finishes, mark everything for removal and delete it. Right-click the window and choose "select all" from the drop down menu, press ‘next’ and then ‘yes’ to the prompt: “remove all these entries”.

However, if you have certain programs running that will give a false indicator of a browser hijack attempt, such as Script Sentry, which places a monitoring function in the registry and looks like a browser hijacker but is not, then you may want to add that to the ignore list because you want to keep it there to do it’s job. To add an item to the ignore list, put the a cursor on the file it reveals and left click it to highlight it, then right click it and a menu appears. Click on ‘ignore list.’

I use a two minute shut down, and let Adaware run on reboot if it indicates.

I also Use MRU Blaster, Spyware Blaster and Script Sentry. There is so much sleazey sneaky malware out there, you have to stay ahead of it.

Thresher

Thresher,
Don't worry. I am no lawyer-just a simple chef that knows a little about computers. My computer definately didn't turn into a gaint broccoli!! ha ha
As for the results...I didn't find anything about the Alchemy, but I did find Claria, CoolWebSearch, VX2BetterInternet, Winpup32, CWS.Oslogo, and SaveNow. Which are now gone!!! Along with the ZestyFind. I have updated and ran Ad Aware, CWShredder, AVG, and Spybot. Everything comes out clean. I have also cleaned out my cookie files, TIF's, and History Files. I have also updated my Spyware Blaster. PHEW!!! Did I miss anything?!?!! oh yes, I am now on my way to downloading that firewall. Thanks again Thresher. If it hadn't been for your advice I would have driven myself crazy! Big Smiles.

Thank you,
Casinowoman

you're quite welcome, and make sure to keep it all updated and run them every 3 days or so (once a week at longest) on Spybot and Adaware. Sygate just updatted the other day, make sure to subscribe to their newsletter so you get the update notice. Update Windows and IE also...I use the update notifier but I do not let it automatically update me. Here is a tip for downloading:

Downloading Tip:

One other thing I do on downloading is, after you get the download (M$ does not structure its downloads so you can’t do this for some reason on an MS download), after download BEFORE YOU CLICK THE INSTALL ICON, #1. log off the net, #2. disable AV (right click tray icon), #3. then ctrl-alt-delete to close AV in close-program, THEN (and only then) #4. click on the install procedure. Otherwise your AV might read the install as an invader and mess with it. Then manually shut down for two full minutes.

I forgot if I sent it before....

Thresher

Thresher,
I use to get that automatic Update, but I always ignored them. ooops!!! Once again I didn't realize how important that could be. How do I figured out what version of IE do I have? I know that is a really dumb question, but I have learned alot since getting on this website.

Thank you,
Casinowoman

Thresher,
Okay, Scratch my last question. I have figured out that I have IE 6. Thank you though.

Thank you,
Casinowoman