--- Report generated: 2003-04-15 13:55 --- Gator: Global settings (Registry key, fixed) HKEY_LOCAL_MACHINE\Software\Gator.com Gator: Hidden identity (Registry key, fixed) HKEY_CLASSES_ROOT\CLSID\{21FFB6C0-0DA1-11D5-A9D5-00500413153C} Radiate: Global settings (Registry key, fixed) HKEY_LOCAL_MACHINE\Software\Radiate i install new zap maxed out stealth and ad blocking and setings where nothing allowed to have server acess but fire wall kept going off used port explorer to see what it was said something had conected other then my juno and normal stuff i did a search with spybot and i found gator dont know where it came from but it was there i c;eand it out with spy bot reconected to the internet and yup no more wyrd conection heres the thing does gator now by pass zap?
The key question is what program was Gator using to connect out through ZAP? There are pieces of gator that run as dlls within IE, I believe, but, there are also separate programs. (I'm not a spyware expert. ) What was ZAP telling you exactly, what message? What programs do you have listed in the ZAP > Program Control > Programs listing? Any Gator/Gain references? What program did Port Explorer flag as making the connections? See this page for a little on Gator and ZAP: http://www.alanluber.com/pcfearfactor/officiagatorpage.htm ZAP is not meant to stop malware from coming in. It's not scanning the data stream for good and bad content (such as virus or spyware "signatures"). The ZAP Privacy settings allow you on a global, or site by site basis, to allow or block mobile code, cookies and Ads. But, if you allow a site through (so you can run pages off the site with Javascript, Java or ActiveX), then you've allowed whatever they want to do to come into your system, too. Once on your system, from there it becomes a test to see if you can see it going outbound... If it was a new program trying to connect outbound, there would have been a ZAP pop-up asking you to approve it. If you did, then that is a problem, of course. >> "but fire wall kept going off..." It seems like you noticed something. Was it an alert or ZAP pop-up message?
will i dont know what it was but it totaly gone now spybot killed it and zap didnt flag it as a program trying to connect to the internet shouldny had it said something it was under zap radar but looks like not port explorer oh well it gone now but zone alarm should take a look to see if gator made something nastyer that bypass firewalls
Well, if it wasn't a separate program, then ZAP's normal program alerts would not have flagged it anyway. I'm not sure if you've looked at the Program Control > Main screen yet. There's a slider setting there called Program Control. It's at Medium normally after a fresh install of ZA+/ZAP. They recommend you keep it there until you've used all your normal programs so that it can map all the DLLs that those programs use... But, once you slide that to High, from there on, any new DLL (like maybe a ie gator related one) will be alerted and you'll have to approve it before it can access out. Now, there are literally hundreds of DLLs on a system, so that's why you let it learn (at medium) before moving the slider to High (unless you want to answer hundreds of permission alerts.) It's important to have a clean system while you are at Medium, because all DLLs get allowed as they are used when you are at set there. Anyway, that's just something for the next time. (You may want to go into the ZAP > Program Control > Components list, and look for any gator/gain references in that long list, as well.)
oh ok lol so it really does learn wow ummm looks like i will have to refresh vector i think cause i still get that problem when i click more info zap shuts dowen snif snif
Hi MrBlaze, In Spybot S&D you can click Recovery and you will see what has been removed. (Don't put it back. ) Here is some info on the "ugly croc" : http://www.alanluber.com/pcfearfactor/officiagatorpage.htm Regards, Pieter
NOPE GATOR I HAD WAS WORST was not in start up ms config didnt showitself as useable software my security settings are will i go to porn sites lol so you all by now should know that everything is disabled lol and last it could im perty sure conect under zone alarm with out prompt i think port explorer ws the only thing that could see it have an outside conection so when i use spybot to kill it i stop geting that wyrd conection i personaly think it a new form of gator