1. By continuing to use the site, you agree to the use of cookies .This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the cookie policy.Find out more.
    Dismiss Notice
  2. Dismiss Notice
  3. Follow Casinomeister on Twitter | Facebook | YouTube | Casinomeister.us US Residents Click here! |  Svenska Svenska | 
Dismiss Notice
REGISTER NOW!! Why? Because you can't do diddly squat without having been registered!

At the moment you have limited access to view most discussions: you can't make contact with thousands of fellow players, affiliates, casino reps, and all sorts of other riff-raff.

Registration is fast, simple and absolutely free so please, join Casinomeister here!

Spyware Issues (was Bellrock Warning)

Discussion in 'Online Casinos' started by Black21Jack, Jun 23, 2004.

    Jun 23, 2004
  1. Black21Jack

    Black21Jack Dormant account

    Occupation:
    Courier driver
    Location:
    Toronto, Ontario, Canada
    Spyware Issues

    Well, on advice from another posting I had regarding Viper Software I went directly to You must register/login in order to see the link., not through an affiliate link. I proceeded to download Home Casino and install the software. Now I dont know if you read older posts of mine regarding Golden palace Casino and some fishy activity on my computer after using their software but you can read it here Anyways, as soon as I installed the software my internet home page was changed to res://myfzv.dll/index.html#27859 which is called Home Search, hmmm, Home Casino, Home Search, is there a connection? Now when I open my IE it goes directly here and I get a flood of pop up ads along with it. It also now tries to install some kind of feature for Office XP everytime I run IE. I get an Office Installer pop up and when I click cancel it gives me the error that I have included as a picture below. Spyware Blaster and SpyBot S&D even when fully updated cannot detect anything on my comp. Now when I go to Control Panel Add/Remove Programs I do find three programs that are responsible, one called Home Search Assistant, Search Extender, and Shopping Wizard. When I go to uninstall these programs I get the message: Unable to open "http://looking-for.cc/uninstall/program name.html" No one can say that it is coincidence, that it is not from Home Casino. The search is called Home Search, and I have not had a problem on my computer since the Golden Palace fiasco. I have had my computer cleaned and immunized by several spyware/adware programs and I have not installed any other software until yesterday. When I had only RTG on my comp. no problems. This is very shady, and I caution all against downloading anything from Belle Rock. Who knows what info they are obtaining off my hard drive, and no matter what I do I cannot get rid of it.
     
    Last edited: Jun 23, 2004
  2. Jun 23, 2004
  3. mucullus

    mucullus Experienced Member

    Location:
    Germany
    I also played at Home Casino, but I didn't recognize any spyware coming with the software.
    Btw. Home Casino is the only Belle Rock Casino that doesn't use the new VIPER software, but the old microgaming sw.
     
  4. Jun 23, 2004
  5. Sodax77

    Sodax77 Dormant account

    Occupation:
    Human Being
    Location:
    EU|FI
    Can't help, but try with google "1033/setup.hlp" (with "-marks).
    Also check with SpyBot S&D (Advance mode) what programs start, etc. Not usual search-thing.
     
  6. Jun 23, 2004
  7. sw2003

    sw2003 Dormant account

    Location:
    somewhere :)
    I played at Belle Rock using the download software. I did not get any spyware,
    homepage change, pop up etc.

    I have also installed Golden Palace but also did not get any spyware, homepage change, pop up etc.

    So are you sure the source of your problem is with the downloaded softwares?
    Why would they pick you out of all the people? If you are that lucky, you
    should be a millionaire by now. Have you visited other dubious sites besides
    Belle Rock? May be one of your other frequently visited sites is the source of
    the problem?
     
  8. Jun 23, 2004
  9. HateMG

    HateMG Dormant account

    Location:
    Brooklyn, NY
    You can manually delete these files doing search in Windows Explorer on C: drive. Also check the registry (run command regedit)
     
  10. Jun 23, 2004
  11. padanian

    padanian Experienced Member

    Occupation:
    marketing manager of a medium sized tourist compan
    Location:
    Italy
    I downloaded the software of Home Casino just today, but did not face any problem. The same for all the other casinos from that group.
     
  12. Jun 23, 2004
  13. jpm

    jpm Dormant account

    The problem is you went to the wrong website, the bellerock website is at You must register/login in order to see the link.GAMING.com

    There's nothing shady about the bellerock group, just the scumbag affiliate that setup the website you mentioned. If I were you, I'd notify bellerock directly about this. They should pull that clown from their affiliate program.

    Also, try adaware from You must register/login in order to see the link. and see if that cleans up the problems.
     
    Last edited: Jun 23, 2004
  14. Jun 24, 2004
  15. Black21Jack

    Black21Jack Dormant account

    Occupation:
    Courier driver
    Location:
    Toronto, Ontario, Canada
    Umm, as I said before no software has been installed on my computer for months. As soon as I installed from Home Casino it happened, my computer has been fine for months now. Coincidence? No other sites have I downloaded anything from. Spybot advanced, fully updated, spy ware blaster fully updated, control panel add remove, I have done it all, this one is pure stealth. As far as dubious sites, I do not play any casinos except RTG, so on advice I went to Belle Rock and this is the only other site I have downloaded from since Phoenician which definitely does not do it because it just happened right after installation of Home Casino.
     
  16. Jun 24, 2004
  17. jpm

    jpm Dormant account

    In addition to the programs you mentioned you were using, you should also use an internet security program like Zone Alarm. What happened is a classic malware/spyware/browser hijack. An internet security package along with spybotm, etc. would help prevent such things from happening again.

    As I said before, You must register/login in order to see the link. is the correct website for this group, not www,bellerock,com (dots removed so people don't click on it and get hosed). I'm certain that is the root of the problem and not home casino.
     
  18. Jun 24, 2004
  19. Black21Jack

    Black21Jack Dormant account

    Occupation:
    Courier driver
    Location:
    Toronto, Ontario, Canada
    Thanks for the tip, I had zone alarm on but it was too annoying especially since I use a wireless connection from my laptop, bloody thing went off all the time. I have both Spy Bot S&D and Spyware Blaster running and it did not catch it but I guess I will re install Zone Alarm.
     
  20. Jun 24, 2004
  21. jpm

    jpm Dormant account

    Yeah, I've tried the McAfee, Norton and Zone Alarm products for internet security and found ZA to be the most compatible for online gaming, and just the best of the bunch overall. I am using the Pro version of it, which you gotta buy, but the basic free one is still good. The Pro version has more privacy related items, such as cookie, java, web bug blocking. That is the version I'd recommend. You can also tell it to shut up if the alerts are driving you nuts, it will just do its thing silently. They also have a special bundle that includes a product called Pest Patrol, which is a proactive anti malware/spyware program. I use that as well and never have a problem with hijacks, spyware, etc. And don't forget an up to date antivirus program! That's important to protect from evil email and websites. Yeah, its alot of crap to load on your machine, but its better than the alternative. Every so often I'll do an adaware and spybot scan just to see if anything snuck thru, so far so good!

    Hint: If you use pest patrol, you may want to shut of the cookie patrol part, it can cause problems at times, and zone alarm pro can handle cookies.
     
  22. Jun 24, 2004
  23. angahar

    angahar Dormant account

    browser hijack problem (its not bellerock)

    What you have their is a nasty coolweb infection. Coolweb is a program that inserts itself into IE and your registry in order to redirect your homepage (to home search, among others) and give you pop up ads. It includes a remote keylogger to record everything you type in search engines, etc and uses that info to give you "targeted: pop ups. Some versions of coolweb are extremely stubborn and difficult to remove from your computer. Adware programs like ad-aware, spybot and spysweeper will track down bits and pieces of coolweb but are no real help in dealing with the beast. Coolweb is thought to be spread via certain, ahem, ad-intensive websites and pop ups. Here is a few suggestions in dealing with it:

    Download coolweb shredder. Despite the name it doesn't usually do the job by itself, but its a start.

    download hijack this. This is a program that identifies suspicious registry entries and gives you the options of which ones to delete. Use with caution, For the most part eveything it comes up with is expendable, but read the descriptions it gives you of the file types to help guide you. Specifically look for BHO (browser helper objects) and files that change your IE start and search pages (duh).

    download a program like browser hijack blaster that will tell you whenever coolweb tries to reinsert the BHO into your registry. This gives you a good indication whether or not you've killed it.

    download antivir, a free antivirus program that seems to help but doesn't eliminate coolweb.

    go to your start menu and run "msconfig" click over to the last tab with the programs that load on startup. Uncheck everything you don't use (something called "addux" is suspicious). I uncheck everything for a super fast load, but some people like certain programs to start.

    There is also a process that coolweb starts that is listed as a sysyem process that busily goes about undoing all your work by recreating the files that are attacking your browser. Hit control alt delete and go to the processes tab to see what processes are running. I've seen it use a process called something like dhvj or some four letter garbage starting with d. This can be labeled as a system process but it is not your friend. To narrow it down a little, boot in safe mode and write down all the processes that are running. These should be ok. Boot back in normal mode and see what extra processes there are. Experiment with ending these. One of them is adding phony .dll files to your system and system32 folder that are attacking your browser. (browser hijack blaster will tell you what .dll files are adding the BHOs to your registry.)

    use your spyware program as normal to scour your system.

    This is in no particular order, and all of it might not be necessary. However, running and rerunning all these things finally freed my brothers computer from the evil clutches of coolweb. cwshredder will also give you a few ways to prevent reinfection. Good Luck!
     
  24. Jun 24, 2004
  25. Yankee

    Yankee Dormant account

    Location:
    Germany
    I can really recommend HijackThis. I've had similar problems like what you described twice within the last couple of months and this program helped me get rid of the intruders quickly.
     
  26. Jun 24, 2004
  27. Black21Jack

    Black21Jack Dormant account

    Occupation:
    Courier driver
    Location:
    Toronto, Ontario, Canada
    Thanks a lot for the help angahar. I will try all this tomorrow and re post my progress. Once again thanks a lot, I appreciate it.
     
  28. Jun 24, 2004
  29. jpm

    jpm Dormant account

    I just remembered something that may be even easier for you. Since you are using XP, you could use the system restore feature and just restore everything to the way it was (say the day before) just before you went to this scumbag site. I've used it recently after I messed up my desktop and it worked flawlessly. If you'd like to try it, let me know and I'll post directions.

    As angahar said, it is very tenacious and I've found infections like this to be almost impossible to clean completely without spending hours upon hours scouring the registry, etc. It can be quite tedious & frustrating even for seasoned computer geeks like me. System restore may be your best friend in this instance.
     
  30. Jun 24, 2004
  31. Black21Jack

    Black21Jack Dormant account

    Occupation:
    Courier driver
    Location:
    Toronto, Ontario, Canada
    That would be great if you could post how to do that jpm. I was going to start doing all the other stuff but because it will take a while, I am being lazy. Will system restore erase anything?
     
    Last edited: Jun 24, 2004
  32. Jun 24, 2004
  33. jpm

    jpm Dormant account

    Its is supposed to only affect the registry and other programs and settings, but not affect documents, etc. Just be on the safe side and back up anything important before you do it! I didn't seem to lose anything when I did it the other nite and it was about a 5 minute procedure. Quite painless indeed, and I'll use it again in the future if I ever have similar issues.

    I'll post the procedure when I get home, so I can take you thru each step as I do it, except for the final step of course ;)
     
  34. Jun 25, 2004
  35. GrandMaster

    GrandMaster Ueber Meister CAG

    Occupation:
    Mathematician by day, online gambler by night.
    Location:
    UK
    You should also tighten up your IE security settings or even ditch IE completely and use a different browser such as Mozilla Firefox (my favourite) or Opera.
     
  36. Jun 25, 2004
  37. jpm

    jpm Dormant account

    Don't you have to pay for opera? Or is it free now?
     
  38. Jun 25, 2004
  39. Black21Jack

    Black21Jack Dormant account

    Occupation:
    Courier driver
    Location:
    Toronto, Ontario, Canada
    Ok, I decided to get off my lazy arse and download all advised programs. They were: Antivir; which found over 20 Trojan Horse files on the computer, Spyware Sweeper; which found numerous bad programs all of which included "casino" in the name, 3 had "Microgaming" in the name and two had "32Red" in the name even though those casinos were immediately uninstalled when I started having the problems, Hijack This, Window Washer (my own idea becuase it cleans cookies, history, recycle bin, and file extensions), Ad-aware, Browser Hijack Blaster, and CW Shredder. These are in addition to SpyBot S&D, and Spyware Blaster which I already had protectiing my system. All of this seems to have done thee trick, I do not get the search pages or popups anymore. I would still like to do system restore to be on the safe side. Thanks for all the help.
     

Share This Page