View Full Version : scans clean, but connection attempts still occurring
a-2 found a trojan and removed it the other day. i ran a-2 again in safe mode and quarantined 8 malicious programs. i've ran both a-2 and spybot since to clean results, but my firewall is still telling me that its blocked 15 intrusion attempts.
thanks for your help. HJT log below.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:02:54 AM, on 10/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\BacsTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\Program Files\Comodo\Firewall\cfp.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\MICAH YANG\Application Data\Mozilla\Profiles\default\94yqskjj.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [bacstray] BacsTray.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/abarth/us/win/QuickTimeInstaller.exe
O16 - DPF: {8E28B3A9-FE83-45D1-B657-D5426B81A121} (CustomerCtrl Class) - http://cs5b.instantservice.com/jars/customerxsigned35.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,15/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 11068 bytes
Hi irondan
Which router you have?
Hi Shaba,
I have an airlink wireless n router.
I don't know if this helps, but I also had a-2 run a hijack free log and it had a red entries stating that they were bad or needed attention. I couldn't find a tool to fix them though through a-2.
thanks for your help.
:bigthumb:
irondan
I see nothing wrong expect presence of ZoneAlarm SpyBlocker which you can uninstall via add/remove programs.
Do you have NAT/firewall enabled in router?
And could you tell me which entries a-2 hijack free flags?
Hi Shaba,
I'm not sure if this is what you are talking about, but here is the hijack free analysis. Sorry, if this is not the info you wanted. I took out all the good entries and left the ones flagged or unknown.
One particular entry puzzles me. Under ctfmon.exe it lists a keylogger program found in the System\CTF (9x/Me) or System32\CTF (NT/2K/XP) folder. I don't recall installing such a thing.
Thanks again.
a-squared HiJackFree Analysis
www.hijackfree.com
Version info: Result ToDo
Good
Your used version of a-squared HiJackFree: 3.1.0.16
The current version of a-squared HiJackFree: 3.1.0.16
Bad
Your used operating system version: Windows XP Service Pack 2
The current version of your operating system: Windows XP Service Pack 3
Please update your operating system and install the latest service pack!
Not Sure - may be bad
Name: TkBellExe
Path: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 5 - Bad: 5
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Not Sure - may be bad
Name: mmtask
Path: C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Good
Name: SunJavaUpdateSched
Path: C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Not Sure - may be bad
Name: QuickTime Task
Path: C:\Program Files\QuickTime\QTTask.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 3 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Not Sure - may be bad
Name: AIM
Path: C:\Program Files\AIM\aim.exe
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Not Sure - may be bad
Name: ctfmon.exe
Path: C:\WINDOWS\system32\ctfmon.exe
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 3 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
View Details
Tricky and Other Autoruns: Result ToDo
Unknown - may be bad
Name: shell
Path: Explorer.exe
Location: system.ini
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: SET BLASTER
Path: A220 I5 D1 P330 T3
Location: autoexec.nt
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: dos
Path: high, umb
Location: config.nt
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: device
Path: %SystemRoot%\system32\himem.sys
Location: config.nt
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: files
Path: 40
Location: config.nt
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: device
Path: C:\Program Files\ALWILS~1\Avast4\aswmonds.sys
Location: config.nt
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: Adobe Reader Speed Launch
Path:
Location: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: Microsoft Find Fast
Path:
Location: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: Office Startup
Path:
Location: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: AppleSoftwareUpdate
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: MP Scheduled Scan
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: SA
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: Shell
Path: Explorer.exe
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: $LT;{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
Path: C:\WINDOWS\system32\ieudinit.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: $GT;{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
Path: C:\WINDOWS\inf\unregmp2.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: $GT;{26923b43-4d38-484f-9b9e-de460746276c}
Path: C:\WINDOWS\system32\ie4uinit.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: $GT;{60B49E34-C7CC-11D0-8953-00A0C90347FF}
Path: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: $GT;{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
Path: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: $GT;{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
Path: C:\WINDOWS\system32\shmgrate.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: {2C7339CF-2B09-4501-B3F3-F3508C9228ED}
Path: C:\WINDOWS\system32\regsvr32.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: C:\Program Files\Outlook Express\setup50.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: {44BBA842-CC51-11CF-AAFA-00AA00B6015B}
Path: rundll32.exe advpack.dll
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: {5945c046-1e7d-11d1-bc44-00c04fd912be}
Path: rundll32.exe advpack.dll
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: {7790769C-0471-11d2-AF11-00C04FA35D02}
Path: C:\Program Files\Outlook Express\setup50.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: {89820200-ECBD-11cf-8B85-00AA005B4340}
Path: regsvr32.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: {89820200-ECBD-11cf-8B85-00AA005B4383}
Path: C:\WINDOWS\system32\ie4uinit.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: {89B4C1CD-B018-4511-B0A1-5476DBF70820}
Path: C:\WINDOWS\System32\Rundll32.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: VBScript Script File
Path: C:\WINDOWS\System32\WScript.exe
Location: HKEY_CLASSES_ROOT\vbsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: VBScript Encoded Script File
Path: C:\WINDOWS\System32\WScript.exe
Location: HKEY_CLASSES_ROOT\vbefile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: JScript Script File
Path: C:\WINDOWS\System32\WScript.exe
Location: HKEY_CLASSES_ROOT\jsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: JScript Encoded Script File
Path: C:\WINDOWS\System32\WScript.exe
Location: HKEY_CLASSES_ROOT\jsefile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: Windows Script Host Settings File
Path: C:\WINDOWS\System32\WScript.exe
Location: HKEY_CLASSES_ROOT\wshfile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: Windows Script File
Path: C:\WINDOWS\System32\WScript.exe
Location: HKEY_CLASSES_ROOT\wsffile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: Application
Path: %1
Location: HKEY_CLASSES_ROOT\exefile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: MS-DOS Application
Path: %1
Location: HKEY_CLASSES_ROOT\comfile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: MS-DOS Batch File
Path: %1
Location: HKEY_CLASSES_ROOT\batfile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: Screen Saver
Path: %1
Location: HKEY_CLASSES_ROOT\scrfile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: Shortcut to MS-DOS Program
Path: %1
Location: HKEY_CLASSES_ROOT\piffile\shell\open\command\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: PostBootReminder
Path: C:\WINDOWS\system32\SHELL32.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: CDBurn
Path: C:\WINDOWS\system32\SHELL32.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: WebCheck
Path: C:\WINDOWS\system32\webcheck.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: SysTray
Path: C:\WINDOWS\System32\stobject.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: WPDShServiceObj
Path: C:\WINDOWS\system32\WPDShServiceObj.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Unknown - may be bad
Name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ClsID: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Name: ZoneAlarm Spy Blocker BHO
Path: C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ClsID: {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Name:
Path:
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ClsID: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Name: URL Exec Hook
Path: shell32.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
ClsID: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Name: Microsoft AntiMalware ShellExecuteHook
Path: C:\Program Files\WIFD1F~1\MpShHook.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
ClsID: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Name: CShellExecuteHookImpl Object
Path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
ClsID: {57B86673-276A-48B2-BAE7-C6DBB3020EB8}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Local Open Ports: Result ToDo
Good
Port: 135 TCP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1180)
Good: 1 - Bad: 0
View Details
Good
Port: 139 TCP
Path: system (Process ID: 4)
Good: 1 - Bad: 0
View Details
Good
Port: 445 TCP
Path: system (Process ID: 4)
Good: 1 - Bad: 0
View Details
Not Sure - may be bad
Port: 1025 TCP
Path: C:\WINDOWS\System32\alg.exe (Process ID: 2376)
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Port: 1049 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Bad
Port: 1050 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Port: 1051 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1052 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1053 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1054 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1054 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1059 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1065 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1066 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1071 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1071 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Not Sure - may be bad
Port: 1080 TCP
Path: system (Process ID: 0)
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Bad
Port: 1082 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Bad
Port: 1083 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Port: 1084 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1085 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1086 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1087 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1088 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1089 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Bad
Port: 1090 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Port: 1091 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1091 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1092 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1093 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Bad
Port: 1098 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Bad
Port: 1099 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Not Sure - may be bad
Port: 1100 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Port: 1101 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1101 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1103 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1104 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1106 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1107 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1110 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1111 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1112 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1113 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1114 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1115 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1118 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1119 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1124 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1125 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1125 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1126 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1127 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1128 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1129 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1130 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1131 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1132 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1133 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1134 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1135 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1136 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Bad
Port: 1137 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Port: 1138 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1142 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1144 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1145 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1146 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1147 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1148 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1149 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1151 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1151 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1152 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1152 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1153 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1154 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1154 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Good
Port: 1155 TCP
Path: system (Process ID: 0)
Good: 1 - Bad: 0
View Details
Unknown - may be bad
Port: 1157 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1159 TCP
Path: C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2HiJackFree.exe (Process ID: 3956)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1159 TCP
Path: C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2HiJackFree.exe (Process ID: 3956)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1159 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1160 TCP
Path: C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2HiJackFree.exe (Process ID: 3956)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1160 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1161 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1163 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1165 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1166 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1166 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1167 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1172 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1173 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1174 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1175 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1176 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1176 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1177 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1178 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1179 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1180 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1181 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1182 TCP
Path: C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2HiJackFree.exe (Process ID: 3956)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1182 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1183 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1183 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1184 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1185 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1186 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1188 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1189 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1190 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1191 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1192 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1193 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1194 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1195 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1196 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1197 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1198 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1199 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1200 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1201 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1202 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1203 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1204 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1205 TCP
Path: C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2HiJackFree.exe (Process ID: 3956)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1205 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1206 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Bad
Port: 1207 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Bad
Port: 1208 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Port: 1209 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1210 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1211 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Not Sure - may be bad
Port: 1212 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Port: 1213 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1213 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1213 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
View Details
Unknown - may be bad
Port: 1215 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1216 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1220 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1222 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1223 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Bad
Port: 1225 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Port: 1226 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1227 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1230 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1231 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1232 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1233 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Bad
Port: 1234 TCP
Path: C:\Program Files\Mozilla Firefox\firefox.exe (Process ID: 1904)
Good: 0 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Port: 1235 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1236 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 12025 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 1908)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 12080 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 12080 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 12080 TCP
Path: system (Process ID: 0)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 12080 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 12080 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 2068)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 12110 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 1908)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 12119 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 1908)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 12143 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 1908)
Good: 0 - Bad: 0
Unknown Item
Search at Google
View Details
Unknown - may be bad
Port: 1042 UDP
Path: C:\WINDOWS\System32\svchost.exe (Process ID: 1276)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 1900 UDP
Path: C:\WINDOWS\System32\svchost.exe (Process ID: 1516)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Unknown - may be bad
Port: 4500 UDP
Path: C:\WINDOWS\system32\lsass.exe (Process ID: 984)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Running Processes: Result ToDo
Good
Name: [System Process]
Process ID: 0
Path:
Info: Threads: 1 - Priority: N/A - Visible: No
Good: 1 - Bad: 0
View Details
Good
Name: System
Process ID: 4
Path:
Info: Threads: 76 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Not Sure - may be bad
Name: ctfmon.exe
Process ID: 596
Path: C:\WINDOWS\system32\ctfmon.exe
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 2 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Good
Name: mmtask.exe
Process ID: 632
Path: C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Good
Name: OSA.EXE
Process ID: 640
Path: C:\Program Files\Microsoft Office\Office\OSA.EXE
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 1 - Bad: 0
View Details
Not Sure - may be bad
Name: svchost.exe
Process ID: 704
Path: C:\WINDOWS\System32\svchost.exe
Info: Threads: 5 - Priority: Normal - Visible: No
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Not Sure - may be bad
Name: smss.exe
Process ID: 836
Path: C:\WINDOWS\System32\smss.exe
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
View Details
Not Sure - may be bad
Name: csrss.exe
Process ID: 904
Path: C:\WINDOWS\system32\csrss.exe
Info: Threads: 11 - Priority: Normal - Visible: No
Good: 1 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Not Sure - may be bad
Name: winlogon.exe
Process ID: 928
Path: C:\WINDOWS\system32\winlogon.exe
Info: Threads: 15 - Priority: High - Visible: No
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
View Details
Not Sure - may be bad
Name: services.exe
Process ID: 972
Path: C:\WINDOWS\system32\services.exe
Info: Threads: 16 - Priority: Normal - Visible: No
Good: 1 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
View Details
Unknown - may be bad
Name: igfxsrvc.exe
Process ID: 1032
Path: C:\WINDOWS\system32\igfxsrvc.exe
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
View Details
Not Sure - may be bad
Name: svchost.exe
Process ID: 1128
Path: C:\WINDOWS\system32\svchost.exe
Info: Threads: 17 - Priority: Normal - Visible: No
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Not Sure - may be bad
Name: svchost.exe
Process ID: 1180
Path: C:\WINDOWS\system32\svchost.exe
Info: Threads: 10 - Priority: Normal - Visible: No
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Name: lxcgcoms.exe
Process ID: 1216
Path: C:\WINDOWS\system32\lxcgcoms.exe
Info: Threads: 4 - Priority: High - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
View Details
Not Sure - may be bad
Name: svchost.exe
Process ID: 1276
Path: C:\WINDOWS\System32\svchost.exe
Info: Threads: 76 - Priority: Normal - Visible: No
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
View Details
Good
Name: MSASCui.exe
Process ID: 1344
Path: C:\Program Files\Windows Defender\MSASCui.exe
Info: Threads: 18 - Priority: Normal - Visible: No
Good: 2 - Bad: 0
View Details
Unknown - may be bad
Name: BCMSMMSG.exe
Process ID: 1404
Path: C:\WINDOWS\BCMSMMSG.exe
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
View Details
Not Sure - may be bad
Name: svchost.exe
Process ID: 1448
Path: C:\WINDOWS\System32\svchost.exe
Info: Threads: 6 - Priority: Normal - Visible: No
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Not Sure - may be bad
Name: svchost.exe
Process ID: 1516
Path: C:\WINDOWS\System32\svchost.exe
Info: Threads: 13 - Priority: Normal - Visible: No
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
View Details
Not Sure - may be bad
Name: alg.exe
Process ID: 2376
Path: C:\WINDOWS\System32\alg.exe
Info: Threads: 5 - Priority: Normal - Visible: No
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Unknown - may be bad
Name: ezprint.exe
Process ID: 2564
Path: C:\Program Files\Lexmark 2300 Series\ezprint.exe
Info: Threads: 2 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
View Details
Not Sure - may be bad
Name: wuauclt.exe
Process ID: 2828
Path: C:\WINDOWS\system32\wuauclt.exe
Info: Threads: 3 - Priority: Normal - Visible: No
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Not Sure - may be bad
Name: svchost.exe
Process ID: 3416
Path: C:\WINDOWS\System32\svchost.exe
Info: Threads: 8 - Priority: Normal - Visible: No
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
View Details
View Details
Unknown - may be bad
Name: BacsTray.exe
Process ID: 3560
Path: C:\WINDOWS\system32\BacsTray.exe
Info: Threads: 1 - Priority: Normal - Visible: No
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
View Details
Not Sure - may be bad
Name: explorer.exe
Process ID: 3972
Path: C:\WINDOWS\Explorer.EXE
Info: Threads: 14 - Priority: Normal - Visible: No
Good: 2 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
View Details
This analysis is saved and available for at least 7 days at this website address.
Ctfmon.exe is legit, link (http://www.liutilities.com/products/wintaskspro/processlibrary/ctfmon/).
Can you tell me in which time those 15 blocked attempts have occurred?
hi shaba,
the blocked intrusion items generally start increasing when i turn on the computer and get online connectivity. the firewall just starts saying that more attempts have been blocked. i'm not positive if i have a firewall on in my router, but i believe i do.
maybe i just have my firewall set on too high a level?
thanks :)
Yes, that sounds like a reasonable explanation :)
thanks for your time. you do good work. :bigthumb:
See below for my tips:
Uninstall ZoneAlarm Spy Blocker via add/remove programs.
Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Update your AntiVirus Software and keep your other programs up-to-date Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector (http://secunia.com/software_inspector/)
F-secure Health Check (http://www.f-secure.com/weblog/archives/00001356.html)
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com (http://www.windowsupdate.com) regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
Install Malwarebytes' Anti-Malware - Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
totally free but for real-time protection you will have to pay a small one-time fee. Tutorial on installing & using this product can be found below:
Malwarebytes' Anti-Malware Setup Guide (http://www.bfccomputers.com/forum/index.php?showtopic=1644)
Malwarebytes' Anti-Malware Scanning Guide (http://www.bfccomputers.com/forum/index.php?showtopic=1645)
Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
A tutorial on installing & using this product can be found here:
Using SpywareBlaster to protect your computer from Spyware and Malware (http://www.bleepingcomputer.com/tutorials/tutorial49.html)
Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.
Here are some additional utilities that will enhance your safety
MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm) <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer. See also a hosts file tutorial here (http://malwareremoval.com/forum/viewtopic.php?t=22187)
Winpatrol (http://www.winpatrol.com/) <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
Using Winpatrol to protect your computer from malicious software (http://www.winpatrol.com/features.html)
thanks shaba for pointing me towards malwarebytes. they got rid of 8 objects in my registry keys and now i think my computer is acting "normally."
that's a great program! :)
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
Note: If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.
If it has been less than five days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.