-
Junior Member
Well, I already tried talking to my ISP (hence what I said my last post about the ATT guy.) Anyways, I ran the DDS tool:
DDS (Ver_10-03-17.01) - NTFSx86
Run by - at 17:31:08.62 on Sun 03/28/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2047.986 [GMT -5:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS\EPU\EPU.exe
C:\WINDOWS\DAODx.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\D-Link\AirPlus G DWL-G510\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Workrave\lib\workrave.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\program files\Steam\steam.exe
C:\Program Files\Winamp\winamp.exe
C:\PROGRAM FILES\PROCESS EXPLORER\PROCEXP.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Loren\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.yahoo.com/
uWindow Title = Internet Exploder
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Workrave] c:\program files\workrave\lib\workrave.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Six Engine] "c:\program files\asus\epu\EPU.exe" -r
mRun: [RunDAOD] c:\windows\DAODx.exe
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [CTSysVol] c:\program files\creative\sb live! 24-bit\surround mixer\CTSysVol.exe /r
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [D-Link AirPlus G DWL-G510] c:\program files\d-link\airplus g dwl-g510\AirGCFG.exe
mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
StartupFolder: c:\docume~1\loren\startm~1\programs\startup\trillian.lnk - c:\program files\trillian\trillian.exe
StartupFolder: c:\docume~1\loren\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\Xfire.exe
uPolicies-explorer: EditLevel = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: aol.com\free
Trusted Zone: microsoft.com\www.update
Trusted Zone: xfire.com\www
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261270828156
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll
IFEO: taskmgr.exe - "c:\program files\process explorer\PROCEXP.EXE"
Hosts: 127.0.0.1 www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\loren\applic~1\mozilla\firefox\profiles\aomrmk9j.default\
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\loren\application data\mozilla\firefox\profiles\aomrmk9j.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\loren\application data\mozilla\firefox\profiles\aomrmk9j.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\RadioWMPCore.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\loren\application data\move networks\plugins\npqmp071701000008.dll
FF - plugin: c:\documents and settings\loren\application data\mozilla\firefox\profiles\aomrmk9j.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\emusic download manager\plugin\npemusic.dll
FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-19 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-19 29512]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-19 242696]
R1 HekkoVirtualCD;Hekko Virtual CD Driver;c:\windows\system32\drivers\hvcd.sys [2009-12-21 13184]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-12-19 486280]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2006-2-28 14336]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-3-12 916760]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-3-12 308064]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2009-12-20 93320]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2009-12-19 547744]
S3 AtiDCM;AtiDCM;\??\c:\documents and settings\loren\local settings\temp\atidcmxx.sys --> c:\documents and settings\loren\local settings\temp\atidcmxx.sys [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-3-31 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
=============== Created Last 30 ================
2010-03-25 01:01:18 3284 ----a-w- c:\windows\system32\ANIWZCS{B95DC4F9-5809-45E8-B74F-A404FC63B167}
2010-03-24 04:54:35 0 d-----w- c:\program files\common files\DivX Shared
2010-03-24 04:53:27 0 d-----w- c:\program files\DivX
2010-03-24 04:48:45 0 d-----w- c:\docume~1\alluse~1\applic~1\DivX
2010-03-23 02:41:56 819200 ----a-w- c:\windows\system32\xvidcore.dll
2010-03-23 02:41:56 77824 ----a-w- c:\windows\system32\xvid.ax
2010-03-23 02:41:56 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2010-03-23 02:41:56 0 d-----w- c:\program files\Xvid
2010-03-20 21:28:32 0 d-----w- c:\program files\LucasArts
2010-03-19 00:29:20 6 ----a-w- c:\windows\system32\ANIWZCSUSERNAME{B95DC4F9-5809-45E8-B74F-A404FC63B167}
2010-03-19 00:29:09 667648 ----a-w- c:\windows\system32\ANIWZCS2.dll
2010-03-19 00:29:09 49152 ----a-w- c:\windows\system32\JJAKEn.dll
2010-03-19 00:29:09 49152 ----a-w- c:\windows\system32\AQCKGen.dll
2010-03-19 00:29:09 45115 ----a-w- c:\windows\system32\ANICtl.dll
2010-03-19 00:29:09 249856 ----a-w- c:\windows\system32\wnicapi.dll
2010-03-19 00:29:09 225280 ----a-w- c:\windows\system32\WlanApp.dll
2010-03-19 00:29:09 204800 ----a-w- c:\windows\system32\aIPH.dll
2010-03-19 00:29:09 1327189 ----a-w- c:\windows\system32\odSupp_M.dll
2010-03-19 00:28:55 48128 ----a-w- c:\windows\system32\ANIO64.sys
2010-03-19 00:28:55 36864 ----a-w- c:\windows\system32\ANIOApi.dll
2010-03-19 00:28:55 28195 ----a-w- c:\windows\system32\ANIO.sys
2010-03-19 00:28:55 16997 ----a-w- c:\windows\system32\ANIO.VXD
2010-03-19 00:28:55 11904 ----a-w- c:\windows\system32\anio4.sys
2010-03-19 00:28:54 0 d-----w- c:\program files\ANI
2010-03-19 00:28:40 0 d-----w- c:\program files\D-Link
2010-03-18 21:21:02 0 d-----w- c:\windows\ie8updates
2010-03-18 21:19:15 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-03-18 21:19:15 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-03-18 21:19:15 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-03-18 21:19:15 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-03-18 21:19:14 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-03-18 21:19:13 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-03-18 20:07:21 3284 ----a-w- c:\windows\system32\ANIWZCS{2D7701FD-8969-492B-B41A-344443BE517A}
2010-03-18 19:39:12 0 d-sh--w- c:\documents and settings\loren\IECompatCache
2010-03-18 19:38:29 0 d-sh--w- c:\documents and settings\loren\PrivacIE
2010-03-18 19:32:31 0 d-sh--w- c:\documents and settings\loren\IETldCache
2010-03-18 19:27:03 0 dc-h--w- c:\windows\ie8
2010-03-17 21:44:35 634 ----a-w- c:\windows\entpack.ini
2010-03-15 20:36:31 0 d-----w- c:\docume~1\loren\applic~1\Malwarebytes
2010-03-15 20:36:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-15 20:36:26 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-15 20:36:26 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-15 20:36:26 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-03-14 04:35:15 218 ----a-w- c:\documents and settings\loren\.recently-used.xbel
2010-03-12 22:06:03 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-12 00:26:39 0 d-----w- c:\docume~1\loren\applic~1\Ubisoft
2010-03-11 05:00:45 38160 ----a-w- c:\windows\system32\LMRTREND.dll
2010-03-11 05:00:44 140800 ----a-w- c:\windows\system32\tm20dec.ax
2010-03-11 05:00:43 182032 ----a-w- c:\windows\system32\dxtmsft3.dll
2010-03-11 05:00:40 63488 ----a-w- c:\windows\system32\unam4ie.exe
2010-03-11 05:00:36 5672 ----a-w- c:\windows\system32\quartz.vxd
2010-03-11 05:00:36 11776 ----a-w- c:\windows\system32\mciqtz.drv
2010-03-11 05:00:36 10240 ----a-w- c:\windows\system32\vidx16.dll
2010-03-11 05:00:35 194320 ----a-w- c:\windows\system32\qcut.dll
2010-03-11 05:00:33 4608 ----a-w- c:\windows\system32\w95inf32.dll
2010-03-11 05:00:33 2272 ----a-w- c:\windows\system32\w95inf16.dll
2010-03-10 00:34:12 0 d-----w- c:\program files\Install Creator
2010-03-08 17:59:18 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-03-06 21:49:25 0 d-----w- c:\program files\Microsoft Chart Controls
2010-03-06 21:48:25 0 d-----w- c:\program files\UDK
2010-03-06 20:25:23 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-03-06 20:25:17 0 d-----w- c:\program files\Windows Media Connect 2
2010-03-06 16:32:49 77749234 ----a-w- c:\windows\system32\SG-thief.scr
2010-03-06 16:12:44 0 d-----w- c:\docume~1\loren\applic~1\Axialis
2010-03-06 16:12:39 0 d-----w- c:\program files\Axialis
2010-03-05 00:11:22 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-03-04 04:29:11 7680 --sha-w- c:\windows\Thumbs.db
2010-03-02 18:16:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-03-02 05:39:45 0 d-----w- c:\program files\SystemRequirementsLab
2010-02-28 23:43:17 0 d-----w- c:\docume~1\loren\applic~1\Workrave
2010-02-28 23:43:07 0 d-----w- c:\program files\Workrave
==================== Find3M ====================
2010-03-19 02:21:05 41 ----a-w- c:\documents and settings\loren\jagex_runescape_preferences.dat
2010-03-19 02:11:12 69 ----a-w- c:\documents and settings\loren\jagex_runescape_preferences2.dat
2010-03-12 22:06:04 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-12 22:05:42 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-21 18:55:06 278016 ----a-w- c:\windows\THIEFSAVER.SCR
2010-02-19 19:27:36 720384 ----a-w- c:\windows\system32\DivX.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2010-02-19 19:27:16 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2010-02-19 19:27:16 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2010-02-19 19:27:16 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2010-02-08 02:07:38 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-02-07 16:41:10 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-01-11 17:27:55 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-01-08 22:18:43 22328 ----a-w- c:\docume~1\loren\applic~1\PnkBstrK.sys
2010-01-08 22:18:02 2337865 ----a-w- c:\windows\system32\pbsvc.exe
============= FINISH: 17:32:27.25 ===============
-
ok thanks for the info. dont see much of anything there as far as malware goes.
Why dont you as a experiment shut down the zone alarm service following these directions. If things are not any better after the reboot with ZA disabled then reenable it by checking its box in the msconfig utility and reboot. It will start up at every reboot again.
-
Junior Member
You don't see anything? That's a relief. Good to know.
Well, unfortunately windows will not allow me to disable zonealarm, so the only thing I can do is uninstall it.
-
Windows wont let you disable it? So what happens when you try to disable it using the icon?
Did you try unchecking it in msconfig? That will keep it from auto starting when you boot up.
-
Junior Member
Case Closed!
Oh my gosh I'm sorry... I was actually able to fix it, but forgot about the thread until just now checking my email account and saw that you replied.
Turns out it was an incompatibility problem between ZoneAlarm and
AVG 9.0. :/
ZoneAlarm issued a beta version to correct this problem, and I am using it right now. Internet is back to normal. However, I appreciate your help and if you hadn't suggested disabling zonealarm I wouldn't have discovered this issue! I don't know why it never occured to me that it was a firewall issue.
In any case, regarding disabling zonealarm: I was unable to disable it, unchecking it in msconfig didn't work because it re-enabled itself after closing msconfig. (I know because I went back and it was checked again. Not only that, but the first time I unchecked it I rebooted hoping zonealarm would be disabled, but it was not!)
-
ok. good you have it all settled then. Dont know why you are unable to disable the ZA service. If all is good: some tips for reducing your risk, even though this wasnt a malware issue I will post it anyway.
10 Tips for Reducing/Preventing Your Risk To Malware:
Simply knowing what constitutes a safe action on a computer and what may not will help you tremendously.
1) It is essential to keep your OS,(Windows) browser (IE, FireFox) and other software up to date to "patch" vulnerabilities that could be exploited. Visit Windows Update frequently or use the auto-update feature. Staying updated is also necessary for web based applications like Java, Adobe Flash/Reader, QuickTime etc. Check there version status here.
2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons, like adware, toolbars and malware. Do not install any files from ads, popups or random links. Do not fall for fake warnings about virus and trojans being found on your computer and your then prompted to install software to remedy this. See also the signs that you may have malware on your computer.
3) Install and keep updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless. If either of these frequently find malware then its time to *review your computer habits*.
4) Refrain from clicking on links or attachments via E-Mail, IM, IRC, Chat Rooms, Blogs or Social Networking Sites, no matter how tempting or legitimate the message may seem.
5) Do not click on ads/pop ups or offers from websites requesting that you need to install software to your computer--*for any reason*. Use the Alt+F4 keys to close the window.
6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website?
7) Set up and use limited (non-privileged) accounts for everyday use, rather than administrator accounts. Limited accounts can help prevent *malware from installing and lessen its potential impact.*
8) Install and understand the *limitations* of a software firewall.
9) A tool for automatically hardening and securing Internet Explorer 8.0. Requires site registration for downloading. Changes some of the default settings of IE 8.0, Read the FAQ's.
10) Warez, cracks etc are very popular for carrying all kinds of malware payloads. Using them will cause you all kinds of problems. If you download/install files via p2p networks, then you are also much more likely to encounter malicious code in a downloaded file. Do you really trust the source of the file? Do you really need another malware source?
A longer version in link below.
Happy Safe Surfing.
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules