Results 1 to 6 of 6

Thread: Zone Alarm not picking up new virus

  1. #1
    gjonesgrad Guest

    Default Zone Alarm not picking up new virus

    I have updated and scanned my system over 25 times; yet my ZA Security Suite is not picking a virus/malware up that is causing my search engine to go haywire. Whenever I go to Google, Dogpile, or Ask.com, My searches are automatically redirected to adult websites or other weird search engines. I am not getting my searches answered. Sometimes the word "Jump" appears whenever a search engine is redirected.
    Anyone have an answer?

    Operating System:Windows XP Home Edition
    Software Version:
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    gjonesgrad Guest

    Default Re: Zone Alarm not picking up new virus- My HiJackThis Log

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:03:59 PM, on 12/18/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0013)
    Boot mode: NormalRunning processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
    C:\WINDOWS\SYSTEM32\ZoneLabs\avsys\ScanningProcess .exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\SYSTEM32\ZoneLabs\avsys\ScanningProcess .exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Dell\Media Experience\PCMService.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\WALGRE~1\WALGRE~1\data\xtras\mssysmgr. exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
    R3 - URLSearchHook: (no name) - {65E57845-B9F6-C654-86FF-B569458DDCCB} - C:\WINDOWS\System32\xjcjf.dll (file missing)
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {65E57845-B9F6-C654-86FF-B569458DDCCB} - C:\WINDOWS\System32\xjcjf.dll (file missing)
    O3 - Toolbar: OIN Search - {B9F6E8EB-A4E3-478E-88A4-D3995B5C45C8} - C:\Program Files\OIN Search\OINSearch.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"
    -osboot
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [Aida] "C:\PROGRA~1\COMMON~1\ASKS~1\rundll.exe&qu ot; -vt ndrv
    O4 - HKCU\..\Run: [Jkprw] C:\Program Files\?ssembly\i?xplore.exe
    O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\WALGRE~1\WALGRE~1\data\xtras\mssysmgr. exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE&quo t; -quiet
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} - https://password.bellsouth.net/sdcco...ad/tgctlsr.cab
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.com/SnapfishActivia.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/02c23b57...p/RdxIE601.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
    O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) - http://www.streamingfaith.com/common...INIBrowser.CAB
    O16 - DPF: {CBD8B1CB-2F5F-415F-93E8-A297B33DCBB2} (CentrinoCheck Control) - http://entriq.vo.llnwd.net/o1/NBCUni...ck_1_0_0_5.cab
    O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/download...ameManager.cab
    O16 - DPF: {CE7D2BF2-D173-4CE2-9DAF-15EA153B5B43} (MediaControl Class) - http://entriq.vo.llnwd.net/o1/NBCUni...2_2_Silent.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A79BB9E4-B7D0-406E-BC08-523DA65160D0}: NameServer = 85.255.114.101,85.255.112.74
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B1953072-E77D-438A-8F9D-A7680052DDB2}: NameServer = 85.255.114.101,85.255.112.74
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D0C24C12-4C9D-48B8-A67E-FB3B17BA55EF}: NameServer = 85.255.114.101,85.255.112.74
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.101 85.255.112.74
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.101 85.255.112.74
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.101 85.255.112.74
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
    O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe (file missing)--
    End of file - 8889 bytes

  3. #3
    Join Date
    Apr 2004
    Location
    East Coast of Florida - Lightening/Shark Bite Capital of the World
    Posts
    2,477

    Default Re: Zone Alarm not picking up new virus- My HiJackThis Log

    Hi,Welcome to the Forum!SORRY, WE DON'T DO HJT LOGS HERE AT THIS FORUM.PLEASE go to the following thread and PLEASE keep me posted on your results, THANKS.http://forum.zonelabs.org/zonelabs/b...essage.id=3030SlyFox
    "Politeness costs nothing and gains everything".

    Click here for ZA Support

    Avail. 24x7 - Excl. Holiday













  4. gjonesgrad Guest

    Default Re: Zone Alarm not picking up new virus- My HiJackThis Log

    If after running this tool the Trojan.Win32.Obfuscated.gx infection is still present, post a HiJackThis log in the Malware Removal Forum.

    Mr. Fox. Why are people telling others to post a HiJackThis log in a Zone Alarm Forum if you claim to not use it?????????
    Meanwhile my computer is still infected. It is more than time consuming to find the problem. Perhaps I'll chat with Ms. NaiveMelody who posted in David Fleet's Thread: "I think I have picked up Malware"

  5. #5
    Join Date
    Apr 2004
    Location
    East Coast of Florida - Lightening/Shark Bite Capital of the World
    Posts
    2,477

    Default Re: Zone Alarm not picking up new virus- My HiJackThis Log



    WE ARE NOT ALLOWED to work on HJT LOGS in this Forum, that is why I directed you to go that site, where they are EXPERTS in the HJT LOGS and they will tell you exactly what to do.

    SlyFoxX-(
    "Politeness costs nothing and gains everything".

    Click here for ZA Support

    Avail. 24x7 - Excl. Holiday













  6. Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,465

    Default Re: Zone Alarm not picking up new virus- My HiJackThis Log


    <BLOCKQUOTE><HR>gjonesgrad wrote:
    If after running this tool the Trojan.Win32.Obfuscated.gx infection is still present, post a HiJackThis log in the Malware Removal Forum.

    Mr. Fox. Why are people telling others to post a HiJackThis log in a Zone Alarm Forum if you claim to not use it?????????Meanwhile my computer is still infected. It is more than time consuming to find the problem. Perhaps I'll chat with Ms. NaiveMelody who posted in David Fleet's Thread: "I think I have picked up Malware"
    <HR></BLOCKQUOTE>Here is A Free Anti-Virus/Anti-Spyware/Malware Scan Site to try..http://usa.kaspersky.com/products_se...us-scanner.php<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0><TBODY><TR><TD><TABLE style="MARGIN-RIGHT: 15px" cellSpacing=0 cellPadding=0 border=0><TBODY><TR><TD vAlign=top><TABLE id=theTable style="BACKGROUND: url(BWD_IMAGES-11062007/greenish_bg.gif) #ffffff no-repeat left top; VERTICAL-ALIGN: top; WIDTH: 756px" cellSpacing=0 cellPadding=0 width="83%" border=0><TBODY><TR><TD vAlign=top></TD><TD vAlign=top><TABLE style="PADDING-TOP: 17px" cellSpacing=0 cellPadding=0 width=730 border=0><TBODY><TR><TD><TABLE cellSpacing=0 cellPadding=0 width="100%" border=0><TBODY><TR><TD style="PADDING-BOTTOM: 10px" vAlign=top width="22%"></TD><TD style="PADDING-LEFT: 10px; FONT-WEIGHT: bold; FONT-SIZE: 16px; COLOR: #074f39; PADDING-TOP: 6px; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif" vAlign=top>Detect Viruses and Spyware with our Online Scanner </TD></TR></TBODY></TABLE></TD></TR><TR><TD><TABLE cellSpacing=0 cellPadding=0 width="100%" border=0><TBODY><TR><TD><TABLE cellSpacing=0 cellPadding=0 width="100%" border=0><TBODY><TR><TD vAlign=top></TD><TD style="PADDING-RIGHT: 12px; PADDING-LEFT: 27px; FONT-SIZE: 12px; LINE-HEIGHT: 22px; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif" vAlign=top>Our free online virus scanner is a great way to find out if you have any viruses or spyware on your machine without having to uninstall your current antivirus software or install a new one. Most importantly, you can see what viruses your current antivirus software let slip through! You just need to be online and using Internet Explorer.

    The Online Virus Scanner uses Microsoft ActiveX technologies to scan your computer for malicious code. The scanner uses Microsoft Internet Explorer to scan your machine while online, and offers the same exceptional detection rates as other Kaspersky Lab products. Our antivirus software protects against viruses and spyware. </TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE>


    Message Edited by GeorgeV on 12-19-2007 10:20 AM
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •