HijackThis Log Please Help

In regard to the new folder in the C: directory when I single click on it it says that it's a system file and I feel a bit apprehensive about deleting it, just checking, do you think it is still okay to delete it?

 

Run Vundofix.

Then show hidden files and folders.
Open My Computer
Select the Tools > Folder Options > View tab.
Check "show hidden files and folders".
Click Apply then OK.

Open the folder. What is in it?

 

The randomly named files are still there. In relation to the unnamed folder in My Computer, here is no 'open' option available only 'cut, create shortcut or delete', even double clicking does nothing. Go ahead and delete it you think?
Here is the Vundofix log

VundoFix V6.2.6

Checking Java version...

Scan started at 6:50:36 PM 22/10/2006

Listing files found while scanning....

C:\WINNT\system32\pvcoartv.dll
C:\WINNT\system32\bhevgfno.dll
C:\WINNT\system32\pmnnmkl.dll
C:\WINNT\system32\ovlrympm.dll
C:\WINNT\system32\picbbufd.exe
C:\WINNT\AppPatch\bvrul.dll
C:\WINNT\AppPatch\lurvb.ini
C:\WINNT\AppPatch\lurvb.bak1
C:\WINNT\AppPatch\lurvb.bak2
C:\WINNT\AppPatch\lurvb.tmp

Beginning removal...

Attempting to delete C:\WINNT\system32\pvcoartv.dll
C:\WINNT\system32\pvcoartv.dll Has been deleted!

Attempting to delete C:\WINNT\system32\bhevgfno.dll
C:\WINNT\system32\bhevgfno.dll Has been deleted!

Attempting to delete C:\WINNT\system32\pmnnmkl.dll
C:\WINNT\system32\pmnnmkl.dll Has been deleted!

Attempting to delete C:\WINNT\system32\ovlrympm.dll
C:\WINNT\system32\ovlrympm.dll Has been deleted!

Attempting to delete C:\WINNT\system32\picbbufd.exe
C:\WINNT\system32\picbbufd.exe Has been deleted!

Attempting to delete C:\WINNT\AppPatch\bvrul.dll
C:\WINNT\AppPatch\bvrul.dll Could not be deleted.

Attempting to delete C:\WINNT\AppPatch\lurvb.ini
C:\WINNT\AppPatch\lurvb.ini Has been deleted!

Attempting to delete C:\WINNT\AppPatch\lurvb.bak1
C:\WINNT\AppPatch\lurvb.bak1 Has been deleted!

Attempting to delete C:\WINNT\AppPatch\lurvb.bak2
C:\WINNT\AppPatch\lurvb.bak2 Has been deleted!

Attempting to delete C:\WINNT\AppPatch\lurvb.tmp
C:\WINNT\AppPatch\lurvb.tmp Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINNT\AppPatch\bvrul.dll
C:\WINNT\AppPatch\bvrul.dll Has been deleted!

Performing Repairs to the registry.
Done!

and the new HJT log
Logfile of HijackThis v1.99.1
Scan saved at 7:30:49 PM, on 22/10/2006
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\stisvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\WINNT\loadqm.exe
C:\Program Files\Creative\WebCam Control\CAMTRAY.EXE
C:\WINNT\System32\carpserv.exe
C:\Program Files\Dodo Speed Accelerator\slipcore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINNT\System32\ctfmon.exe
C:\Program Files\Dodo Speed Accelerator\slipgui.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\JHT\JackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.creative.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\System32\pvcoartv.dll (file missing)
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Dodo Speed Accelerator\PBHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Dodo Speed Accelerator\components\NOWImaging.dll
O2 - BHO: (no name) - {AE390722-A6AB-47DB-BFBD-06C986291B2C} - C:\WINNT\AppPatch\bvrul.dll (file missing)
O2 - BHO: (no name) - {B3D86720-11FA-492E-97E0-7411E80EF26D} - C:\WINNT\System32\ljjjjhh.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\Dodo Speed Accelerator\slipcore.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: Dodo Speed Accelerator.lnk = C:\Program Files\Dodo Speed Accelerator\slipgui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Natural Reader - {0DF757C4-9999-463C-A4EB-B6BF1D8D8D3D} - C:\Program Files\NaturalReaders\Natural Voice Text To Speech Software Standard\read.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesau.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesau.dll
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O14 - IERESET.INF: START_PAGE_URL=http://www.creative.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FCBF06D-6C43-4CE7-B33D-49DF38CB2146}: NameServer = 203.194.56.150 203.194.27.57
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FCBF06D-6C43-4CE7-B33D-49DF38CB2146}: NameServer = 203.194.56.150 203.194.27.57
O20 - Winlogon Notify: ljjjjhh - ljjjjhh.dll (file missing)
O20 - Winlogon Notify: WLogon - srvc.dll (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ZipToA - Unknown owner - C:\WINNT\System32\ZipToA.exe (file missing)

 

Yeah, go ahead and delete it.

Run a scan only with HiajckThis and check these:

[bold]O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\System32\pvcoartv.dll (file missing)
O2 - BHO: (no name) - {AE390722-A6AB-47DB-BFBD-06C986291B2C} - C:\WINNT\AppPatch\bvrul.dll (file missing)
O2 - BHO: (no name) - {B3D86720-11FA-492E-97E0-7411E80EF26D} - C:\WINNT\System32\ljjjjhh.dll (file missing)
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O20 - Winlogon Notify: ljjjjhh - ljjjjhh.dll (file missing)
O20 - Winlogon Notify: WLogon - srvc.dll (file missing) [/bold]

These entires were not showing before the rename. So, if these are not your IP fix them also.
[bold]O17 - HKLM\System\CCS\Services\Tcpip\..\{0FCBF06D-6C43-4CE7-B33D-49DF38CB2146}: NameServer = 203.194.56.150 203.194.27.57
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FCBF06D-6C43-4CE7-B33D-49DF38CB2146}: NameServer = 203.194.56.150 203.194.27.57[/bold]

Close all windows then click "Fix checked".

If you do fix those two 017 entires and loose internet connection afterwards you know they were yours. Just open HijackThis and click "View list of backups". Select those two and click "Restore".


Don't think you will find it, but search for this file and delete if found.
[bold]srvc.dll[/bold]

Also, I almost positive those randomly named files are not good. Delete them also. If access is denied with any, delete them in safe mode.

Restart and post a new HijackThis log. Also tell me if you are still recieving error when runing HjT or if you are having any other problems.

 

There were no problems with HJT and it seems no other visible problems. I searched for that .dll file but it didn't come up at all.

Logfile of HijackThis v1.99.1
Scan saved at 8:23:29 PM, on 22/10/2006
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\stisvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\WINNT\loadqm.exe
C:\Program Files\Creative\WebCam Control\CAMTRAY.EXE
C:\WINNT\System32\carpserv.exe
C:\Program Files\Dodo Speed Accelerator\slipcore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINNT\System32\ctfmon.exe
C:\Program Files\Dodo Speed Accelerator\slipgui.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\JHT\JackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.creative.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Dodo Speed Accelerator\PBHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Dodo Speed Accelerator\components\NOWImaging.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\Dodo Speed Accelerator\slipcore.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: Dodo Speed Accelerator.lnk = C:\Program Files\Dodo Speed Accelerator\slipgui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Natural Reader - {0DF757C4-9999-463C-A4EB-B6BF1D8D8D3D} - C:\Program Files\NaturalReaders\Natural Voice Text To Speech Software Standard\read.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesau.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.creative.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ZipToA - Unknown owner - C:\WINNT\System32\ZipToA.exe (file missing)

 

Log is now clean and your computer should be too.

Delete the quarantined files in AVGAS.
Open AVGAS > Infections > select all > click Remove finally.

Run ATF Cleaner again. You should also run it about once a week or so to clean temp files.

Optional: Get CCleaner(it's free) and run the "Issues fix"(aka registry cleaner). CCleaner will also clean temp files and cookies just like ATF Cleaner. So, if you want, you can remove ATF Cleaner if you get CCleaner.

Turn System Restore back on. This will create a new, clean restore point.

Java is out of date.
Go here and download [bold]Java Runtime Environment 5.0 Update 9[/bold].
Uninstall all previous versions of JRE via Add/Remove Programs.
Restart and install Update 9.

I don't see a firewall running on your machine. A firewall is very important. Many are offered for free such as:
Zone Alarm Free <- My personal favorite.
Agnitum Outpost Firewall
Kerio Personal Firewall

Remember to turn off Windows firewall if it is running.

How about Microsoft Office Suite? Still recieving the prompt to register?

 

Thanks for your help. I am having trouble turning on system restore again. I go to Start>Control panel>System but I cannot locate the 'system restore' tab option. Am I looking in the wrong place?

 

Eh, sorry about that. Windows 2000 doesn't have the System Restore feature.

You're welcome!

 

I have downloaded ZoneAlarm firewall and Java 9. Microsoft Activation Wizard was still prompting me to register, I don't know if I should have but I went ahead and did it. All of the details were those of the previous owner, since it was already registered to him. Nearly everything seems to be running okay although I have been having a few problems with the firewall. It took me 10 reboots to gety online because everything froze after it connected to the net/or my provider's customer log in portal would appear telling me that I had entered an invalid user/pass. At the moment I am not runing the firewall as I assumed it was this that was stopping me from acessing the net, and I needed to to be online to install Java. There were 23 attacks against my computer when it was on and I would like to get it going again so I'll turn it on now and see what happens. Thanks again for all your help.

 

Hmm, did you turn of Windows firewall? If so, might just be a conflict with another program on your computer. In that case, uninstall Zone Alarm and get a different firewall.

 

I wasn't aware there was a firewall on my OS, the previous owner had another machine designated as a firewall that protected his network. I can't see any mention a windows firewall in my directories. The problem with ZoneAlarm seems to be when I'm loading a page and a 'Privacy Advisor' alert appears, that is the precise moment when everything freezes. It actually has the option to turn it off in that message, but by the time it's appeared the screen has frozen so no luck there. I haven't been able to find another way to turn it off.

 

You have to allow programs access. Each time a program asks for permission to access the internet you will recieve a notice. You can choose to allow or block it. You can set the programs access manually via options. Open Zone Alarm > Program Control > Programs tab. You will see the list of all the programs. Under the Access column click the "?" for each program you would like to have access to the internet or allow to have trusted access.

Usually, you wil not have to set them manually because Zone Alarm will prompt you do you want to allow. Then you just check the "Always remember" and click Allow. The freezing will regain after you make a choice.

With any Privacy Advisor alerts just click the box for "do not show again".

I hope that is what you were asking.

 

Thanks for your advice. The main problem is that privacy advisor crashes the system before I have a chance to click its 'do not show again'option, other than that ZoneAlarm seems to be working well.

 

Oh, I see now.

Turn off the alerts manually.
Open Zone Alarm > Privacy > under Cookie Control click Custom > under Privacy Advisor uncheck the box > click OK.

That help?

 

Great, it's working fine now. Well thanks agian for all your help I really appreciate the effort you've put in to help me safeguard my computer. It's amazing how many people are trying to gain access to it!

 

Yes, you'd be very suprised to see how much money can be made in stealing people's info...it's insane!

Once again, you're very welcome.

Good luck!