20 replies to this topic

[Mike Rochip]

Can malware such as a dialer restart a service that has been disabled? I disabled the PCTel service on my PC and noticed it was running again. I think this service was installed some time ago when I tried an Internet phone program. I deleted the program and I don't think I have any apps that need this service.

Thanks-

[Andavari]

It matters how things are set up in (start > run > services.msc).

Not sure I'm correct on all this since I don't dabble with the service too often:
* Automatic meaning they'll automatically start when Windows does.
* Manual meaning you must start it. I'm sort of unsure about this one, in that I don't know if a program could start a service that is set to the startup type of Manual.
* Disabled meaning it won't run at all unless you change the startup type to at least Automatic or Manual.

[Mike Rochip]

Thanks, that's what I thought, maybe I did a System Restore or something and changed the setting.

I also noticed in the ZoneAlarm log that IEXPLORE.EXE keeps asking permission to be a server. But IEXPLORE.EXE is in the Internet Explorer folder on my C: partition which is an old Win98 OS I never use anymore. The IE installation I use is iexplore.exe on D: which is XP Home SP2. According to what I've found on the Web it sounds like I may have a back door trojan trying to "phone home." Anyway, I'll just have ZA block it and hopefully I'll figure it out. The eTrust scanner keeps crashing, I'm trying BitDefender now.

I don't know how you're doing it but I really appreciate the 24/7 Helpline you're running to answer all my questions !

Thanks again!

[lokoike]

IEXPLORE.EXE is Internet Explorer, which is why it is in the IE folder. I use ZoneAlarm as well, and periodically, when I run certain programs, it says that they are trying to act as a server. Usually, I get this warning about Firefox, since that is my default browser. If ZA comes up with something that I don't understand, I usually just tell it to Deny. Worst case senario, the program I was using doesn't run, and I just Allow it to next time. Nothing is harmed that way.

[Mike Rochip]

lokoike, on Jan 7 2006, 10:57 PM, said:

IEXPLORE.EXE is Internet Explorer, which is why it is in the IE folder. I use ZoneAlarm as well, and periodically, when I run certain programs, it says that they are trying to act as a server. Usually, I get this warning about Firefox, since that is my default browser. If ZA comes up with something that I don't understand, I usually just tell it to Deny. Worst case senario, the program I was using doesn't run, and I just Allow it to next time. Nothing is harmed that way.

Ummm, did someone say it was OK for you to talk to me? Perhaps you've forgotten about the "funniest joke of the year" incident. Let's review, shall we? It's New Year's Day and I'm surfin' the net all "Tra La La La La, I'm funny I'm cool started the New Year with a Great Joke lokoike's my pal he's got it goin' on!"

Then I'm like "What's that you're saying tiny part of my brain that still works? The New Year just started?! It's the funniest joke he's heard because it's the ONLY joke he's heard?" WTF? There went my Happy New Year.

And before you get all cocky with italics, this is what ZoneAlarm had to say:



You're probably right, though. What I love about getting info on the Web is exactly half the people say it's dangerous malware that must be removed at all costs, and the other half says if you remove it the ionosphere will implode.

Quote

If ZA comes up with something that I don't understand, I usually just tell it to Deny.

While I'm glad you have someone to talk to when ZA is confusing, hello, I think his name is probably spelled D-E-N-N-Y.

All kidding aside your funniest joke comment really cracked me up. I wish I could have seen the "heyyy, wait a second" look on my face when I (eventually) got it .

On a very serious note, I don't know how you managed to get a picture of my sister to use as your avatar, but if she sees it she's going to be pissed!

PS: If either you or Denny is interested, I just might be willing to give you her phone number.

[lokoike]

Sorry bout the italics; wasn't trying to be cocky, just trying to stress it. And the picture thing is totally umm... kobrakommander's fault.

Anyway, hope that helped you out a little.

[Mike Rochip]

lokoike, on Jan 8 2006, 07:33 AM, said:

Sorry bout the italics; wasn't trying to be cocky, just trying to stress it. And the picture thing is totally umm... kobrakommander's fault.

Anyway, hope that helped you out a little.

Don't be sorry, I was just trying to be funny. I just have a warped, depraved sense of humor. Or more accurately perhaps, lack of sense of humor. Anyway, I appreciate the help!

kobrakommander is too funny, I think that's why my sister has a thing for him ...

[lokoike]

Mike Rochip, on Jan 9 2006, 11:38 PM, said:

kobrakommander is too funny, I think that's why my sister has a thing for him ...

She does, eh? That kobrakommander is one lucky guy!

[Mike Rochip]

lokoike, on Jan 9 2006, 11:12 PM, said:

She does, eh? That kobrakommander is one lucky guy!

[Eldmannen]

I assume that it runs with full privilegies, so then it can do pretty much anything...

[lokoike]

Are you talking about Zone Alarm? It's a firewall, so it should have fairly extensive control over the your network; otherwise, how much good could it do? Don't you have a firewall? Or do you use a hardware firewall?

[Mike Rochip]

Quick update:

I ran Bitdefender (thanks Greenknight for the link) and it found 3 trojans the other scanners didn't and since then I don't have any programs like an old version of IE asking for permission to be a server so I think that there may have been some malware trying to phone home on my PC.

I like Bitdefender. It updates very quickly although the scan does take a fairly long time to run. Also by clicking on "show all files" as it scanned I was able to see I had a lot of unneeded files on my PC that were slowing down AV scans.

[Greenknight]

Mike Rochip, on Jan 12 2006, 04:00 PM, said:

Quick update:

I ran Bitdefender (thanks Greenknight for the link) and it found 3 trojans the other scanners didn't and since then I don't have any programs like an old version of IE asking for permission to be a server so I think that there may have been some malware trying to phone home on my PC.

I like Bitdefender. It updates very quickly although the scan does take a fairly long time to run. Also by clicking on "show all files" as it scanned I was able to see I had a lot of unneeded files on my PC that were slowing down AV scans.

After I posted that about the BitDefender online scan, I found out there's a version of the BitDefender scanner you can download for free! BitDefender 8 Free Edition:
http://www.bitdefender.com/PRODUCT-14-en--...ee-Edition.html

It's just the scan engine, without the realtime shield. I decided it would make a good backup for AVG, so I'm trying it out. I can testify that it's quite a bit faster than running the online scan (about 1/2 hr, for me), though still pretty slow. It uses a little memory all the time, up to about 20 Mb, even when it's not running (I don't understand why). It doesn't seem to slow down my computer any, though.

[kobrakommander56]

WAIT what! How come this has jsut come to my Attention!

Quote

She does, eh? That kobrakommander is one lucky guy!

[kobrakommander56]

sorry to break it to her, but im only 16.

And when im not on the forums, I'm flying jets with my old friend Maverick, and talking about MIG's

hahaha, i had to choose the crappiest pic i had AHAHA.

oh yeah and saving the world from the commies, damn you commies.

[lokoike]

I sure hope you guys used a condom when you were together.

They'd have some funny lookin kids, that's fer sure!

[kobrakommander56]

you just crossed the line, gross.

[lokoike]

No, just giving you crap. Returning the favor.

Can't be any worse than you eating people.

[kobrakommander56]

What crap, i didnt do anything?

[lokoike]

kobrakommander56, on Jan 19 2006, 10:47 PM, said:

What crap, i didnt do anything?

I'm still salty about being pwned not so very long ago.

No, seriously though, I was just kidding. Sorry if it came off as offensive, I was only joking.