# Fake Error Message



## Brooks3434 (May 13, 2007)

Hello, Ive written threads pertaining to this topic in the past, and I was instructed to use prevx 2.0. 

I am having a fake error message pop up saying, "There Is No Dial Tone".

Now, prevx worked and blocked this error message coming up, but the trial period ran out and I can't pay for the full version. My computer has been having problem after problem with addware, malware, and viruses. My antivirus systems (AVG and what was prevx until the trial ran out) detected these problems only after Firefox internet browser is open on a web page for a certain period of time. Once prevx's trial ran out, the error message continued.

I don't know if something is attacking my ports as they open, or what the deal is. My server is based out of Greece (im currently stationed in Iraq serving in the Army) and I hear there have been some odd malware and viruses coming out of there.

I have free version of Zonealarm as my firewall, and I have free AVG as my anti virus system. I just installed and used spybot to delete 71 errors that it found. The problem is still not fixed. Is there an application I need to make sure these ports that are opened are protected? I don't think my current firewall is doing a 100% efficient job.

Today, my computer suffered a crash forcing me to reboot the computer in safe mode and restore the setting to a previous date. My computer rebooted, and all is well except for the fake error messages, and what not.

In blatant terms, my computer is [email protected]#*ed. I know you guys are all brilliant with this kind of stuff and I really appreciate your help youve done in the past. I need to donate some if you guys have a solution... Id feel guilty otherwise :/

Here is my Hijackthis information and thanks again:
Logfile of HijackThis v1.99.1
Scan saved at 12:24:17 AM, on 8/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\acs.exe
E:\AVG\avgamsvr.exe
E:\AVG\avgupsvc.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Program Files\Atheros\ACU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
E:\AVG\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
E:\DAEMON Tools\daemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" //mailurl:mailto:[email protected]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - E:\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: (no name) - {B718EA9B-A6BB-4DB3-9CFE-4839F2F8ACD2} - C:\WINDOWS\system32\hacikvxq.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - E:\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] E:\AVG\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx2\PXConsole.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "E:\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://E:\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://E:\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://E:\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://E:\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCD769E-EAA9-4169-9A0C-B37CA1794417}: NameServer = 62.68.95.11,62.68.64.11
O20 - Winlogon Notify: ddcyv - C:\WINDOWS\
O20 - Winlogon Notify: nnnkhed - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winpdc32 - C:\WINDOWS\SYSTEM32\winpdc32.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\System32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\AVG\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\AVG\avgupsvc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Unknown owner - C:\Program Files\Canon\CAL\CALMAIN.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx2\PXAgent.exe" -f (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


----------



## Brooks3434 (May 13, 2007)

Bump Bump Bump


----------



## Go The Power (Mar 5, 2007)

Hello and welcome to TSF :wave:

You have posted your logs in the wrong section,...

I would recommend that you go *here*; read and follow the instructions very carefully; then, post all the requested logs and information; as instructed, to *here*. _(Just click on the coloured links.)_

Once done, please be patient, as the Security Team Analysts are usually very busy; one of them will answer your request as soon as they can.


Good luck :smile:

Please also remember *DO NOT* post your logs in this thread, please start a new thread *here*. _(Just click on the coloured link.)_ and post the logs.

Kind regards.


----------

