This is suuuuper annoying

Hi all, WinXP SP2, IE7, fully patched, ZoneAlarm Free, AVG Free, Spybot S&D. Lots of experience with malware removal etc. Friggin 23 year programmer for crissake.

I usually run Firefox (well, Minefield actually) and I noticed my downloads were getting deleted immediately after completing.

I use this computer for work so I just figured I'd try and get on with it, and I opened up IE and tried downloading with that. IE says "Your current security settings do not allow this file to be downloaded." I reset the security settings to defaults. Still no go. Opera and Safari (Win32 version) both have no problems saving files. All my other programs still work fine. I began to suspect a virus.

I had some crap from AIM, some stupid service thing. Viewpoint, that was it. AIM and Veiwpoint were manually removed. The program and all the files related have been deleted. I didn't bother with the some of the registry entries as there was a ton of them.

So basically I have re-installed Minefield now and I still can't download with it, the file shows on my desktop until it's complete and then it disappears.

Then I noticed that all my network connections are gone as well. I'm still connected and I can see traffic on ZoneAlarm, but the Network Connections folder is empty.

I saw some forum threads about Windows defender racing with AVG and causing this, but I don't have (or want) defender. Also I have disabled the Minefield/AVG integration and still no downloads.

When I drag images out to my desktop from a browser window, they save fine that way, just not when it goes through the "downloads" thing in Minefield (Firefox 3).

I'm going to attach a HiJackThis! log and hopefully it's just a crappy virus that has been ducking my AV software. If not, any tips to get my Network Connections and my download capability back would be great.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:27:57 PM, on 2/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal


--
End of file - 6552 bytes

I looked this over but it all looks right to me, if anyone can think of anything else I could do or check, please let me know. This forum wasn't letting me post so sorry if this is a duplicate thread, I couldn't see my thread after posting.

Thanks in advance, Ffoeg

 

Welcome to MajorGeeks.com!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

Read & RUN ME FIRST Before Asking for Support

 

Turns out what had happened was I had upgraded ZoneAlarm to the Pro trial thing and that was screwing everything right up so I uninstalled it and re-installed the free edition. Unfortunately the Anti-Virus and some other components of ZA Pro were still left behind and they were running 'decapitated'.

The AV integration of IE7 and Minefield were triggering this decapitated scanner and I guess with no definitions handy or something it was just deleting every file it saw. Thank god ZA Free didn't try a full system scan at any point!

My system is back to it's original state (minus firewall, but I'm behind a locked down router for now anyway) and I am a happy camper. Thanks for your time and bear in mind that ZAPro doesn't fully uninstall and will completely botch a system when you try to downgrade. The symptoms will be:

* No network connections shown in the "Network Connections" folder
* Any program that integrates MS Office virus scanning will be deleting every single file it tries to scan.

 

Hi Ffoeg,
Welcome to Major Geeks!

I haven't ever heard of this before. I wonder if this might be a problem between Zone Alarm and Minefield. It sounds like you took the right steps and managed to avoid a lot of problems.

Thanks for the info!
abri