Solve : Virus Turned Off My Windows Firewall, Now Cant Tur? – InterviewSolution

InterviewSolution

1.	Solve : Virus Turned Off My Windows Firewall, Now Cant Tur?
Answer» I got a virus, and instantly it TURNED off my windows firewall and now it wont let me turn it back on! I immediately disabled my ''local area connection", but now when i go to enable it, it creates this "internet connection" icon too(in network connections), and it wont let me disable it( and when i click to disable it, my boyfriends computer , which is connected to the same router, instantly loses its connection. My internet still works though, unless i do what i just mentioned, but it works again when i unplug the modem and router, etc. But when i disable the local area connection, it goes away! So since then I installed a personal firewall, which hasnt helped, and about everyday I get the BLUE SCREEN OF DEATH(it shows up randomly). I know the BEST THING to do would be to reinstall windows, but i hate doing that, and thought id see if there was another way first. Any help or input would be very much appreciated!!! By the way, im running avg pro, and it caught the virus when it attacked, and said that it healed it, but it kept popping up. Ive also installed trojanhunter and that didnt help, also aluria scanner but no go on that since it doesnt let me remove anything without buying it. Someone on another site GAVE me some links to look at, but they were SO confusing and very tedious. I'm hoping for some help or any info here, IT WOULD BE GREATLY APPRECIATED! Thanks so much! Reply With Quote kelsmit3093...... Did you happen to get or have the name of the virus which attacked your machine. After going off line ...... Did you think turn off your system restore ? Did you reboot into safe mode and run your AVG pro ? dl65 i dont remember what the virus name was, and its been about 3 weeks or so since that happened and i run a scan with avg everyday and it doesnt find anything. ive seen a lot of people posting their hijackthis logs in the help forums, but i have no clue if it would be of any help to anyone, but ill post it anyways: Logfile of HijackThis v1.99.1 Scan SAVED at 2:51:55 AM, on 4/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wwSecure.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\PROGRA~1\SPYCLE~1\SpyWatcher.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\Starter.Exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Spy Emergency 2005\SpyEmergency.exe C:\Program Files\AdWare SpyWare SE\AdWare SpyWare SE.exe C:\Program Files\Webroot\Washer\wwDisp.exe C:\Program Files\MalwareSweeper.com\Malware Sweeper\MalSwep.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AdWare SpyWare SE\AdWare SpyWare SE.exe C:\Documents and Settings\KelSmit_3093\Desktop\HijackThis.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: (no name) - {60D3AAEB-AA39-4AE0-B2F9-E4AF0613A2A3} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Systran50premi.IEPlugIn - {9A0844DB-84CF-4440-BDB1-1F4F7C4F7FB0} - C:\Program Files\SYSTRAN\5.0\Premium\IEPlugIn.dll O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [Spy Watcher] "C:\PROGRA~1\SPYCLE~1\SpyWatcher.exe" -S O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [EnsoniqMixer] C:\WINDOWS\System32\Starter.Exe O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [SpyEmergency] "C:\Program Files\Spy Emergency 2005\SpyEmergency.exe" O4 - HKCU\..\Run: [Adware Spyware SE] C:\Program Files\AdWare SpyWare SE\AdWare SpyWare SE.exe O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe O4 - HKCU\..\Run: [Malware Sweeper] C:\Program Files\MalwareSweeper.com\Malware Sweeper\MalSwep.exe O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogI am no expert but theres something wrong with that log. Its only half a log. Malware Sweeper, Adware Spyware SE, SpyEmergency, Spy Watcher, SpywareTerminator all look sus to me.

Discussion

No Comment Found

Related InterviewSolutions