TechSpot

HJT log for review - windows firewall issue

By mikebob
Apr 11, 2006
  1. I recently encountered a virus that AVG picked up. My windows firewall seems to have stopped working (it was disabled and I am now unable to re-enable it) at the very same time (I'm assuming this has something to do with the virus, though I'm not up on this sort of thing).

    Attached is my HJT log after running through the processes recommended on this site prior to posting said log.

    This issue has been rather exhausting for me, I appreciate anyone who takes the time to have a look.
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

    Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    ibm00001.exe

    Close task manager.

    Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O4 - HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files(if there).

    C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"

    Reboot into normal mode and turn system restore back on.

    Forget Windows firewall it`s not very good. Get the free Zonealarm firewall from HERE.

    Regards Howard :wave: :wave:
     
  3. mikebob

    mikebob TS Rookie Topic Starter

    Howard,

    Thank you very much for the reply. I was, however, unable to locate any of the files you mentioned for removal.

    I will attempt to get the Zonealarm firewall you recommended, though I'm concerned that the issues I am experiencing with my Windows Firewall may be indicative of other problems existing on my machine as a result of the virus I picked up.

    -Mike
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    You did In turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html as suggested?

    If you would like to post a fresh hJT log, I`ll gladly check it to make sure the nasty entry has gone.

    Regards Howard :)
     
  5. mikebob

    mikebob TS Rookie Topic Starter

    I got Zonealarm up and running. I've disabled Windows Firewall for now. I'm already feeling more confident with the features I see with this app.

    I will go through the motions again and post a new HJT log tomorrow after work. I appreciate your help so I thought I'd at least give you the courtesy of a post before I turn in for the night (I just can't devote anymore energy to this issue tonight).

    Thanks so much, Howard!

    Edit: Forgot to mention... Yes I did make sure I turned on "show all files."
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    That`s ok.

    Thanks for the feedback.

    Regards Howard :)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...