I recently encountered a virus that AVG picked up. My windows firewall seems to have stopped working (it was disabled and I am now unable to re-enable it) at the very same time (I'm assuming this has something to do with the virus, though I'm not up on this sort of thing).

Attached is my HJT log after running through the processes recommended on this site prior to posting said log.

This issue has been rather exhausting for me, I appreciate anyone who takes the time to have a look.

Attached Files

hijackthis.txt (4.9 KB, 2 views)

Hello and welcome to Techspot.

Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

ibm00001.exe

Close task manager.

Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files(if there).

C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"

Reboot into normal mode and turn system restore back on.

Forget Windows firewall it`s not very good. Get the free Zonealarm firewall from HERE.

Regards Howard

Howard,

Thank you very much for the reply. I was, however, unable to locate any of the files you mentioned for removal.

I will attempt to get the Zonealarm firewall you recommended, though I'm concerned that the issues I am experiencing with my Windows Firewall may be indicative of other problems existing on my machine as a result of the virus I picked up.

-Mike

You did In turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html as suggested?

If you would like to post a fresh hJT log, I`ll gladly check it to make sure the nasty entry has gone.

Regards Howard

I got Zonealarm up and running. I've disabled Windows Firewall for now. I'm already feeling more confident with the features I see with this app.

I will go through the motions again and post a new HJT log tomorrow after work. I appreciate your help so I thought I'd at least give you the courtesy of a post before I turn in for the night (I just can't devote anymore energy to this issue tonight).

Thanks so much, Howard!

Edit: Forgot to mention... Yes I did make sure I turned on "show all files."

That`s ok.

Thanks for the feedback.

Regards Howard