Hey guys. need help with firewall

Status
Not open for further replies.
A

Ashton

Hey everyone , im really new to dealing with viruses ive never really had a bad one before. I got one the other day which turned off my firewall and wouldnt allow me to turn it back on.
Ive run ewido and spybot and ive seemed to 'cured' it and the security warning has gone but my firewall still wont turn on. Im pretty sure the virus has gone but i just want to be sure.
(also the virus was giving me issues with msn turning it off n such. this mean ive infected other pc's?) would apreciate any feedback & sorry if ive posted in the wrong section.
Ill attach a scanlog if that will help.
thanks guys
ashton

*edit*read that scanlog lol think its pretty useless.
 
Go into the "Security" forum (I think you're here), and look at the various stickies. There is info for cleaning out lots of garbage, uses lots of techniques and programs and scanning and using Safe Mode and so on. You would be wise to follow those first.
Afterwards, come back here, and post a Hijackthis log as an attachment.

Once we KNOW you're clean, then we'll see about the firewall issue, because it's probably just a corrupt dll or service that needs restarted. But it's best to get clean first. No use brushing your hair when your clothes are covered in mud!
 
Hello and welcome to Techspot.

Go HERE and follow the instructions exactly.

Post fresh HJT and Ewido logs as attachments into this thread, only after doing the above.

Regards Howard :wave: :wave:

This thread is for the use of Ashton only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
thanks guys im just in the process of scanning my computer now. just wanted to add that since i had the virus my computer seems to be downloading or uploading and the connection seems really slow & im worried someone is either using my pc to upload or download more viruses. Also the security warning is back.
Ill post the log files as soon as the scans finished
Ashton

*edit* ok ive done the above. here are the log files
 
The logs look clean, except you should probably get rid of Limewire, I'm not sure but I think that one comes bundled with some kind of adware, plus you never know what junk will come in over P2P.

I take it you have also run Adaware and spybot scans, in Safe Mode, and cleaned the problems? Also download CrapCleaner from www.ccleaner.com and run that in Safe Mode, it will delete all your temps and such.

Next get the program Autoruns from http://www.sysinternals.com/Utilities/Autoruns.html
Open that up, right after it opens, hit ESC to cancel the scan. Then click Options and put a checkmark on "Hide signed microsoft...". Then click refresh to scan again.
When it's done, save the log file and attach it here.

Also try www.bitdefender.com and run their free online virus scan, it's pretty good. See what that finds.

Also explain in more detail what messages or "warnings" you are getting.
 
To confirm what Vig has said, your HJT log is clean.

There`s no sign of any firewall software in your HJT log. What firewall were you using?

If it was the windows firewall, then you`d be better off getting either the free Zonealarm or Kerio firewall programmes from HERE and HERE. Windows own firewall is absolute rubbish.

I agree with Vig, you should get rid of Limewire, for exactly the reasons he gave.

Regards Howard :)

This thread is for the use of Ashton only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Thanks vigilante and howard you've both been a great help. yeh i was using windows firewall but i downloaded zonealarm like you suggested seems alot better:) heres (hopefully the last) log. I have no idea how you guys make sense of it.
Im not getting warnings anymore since i downloaded zonealarm but when i go to turn"windows firewall" in control panel i get "Due to an unidentified problem, windows cannot display firewall settings" which isnt really a problem now as i have a better one.
 
I can`t see any problems in your Autoruns log.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of Ashton only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
The entry that says "File not found: D:\INSTALL\GMSIPCI.SYS" can be deleted, since the file can't be found. But ONLY delete this line.

As for the Windows firewall, you can fix it with a little research, trial and error. It's just a service or dll needs reregistering, maybe the INF needs reinstalled.
In any case, first read this thread here:
https://www.techspot.com/vb/topic16323.html

Then you can search Google for your exact error:
http://www.google.com/search?hl=en&...em,+windows+cannot+display+firewall+settings"

Then you could search for repairing the firewall:
http://www.google.com/search?source...GLJ:2006-06,GGLJ:en&q=repair+windows+firewall

Good luck.
 
recommendation ...

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background​
Uninstall this bugger. Many IM programs are easily compromised and become
back doors into your system -- even with a GOOD firewall and AV program installed.

In the corporate world, most companies forbid their use and place any users
on probation if found using them with users outside their private networks.
CAVEAT EMPTOR!
 
Just to relate to you my experience with firewall problems ....

A year ago, I upgraded from dial-up to DSL using the offer from Verizon to make a combined packaged of Verizon/MSN with my phone service. ( I am still waiting for Verizon to bring their FIOS alternative for Cable TV into my neighborhood.) However, Norton Firewall would not allow me access to MSN. In order to go online, I had to reset Norton Firewall to "off" and Windows Firewall to "on" via the XP Control Panel.

When I forwarded this information to Symantec, they directed me for what NF additions/upgrades I needed to download in order to use Norton and MSN. I have had no such problems since.

I hope that this information may help others with similar problems in the future.
 
Crispin L Fowle said:
However, Norton Firewall would not allow me access to MSN. In order to go online, I had to reset Norton Firewall to "off" and Windows Firewall to "on" via the XP Control Panel.

When I forwarded this information to Symantec, they directed me for what NF additions/upgrades I needed to download in order to use Norton and MSN. I have had no such problems since.
Click to expand...
hum; can you be specific as to what you could not access?
While I am not a subscriber, I can easily access www.msn.com.

point me in the right direction and I would like to attempt to config Comodo
with Firefox to access it......
 
The Verizon/MSN are my ISP. When I first subscribed to their services, Norton Firewall was preventing me form even getting on-line. The Verizon/MSN was an upgrade from dial-up to DSL and for a lower cost - even though it's their slowest DSL, it is still 13x faster.
 
Crispin L Fowle said:
The Verizon/MSN are my ISP. When I first subscribed to their services, Norton Firewall was preventing me form even getting on-line. The Verizon/MSN was an upgrade from dial-up to DSL and for a lower cost - even though it's their slowest DSL, it is still 13x faster.
Click to expand...
well I offered. this is usually a small adjustment to the FW rules.
If your happy -- so am I.
 
Win32 generic host

Hey guys thanks for your previous help, just a quick question. What is a "generic host process for Win32"? its in my zonealarm programs section. I thought before that the virus might be downloading or using my bandwidth somehow just wondering if this has something to do with it.
Thanks guys
Ashton
 
generic host process for Win32 is a legit process that needs access to the net. It is perfectly safe to allow. Tick the box that says Remember this setting, then click allow.

Regards Howard :)
 
it's a dummy stub program that is capable of loading and running code in
ANY other DLL. Neat way to deliver code for the developer, but P*** poor
for the system admin to manage :( one more reason I prefer Unix systems.
 
Status
Not open for further replies.

Similar threads

Julio Franco
Why Twitch fans donate money to wealthy streamers
Replies
21
Views
4K
TheDreams
TheDreams
S
Wi-fi issue
Replies
1
Views
1K
Cycloid Torus
Cycloid Torus
Julio Franco
Forget Bitcoin: These guys invest in Magic cards
Replies
7
Views
2K
dpj620
dpj620

Latest posts

Back