how to remove security firewall alert

View previous topic View next topic Go down

how to remove security firewall alert

Post by dbenton on Thu Nov 26, 2009 3:31 pm

it keeps popping up. also i have virus on my computer please help!!!!!!!!!1

dbenton
Novice
Novice

Status :
Online
Offline

Posts : 6
Joined : 2009-11-26
OS : dell

View user profile

Back to top Go down

Re: how to remove security firewall alert

Post by dbenton on Thu Nov 26, 2009 4:25 pm

DDS (Ver_09-11-24.02) - NTFSx86
Run by User at 10:35:34.00 on Thu 11/26/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.187 [GMT -4:00]

AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Search Guard PlusU\sgpUpdaters.exe
C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
C:\Documents and Settings\All Users\Application Data\74703021\74703021.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\TBHYGHP8\dds[1].scr

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = iexplore
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BrowserHelper Class: {8a9d74f9-560b-4fe7-abeb-3b2e638e5cd6} - c:\program files\sgpsa\SearchAssistant.dll
BHO: Search Assistant: {f0626a63-410b-45e2-99a1-3f2475b2d695} - c:\program files\sgpsa\BHO.dll
BHO: Fast Browser Search Toolbar Helper: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\fast browser search\ie\FBStoolbar.dll
TB: Fast Browser Search Toolbar: {1bb22d38-a411-4b13-a746-c2a4f4ec7344} - c:\program files\fast browser search\ie\FBStoolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun: []
mRun: [SGPUpdater] c:\program files\search guard plusu\sgpUpdaters.exe
mRun: [FBSearch] c:\program files\search guard plus\SearchGuardPlus.exe
mRun: [MyWebSearch Plugin] rundll32 c:\progra~1\mywebs~1\bar\2.bin\M3PLUGIN.DLL,UPF
mRun: [74703021] c:\documents and settings\all users\application data\74703021\74703021.exe
mRun: [52977434] c:\documents and settings\all users\application data\52977434\52977434.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - [You must be registered and logged in to see this link.]
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

============= SERVICES / DRIVERS ===============

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-9-5 132040]
S2 crd;crd;c:\docume~1\sieral~1\locals~1\temp\ixp001.tmp\poststp.exe []

=============== Created Last 30 ================

2009-11-25 00:26:54 0 d-----w- c:\docume~1\alluse~1\applic~1\52977434
2009-11-25 00:26:16 0 d-----w- c:\docume~1\alluse~1\applic~1\74703021
2009-11-18 11:07:44 8192 ----a-w- C:\mtwb.dat
2009-11-18 00:52:38 0 d-----w- c:\program files\MyWebSearch
2009-11-18 00:12:35 0 d-----w- c:\program files\Search Guard PlusU
2009-11-18 00:12:35 0 d-----w- c:\program files\Search Guard Plus
2009-11-18 00:12:34 0 d-----w- c:\program files\SGPSA
2009-11-18 00:11:49 0 d-----w- c:\program files\Fast Browser Search
2009-11-18 00:11:40 0 d-----w- C:\users
2009-11-02 03:10:47 0 d-----w- c:\program files\MSXML 4.0
2009-11-02 01:21:55 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat
2009-11-02 01:21:34 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-11-02 01:16:26 0 d-----w- c:\docume~1\user\applic~1\Windows Search
2009-11-01 20:29:03 0 d-----w- c:\program files\Comcast
2009-11-01 20:27:06 0 d-----w- c:\program files\common files\SupportSoft
2009-11-01 20:27:06 0 d-----w- c:\program files\ComcastUI

==================== Find3M ====================

2009-11-26 14:27:42 1364528 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-06 02:34:27 179792 ----a-w- c:\windows\system32\guard32.dll
2009-09-05 14:02:41 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36:27 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36:24 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36:24 17408 ----a-w- c:\windows\system32\corpol.dll

============= FINISH: 10:37:01.51 ===============

dbenton
Novice
Novice

Status :
Online
Offline

Posts : 6
Joined : 2009-11-26
OS : dell

View user profile

Back to top Go down

Re: how to remove security firewall alert

Post by Belahzur on Thu Nov 26, 2009 8:48 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: how to remove security firewall alert

Post by dbenton on Sun Dec 13, 2009 10:27 pm

i ran this program and it took all night and the virus is still there. is there something else we can try. i copied what from the notepad and listed it above. please advise

dbenton
Novice
Novice

Status :
Online
Offline

Posts : 6
Joined : 2009-11-26
OS : dell

View user profile

Back to top Go down

Re: how to remove security firewall alert

Post by dbenton on Sun Dec 13, 2009 10:29 pm

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Search Guard PlusU\sgpUpdaters.exe
C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
C:\Documents and Settings\All Users\Application Data\74703021\74703021.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\TBHYGHP8\dds[1].scr

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = iexplore
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BrowserHelper Class: {8a9d74f9-560b-4fe7-abeb-3b2e638e5cd6} - c:\program files\sgpsa\SearchAssistant.dll
BHO: Search Assistant: {f0626a63-410b-45e2-99a1-3f2475b2d695} - c:\program files\sgpsa\BHO.dll
BHO: Fast Browser Search Toolbar Helper: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\fast browser search\ie\FBStoolbar.dll
TB: Fast Browser Search Toolbar: {1bb22d38-a411-4b13-a746-c2a4f4ec7344} - c:\program files\fast browser search\ie\FBStoolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun: []
mRun: [SGPUpdater] c:\program files\search guard plusu\sgpUpdaters.exe
mRun: [FBSearch] c:\program files\search guard plus\SearchGuardPlus.exe
mRun: [MyWebSearch Plugin] rundll32 c:\progra~1\mywebs~1\bar\2.bin\M3PLUGIN.DLL,UPF
mRun: [74703021] c:\documents and settings\all users\application data\74703021\74703021.exe
mRun: [52977434] c:\documents and settings\all users\application data\52977434\52977434.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - [You must be registered and logged in to see this link.]
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

============= SERVICES / DRIVERS ===============

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-9-5 132040]
S2 crd;crd;c:\docume~1\sieral~1\locals~1\temp\ixp001.tmp\poststp.exe []

=============== Created Last 30 ================

2009-11-25 00:26:54 0 d-----w- c:\docume~1\alluse~1\applic~1\52977434
2009-11-25 00:26:16 0 d-----w- c:\docume~1\alluse~1\applic~1\74703021
2009-11-18 11:07:44 8192 ----a-w- C:\mtwb.dat
2009-11-18 00:52:38 0 d-----w- c:\program files\MyWebSearch
2009-11-18 00:12:35 0 d-----w- c:\program files\Search Guard PlusU
2009-11-18 00:12:35 0 d-----w- c:\program files\Search Guard Plus
2009-11-18 00:12:34 0 d-----w- c:\program files\SGPSA
2009-11-18 00:11:49 0 d-----w- c:\program files\Fast Browser Search
2009-11-18 00:11:40 0 d-----w- C:\users
2009-11-02 03:10:47 0 d-----w- c:\program files\MSXML 4.0
2009-11-02 01:21:55 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat
2009-11-02 01:21:34 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-11-02 01:16:26 0 d-----w- c:\docume~1\user\applic~1\Windows Search
2009-11-01 20:29:03 0 d-----w- c:\program files\Comcast
2009-11-01 20:27:06 0 d-----w- c:\program files\common files\SupportSoft
2009-11-01 20:27:06 0 d-----w- c:\program files\ComcastUI

==================== Find3M ====================

2009-11-26 14:27:42 1364528 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-06 02:34:27 179792 ----a-w- c:\windows\system32\guard32.dll
2009-09-05 14:02:41 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36:27 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36:24 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36:24 17408 ----a-w- c:\windows\system32\corpol.dll

============= FINISH: 10:37:01.51 ===============
dbenton

Newbie Surfer




Posts: 5
Joined: 2009-11-26
Operating System: dell

dbenton
Novice
Novice

Status :
Online
Offline

Posts : 6
Joined : 2009-11-26
OS : dell

View user profile

Back to top Go down

Re: how to remove security firewall alert

Post by Belahzur on Mon Dec 14, 2009 12:09 am

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum