Help---My Firewall keeps turning of automatically

View previous topic View next topic Go down

Help---My Firewall keeps turning of automatically

Post by uvita on Tue Apr 14, 2009 3:11 pm

I have noticed a couple of days now...my firewall keeps turning off...I have to put it on in the morning and it stays all day on and then when i turn computer off and start it next day i have to turn firewall again....Need help knowing why. Have run spybot and antivirus and no virus detection is there therefore wondering why this is happening

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by Belahzur on Tue Apr 14, 2009 4:03 pm


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run
  • When complete, DDS.txt will open.
  • Save the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by uvita on Tue Apr 14, 2009 6:03 pm

DDS (Ver_09-03-16.01) - NTFSx86
Run by Deepa at 13:00:21.85 on Tue 04/14/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.959.125 [GMT -5:00]

AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Outdated)
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\o2flash.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\2Wire Wireless\Client Manager\CMTWO.EXE
C:\Program Files\RALINK\Common\RaUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Deepa\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uSearch Bar = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\sdra64.exe,
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
uRun: [Power2GoExpress] "c:\program files\cyberlink\power2go\Power2GoExpress.exe" /Startup
uRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [PRISMSVR.EXE] "c:\windows\system32\PRISMSVR.EXE" /APPLY
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
mRun: [Corel File Shell Monitor] c:\program files\corel\corel paint shop pro photo x2\CorelIOMonitor.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\2wirew~1.lnk - c:\program files\2wire wireless\client manager\CMTWO.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\windows\system32\imslsp.dll
LSP: c:\windows\system32\zonelabs\vetredir.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - [You must be registered and logged in to see this link.]
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\deepa\applic~1\mozilla\firefox\profiles\42cws0hp.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll

============= SERVICES / DRIVERS ===============

R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2006-2-27 34880]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2006-2-20 29056]
R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2009-1-20 11840]
R1 NEOFLTR_600_12507;Juniper Networks TDI Filter Driver (NEOFLTR_600_12507);c:\windows\system32\drivers\NEOFLTR_600_12507.sys [2007-12-27 64160]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2006-6-20 372816]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2009-1-20 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2009-1-20 151297]
R2 Machnm32;Machnm32 Driver;c:\windows\system32\Machnm32.sys [2006-6-20 2304]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2009-1-20 52032]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S3 CAISafe;CA ISafe;c:\windows\system32\zonelabs\isafe.exe [2006-6-20 188416]
S3 PhnxVcd;PhnxVcd;c:\windows\system32\drivers\phnxvcd.sys [2006-6-20 45056]
S3 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2006-6-20 21605]
S3 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2006-6-20 15668]
S3 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2006-6-20 108453]
S3 VETMONNT;VET File and Macro Monitor;c:\windows\system32\drivers\vetmonnt.sys [2006-6-20 541733]
S3 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S4 Bscrr_lmn;Bscrr_lmn;c:\windows\system32\drivers\AegisP.sys [2006-6-20 20747]

=============== Created Last 30 ================

2009-04-14 10:56 37,397 a------- C:\s3o84k.jpg
2009-04-11 11:07 19,079 a------- c:\windows\system32\wincode.dat
2009-04-11 11:07 6,407 a------- c:\windows\system32\krncode.dat
2009-04-11 11:07 1,575 a------- c:\windows\system32\pwrcode.dat
2009-04-11 11:07 21,504 a------- c:\windows\system32\nsysp.ini
2009-04-11 11:07 17,408 a------- c:\windows\system32\osysp.dat
2009-04-11 11:07 988,672 a------- c:\windows\system32\nsysk.ini
2009-04-11 11:07 984,576 a------- c:\windows\system32\osysk.dat
2009-04-11 11:07 659,456 a------- c:\windows\system32\osysw.dat
2009-04-11 11:07 663,552 a------- c:\windows\system32\nsysw.ini
2009-04-11 11:07 --dsh--- c:\windows\system32\lowsec
2009-04-11 11:07 35,840 a------- c:\windows\system32\sys.dat
2009-04-11 11:07 28,880 a------- c:\windows\system32\ldshyf1.old

==================== Find3M ====================

2009-04-01 11:58 952 a--sh--- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2009-03-26 18:55 7,168 a--sh--- c:\program files\Thumbs.db
2009-02-26 00:35 2,828 a--sh--- c:\windows\system32\KGyGaAvL.sys
2009-02-09 05:19 1,846,272 a------- c:\windows\system32\win32k.sys
2009-01-13 21:29 30,616 a------- c:\docume~1\deepa\applic~1\GDIPFONTCACHEV1.DAT
2008-07-29 19:48 88 ---shr-- c:\windows\system32\96BED014D3.sys

============= FINISH: 13:01:40.96 ===============

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by Belahzur on Tue Apr 14, 2009 6:08 pm

Hello.
Two things here.

You are running two AV's, this is a bad idea as they can conflict and cause problems. I see Zonealarm and Avira.

Now, Zonealarm has their own firewall, which I don't know if that's installed here. But if it is, then that's why the Windows firewall is off. You can't have two firewalls running, same as you can't have two AV's running.

Second, you are also infected with a rootkit, so we'll deal with that first.

1. Please download The Avenger by Swandog46 to your Desktop
Link: [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].

  • Click on Avenger.zip to open the file
  • Extract avenger.exe to your desktop

2. Now, start The Avenger program by clicking on its icon on your desktop.

  • Leave the script box empty.
  • Leave the ticked box "Scan for rootkit" ticked.
  • Then tick "Disable any rootkits found"
  • Now click on the Execute to begin execution of the script.
  • Answer "Yes" twice when prompted.

    The Avenger will automatically do the following:

  • It will Restart your computer.
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avengerís actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
3. Please copy/paste the content of c:\avenger.txt into your reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by uvita on Tue Apr 14, 2009 7:30 pm

Hi...here it is...it seems to say no rootkits found

Logfile of The Avenger Version 2.0, (c) by Swandog46
[You must be registered and logged in to see this link.]

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Completed script processing.

*******************

Finished! Terminate.

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by Belahzur on Tue Apr 14, 2009 7:32 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by uvita on Tue Apr 14, 2009 8:06 pm

here it is

Malwarebytes' Anti-Malware 1.36
Database version: 1983
Windows 5.1.2600 Service Pack 2

4/14/2009 2:53:01 PM
mbam-log-2009-04-14 (14-53-01).txt

Scan type: Quick Scan
Objects scanned: 84943
Time elapsed: 9 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 1
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: c:\windows\system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.

Folders Infected:
C:\WINDOWS\system32\lowsec (Stolen.Data) -> Delete on reboot.

Files Infected:
C:\WINDOWS\system32\lowsec\local.ds (Stolen.Data) -> Delete on reboot.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.Data) -> Delete on reboot.
C:\WINDOWS\system32\lowsec\user.ds.lll (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sys.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\wpv481239053699.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sdra64.exe (Trojan.FakeAlert) -> Delete on reboot.

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by Belahzur on Tue Apr 14, 2009 8:14 pm

Hello.
Re-run DDS now, so I can see an updated log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by uvita on Tue Apr 14, 2009 8:19 pm

Hi...here it is

DDS (Ver_09-03-16.01) - NTFSx86
Run by Deepa at 15:16:48.84 on Tue 04/14/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.959.351 [GMT -5:00]

AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Outdated)
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\o2flash.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\2Wire Wireless\Client Manager\CMTWO.EXE
C:\Program Files\RALINK\Common\RaUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Deepa\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uSearch Bar = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
uRun: [Power2GoExpress] "c:\program files\cyberlink\power2go\Power2GoExpress.exe" /Startup
uRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [PRISMSVR.EXE] "c:\windows\system32\PRISMSVR.EXE" /APPLY
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
mRun: [Corel File Shell Monitor] c:\program files\corel\corel paint shop pro photo x2\CorelIOMonitor.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\2wirew~1.lnk - c:\program files\2wire wireless\client manager\CMTWO.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\windows\system32\imslsp.dll
LSP: c:\windows\system32\zonelabs\vetredir.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - [You must be registered and logged in to see this link.]
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\deepa\applic~1\mozilla\firefox\profiles\42cws0hp.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll

============= SERVICES / DRIVERS ===============

R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2006-2-27 34880]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2006-2-20 29056]
R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2009-1-20 11840]
R1 NEOFLTR_600_12507;Juniper Networks TDI Filter Driver (NEOFLTR_600_12507);c:\windows\system32\drivers\NEOFLTR_600_12507.sys [2007-12-27 64160]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2006-6-20 372816]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2009-1-20 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2009-1-20 151297]
R2 Machnm32;Machnm32 Driver;c:\windows\system32\Machnm32.sys [2006-6-20 2304]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2009-1-20 52032]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S3 CAISafe;CA ISafe;c:\windows\system32\zonelabs\isafe.exe [2006-6-20 188416]
S3 PhnxVcd;PhnxVcd;c:\windows\system32\drivers\phnxvcd.sys [2006-6-20 45056]
S3 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2006-6-20 21605]
S3 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2006-6-20 15668]
S3 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2006-6-20 108453]
S3 VETMONNT;VET File and Macro Monitor;c:\windows\system32\drivers\vetmonnt.sys [2006-6-20 541733]
S3 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S4 Bscrr_lmn;Bscrr_lmn;c:\windows\system32\drivers\AegisP.sys [2006-6-20 20747]

=============== Created Last 30 ================

2009-04-14 14:39 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-14 14:39 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-14 14:39 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-04-14 10:56 37,397 a------- C:\s3o84k.jpg
2009-04-11 11:07 19,079 a------- c:\windows\system32\wincode.dat
2009-04-11 11:07 6,407 a------- c:\windows\system32\krncode.dat
2009-04-11 11:07 1,575 a------- c:\windows\system32\pwrcode.dat
2009-04-11 11:07 21,504 a------- c:\windows\system32\nsysp.ini
2009-04-11 11:07 17,408 a------- c:\windows\system32\osysp.dat
2009-04-11 11:07 988,672 a------- c:\windows\system32\nsysk.ini
2009-04-11 11:07 984,576 a------- c:\windows\system32\osysk.dat
2009-04-11 11:07 659,456 a------- c:\windows\system32\osysw.dat
2009-04-11 11:07 663,552 a------- c:\windows\system32\nsysw.ini
2009-04-11 11:07 28,880 a------- c:\windows\system32\ldshyf1.old

==================== Find3M ====================

2009-04-14 14:57 7,168 a--sh--- c:\program files\Thumbs.db
2009-04-01 11:58 952 a--sh--- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2009-02-26 00:35 2,828 a--sh--- c:\windows\system32\KGyGaAvL.sys
2009-02-09 05:19 1,846,272 a------- c:\windows\system32\win32k.sys
2009-01-13 21:29 30,616 a------- c:\docume~1\deepa\applic~1\GDIPFONTCACHEV1.DAT
2008-07-29 19:48 88 ---shr-- c:\windows\system32\96BED014D3.sys

============= FINISH: 15:17:47.25 ===============

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by Belahzur on Tue Apr 14, 2009 8:36 pm

Hello.
Do you know what this picture file is?
C:\s3o84k.jpg

If you do, please move it from the root of C drive, because it looks somewhat suspicious just sitting there.
If you don't know what is it, delete it.

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    c:\windows\system32\wincode.dat
    c:\windows\system32\krncode.dat
    c:\windows\system32\pwrcode.dat
    c:\windows\system32\nsysp.ini
    c:\windows\system32\osysp.dat
    c:\windows\system32\nsysk.ini
    c:\windows\system32\osysk.dat
    c:\windows\system32\osysw.dat
    c:\windows\system32\nsysw.ini
    c:\windows\system32\ldshyf1.old
    C:\Documents and Settings\Deepa\Desktop\dds.scr


  • Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by uvita on Tue Apr 14, 2009 8:53 pm

this i what it gave me...it did not ask me to reboot and I did not get a log

========== FILES ==========
c:\windows\system32\wincode.dat moved successfully.
c:\windows\system32\krncode.dat moved successfully.
c:\windows\system32\pwrcode.dat moved successfully.
c:\windows\system32\nsysp.ini moved successfully.
c:\windows\system32\osysp.dat moved successfully.
c:\windows\system32\nsysk.ini moved successfully.
c:\windows\system32\osysk.dat moved successfully.
c:\windows\system32\osysw.dat moved successfully.
c:\windows\system32\nsysw.ini moved successfully.
c:\windows\system32\ldshyf1.old moved successfully.
C:\Documents and Settings\Deepa\Desktop\dds.scr moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04142009_155136

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by Belahzur on Tue Apr 14, 2009 9:04 pm

We can remove OTMoveIt now.

  • Please double-click OTMoveIt3.exe to run it again.
  • Press the green CleanUp! button.
  • Press Yes cleanup process prompt, do the same for the reboot prompt.
How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by uvita on Tue Apr 14, 2009 9:55 pm

it is working like it was before meaning it working fast and not slow

Do I need to turn off system restore and start back

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by Belahzur on Tue Apr 14, 2009 9:58 pm

Not yet, we aren't done.

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • When Hijack This opens, click "Open the Misc Tools section"
  • Then select "Open Uninstall Manager"
  • Click on "Save List..." (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by uvita on Tue Apr 14, 2009 11:43 pm

Hi..here it is:

2Wire Wireless Client
2Wire Wireless Client Manager V3.02
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash CS3
Adobe Flash CS3 Professional
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Flash Video Encoder
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS
Adobe Reader 8.1.2
Adobe Setup
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Agere Systems HDA Modem v6081
Apple Mobile Device Support
Apple Software Update
Avira AntiVir Personal - Free Antivirus
Bejeweled 2 Deluxe
Bonjour
Bytescout SWF To Video Scout
Citrix Presentation Server Client
ClamWin Free Antivirus 0.91.2
Corel Paint Shop Pro Photo X2
Critical Update for Windows Media Player 11 (KB959772)
DivX Codec
DivX Player
DivX Web Player
Google Talk (remove only)
Google Updater
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
iSpring Free 3.2.0
Juniper Networks Secure Application Manager
Kundli for Windows (Professional Edition)
Malwarebytes' Anti-Malware
MediaShow 3.0
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office XP Professional with FrontPage
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Web Publishing Wizard 1.52
Mozilla Firefox (3.0.8)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
Nero 6 Ultra Edition
Norton Security Scan
Norton Security Scan (Symantec Corporation)
NVIDIA Drivers
O2Micro Flash Memory Card Windows Driver V2.04
PDF Settings
QuickTime
Ralink Wireless LAN Card
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Spybot - Search & Destroy
Total Video Converter 3.02
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update Rollup 2 for Windows XP Media Center Edition 2005
VC80CRTRedist - 8.0.50727.762
VideoLAN VLC media player 0.8.6c
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Media Center Edition 2005 KB925766
WinRAR archiver
Yahoo! Browser Services
Yahoo! Messenger
Yahoo! Toolbar
ZoneAlarm Security Suite

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by Belahzur on Tue Apr 14, 2009 11:47 pm

Hello.

You are running more than one AV (antivirus), this is a bad idea as they can conflict and cause problems. I see Avira - Zonealarm - Norton.
I would recommend that you remove Zonealarm and Norton to avoid conflict and other future problems.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

  • Adobe Reader 8.1.2
  • Norton Security Scan
  • Norton Security Scan (Symantec Corporation)
  • ZoneAlarm Security Suite

I see you have VLC player installed. You are running an old versions and needs updating.

Download and install [You must be registered and logged in to see this link.]
When installing, it will ask if you want to uninstall the old version first before it can install the new version, so please select yes and allow it to install.

Then download and install [You must be registered and logged in to see this link.]

Let me know how the machine is running after you have done all that.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by uvita on Wed Apr 15, 2009 1:04 am

it's running a little faster than before.

One question before i delete Zone Alarm. I do not have Zone Alarm Antivirus installed..i only use their firewall as my Avira Antivirus is the free one and that does not have firewall...do u still want me to uninstall it?

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by Belahzur on Wed Apr 15, 2009 1:08 am

Hello.
I see differently. DDS tells me this:

AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Outdated)

If you want a firewall, I recommend Comodo/Kerio. So yes, uninstall it.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by uvita on Wed Apr 15, 2009 3:49 am

ok i will

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by Belahzur on Wed Apr 15, 2009 2:21 pm

We need to make a new restore point.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]
A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
[You must be registered and logged in to see this link.]
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or
[You must be registered and logged in to see this link.]
A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found [You must be registered and logged in to see this link.].

Hopefully this should take care of your problems! Good luck. Big Grin


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Help---My Firewall keeps turning of automatically

Post by uvita on Thu Apr 16, 2009 6:15 pm

Thanks

uvita
Intermediate
Intermediate

Posts Posts : 163
Joined Joined : 2009-01-06
OS OS : Windows Vista with Media Edition
Points Points : 29850
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum