Restoring windows firewall (plz help)

Discussion in 'NOD32 version 2 Forum' started by paranoidgamer, Nov 13, 2006.

Thread Status:
Not open for further replies.
  1. paranoidgamer

    paranoidgamer Registered Member

    Joined:
    Nov 13, 2006
    Posts:
    3
    awhile back (6months) i noticed my pc was lagging. so i decided to run some scans, and found an adaption of the Lemir virus. this virus is highly underated by noretons which got R@ped by it. so i put back on my trusty Zonealarm all in one suite, and returned to my gaming. like 2 weeks later i wanted a DL accelerator, so i got a free one, put it on and bam up come Spyware nuker saying its the apochalypse. i then ran ZA scan to no avail. then when i tryed to change my ZA settings it went crazy and locked. apon reboot same thing, my ZA was a basically a shell showing a menu.
    then on recomendation of a friend i got NOD32 and whalla , found about 80 infections of llemir virus, 120 on another pc and 60 on another. not to mention about 10 trojans from that stupid DL accelerator. But my windows firewall ceased to work again, i tryed restoring several ways but its dead, any1 know how i can restore it ? or if theres a patch to re-install it?

    Also i ran a defrag yesterday said i had 2.29 fragments per file on average, took like 3hours to finish, then i analysed 2day and i got 1.79 lol whats with that.

    atm im using Spyware nuker, Spyware doctor, ZA pro firewall, and NOD32, also got spybot too lol.
     
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi paranoidgamer, welcome to Wilders.

    If you find Windows system files affected, you can place your Windows CD in the drive, click start> run type in CMD, when the black window opens type in "sfc /scannow" SFC (System File Checker, a part of Windows File Protection) will replace any changed/damaged system files with a clean copy. SFC may not solve every problem, but it's a good start that anyone can do.

    Hope this helps...

    Let us know how you go.

    Cheers :D
     
  3. ASpace

    ASpace Guest

    @ Paranoidgamer

    What exactly does your Windows firewall says . Can you open it from Control Panel -> Windows Firewall ?

    If the firewall has been damaged by malware :

    1) Make sure your computer is completely clean

    Make sure your NOD32 is updated . Run a full scan with these settings
    Leave NOD32 to remove the infections

    Download Ewido Micro, run it , update it and push it full scan . Remove the infections found (if any)


    2) If you cannot start Windows Firewall , read these to fix it

    NOTE , you must be malware free before you try to repair your Windows Firewall (XP SP2)

    http://support.microsoft.com/kb/920074/en-us
    http://support.microsoft.com/default.aspx?kbid=875357

    :thumb:
     
  4. soyelmango

    soyelmango Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    8
    "...i wanted a DL accelerator, so i got a free one, put it on and bam up come Spyware nuker saying its the apochalypse..."

    Apart from some software by genuinely generous programmers, you should expect that freeware and shareware often comes with a catch - spyware or adware to support development. You just download free software and install it?!?! You've got to be more thorough in future before you even download the installer! Check user reviews at download.com, tucows.com, majorgeeks.com, softpedia.com - these should give you a far better idea of whether the software comes with spy/adware.

    And if you find clean freeware or shareware that you use a lot, be as generous as the programmer: contribute or register the software - it will only cost you a few dollars. Your support will encourage them to keep away from having to resort to adware.
     
  5. Durad

    Durad Registered Member

    Joined:
    Aug 13, 2005
    Posts:
    591
    Location:
    Canada
    Some malware also disable or destroy Windows Firewall.

    You can try this:

    Download http://windowsxp.mvps.org/reg/sharedaccess.reg and save it to your Desktop.

    Double click sharedaccess.reg and answer Yes when asked to merge it into the registry.

    Reboot.

    Once back in Windows click Start>Run and type in cmd and hit Enter. Once the command windows opens type in this... NETSH FIREWALL RESET and hit Enter. Wait for the command to complete. Exit the command box once it has completed. You should be able to access the Windows Firewall now.
     
  6. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    Probably way to easy but I`ll throw it out there anyways. The OP stated he installed ZASS. When you install it there is an option to disable the XP firewall. I do not know if he is still running it but thought I would throw this out for consideration. I run ZA Pro and never encountered this as all my fresh installs are done\patched off line. Then the XP security center & firewall is disabled. ZA is then installed as well as AV prior to going on line for any further updates.
     
  7. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    If you cannot get your windows firewall to work you could always try something like ghostwall or look'n'stop lite as they do the same job as the xp firewall but are a bit more configurable.
     
  8. paranoidgamer

    paranoidgamer Registered Member

    Joined:
    Nov 13, 2006
    Posts:
    3
    Sorry about not replying sooner, but our current house extension work denied me time to check this thread. I tried like different registry things, and 2 command prompt ones. And no it isnt ZA stopping it, even if i uninstall ZA my xp firewall, my xp one is no show.

    "Control Panel -> Windows Firewall ?"

    no that doesnt work.

    and my pc is marlware, spyware, everything free lol. i have run like 4 full scans with NOD32 and nothing.

    and yes at the time i was downloading files without scanning because i was overly confident with my pc and ability to remove malicious files.

    n thanks farmerlee i was gona get another firewall, was wondering if blackICE still were in business lol. i think im reformat after putting all my savegames and patch's (like 20gb worth) on dvd's. and steam too lol. then il get Nortons firewall 2007, i hear its pretty good, and put nod32 on of course.

    im gona find my xp disc after i unpack all my stuff from boxes, and il reply to whether that remedies the problem or not.
     
    Last edited: Nov 19, 2006
  9. ctrlaltdelete

    ctrlaltdelete Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    318
    Location:
    NL
  10. ASpace

    ASpace Guest


    Have you tried exactly what Me and Durad suggested you (it is the same by the way) -> http://support.microsoft.com/kb/920074/en-us

    Type exactly what it is written here (Method1) or use Durad's reg key (Method2) . Then restart and you are ready ;)
     
  11. paranoidgamer

    paranoidgamer Registered Member

    Joined:
    Nov 13, 2006
    Posts:
    3
    yes i tried your "methods" High tech boy, to the letter to no avail =(. thanks for all ur help guys but il see if the xp disk fixes it. among other things my paint, calculator, all audio recording software, and spelling files were removed. i have since replaced them all via copying from another pc. Funny that microsoft word doesnt use its own spelling file and instead relies on the ones inside xp.

    ty 'cntrlaltdelete' i just got that Microsoft baseline security analyzer, its pretty good. look what it said about my firewall lol "Windows Firewall is not installed or configured properly, or is not available on this version of Windows."
    thanks though, that program will surely be of more use in the future.
     
    Last edited: Nov 20, 2006
  12. ASpace

    ASpace Guest

    Thanks for letting us know . If you decide to reinstall your Windows (in order to fix these issues) you can read here a brief description how to do it and essential things to do afterwards

    :thumb:
     
Thread Status:
Not open for further replies.