Ignoring it a good idea "No firewall notice"

Kitari

Solid State Member
Messages
6
Every time i log onto the computer, a notice will pop up telling me that my firewall is not turned on, the first time this happened I got majorly ran over on the virus highway. I don't know why but I clicked it and my firewall was in fact off, perplexed i turned it back on, only to now discover my other settings were turned off. From then on i was bombarded with Trojans and worms like never before. i couldnt do anything, avast was having heart attacks. I got a real bad virus (two actually) in my active working memory. This all happened over the course of 3 days, the 3rd day was so bad i couldn't do anything. (this is when the two viruses got into my working memory)

Avast wound up doing an emergency shut down in order to get rid of them. Once they were gone I had just enough time to download a couple things (like say malware and spyware detectors and ad aware) These found and destroyed others that avast missed. but I kept getting the virus' comming in (from one website mainly) I finally got noscript on my computer and that stopped all of those from coming in from the adds and random redirects the site put me through.

So far to date noscipt has helped alot, yes it is a hassle at times to open up a web site or not, but I figure the more secure the better.

Now as for that no fire wall notice.

Its still popping up, after what happened the first time i clicked it Ive been warily ignoring it, apparently its only on my side of the computer. i have ran and checked my fire wall manually and it was shown to be on, and usually within 10 seconds the notice leaves entirely not even showing the little "no firewall" icon.

so my main quation is, is it ok to ignore it?
 
If it is not Windows generating the error from Windows Security Center (double check this by going into your Control Panel, and checking the settings for your Windows firewall), then it is a rogue infection.

Based on the fact that your system was already clearly infected, I can tell you from my experience that your system probably still has some traces of malware in there. Very often you'll run across an A/V utility that seems to have caught everything, but malware can run as a service and or driver of the system, and replicate. This not only makes detection and removal more difficult, but can make your overall performance poor.

You can try some removal utilities such as Malwarebytes' Anti-Malware (recommended by Atomic) which I have used on a personal system before (never used on a client's system). It caught a few traces left over when I couldn't even get the system to boot to a physical environment or safe mode! Great little utility indeed..

I also have used Kaspersky before, and would recommend doing at least one sweep with that.

-

The best advice I could give you overall would be doing your scans in safe mode to ensure that as little as possible is running. It'll speed up your scans, and also help to ensure that files normally running may not be, so that they may be disinfected.

Before doing any scans, you should do a full temporary file cleanup and remove any temporary files from the system. This will help to speed up your scans, by removing any unnecessary files beforehand. Remember that if your simply sending them to your recycle bin, clear that out as well.

You may wish to disable System Restore and then restart.. this will clear all of your system restore points. - Warning: This will delete all of your system restore points so you will not be able to restore to a previous date! Though this may seem as a big risk to some, it'll help you in the long run. First off, many infections can store themselves into the system restore files, thus remaining executable unless deleted. Second, again.. to speed up your scans, deleting these files is necessary.

Run some of the following scanners, and remove everything found..
Kaspersky
Search and Destroy
Spyware Doctor
Ad-Aware Personal
Norton Antivirus
McAfee Antivirus
Trend Micro Virus Scan
Ewido
Webroot System Analyzer
HiJackThis!

After you've run everything, check the start-up processes, services, drivers.. disable anything that doesn't appear legitimate. If nothing else, go to the image file and check the creation date. If the creation date doesn't make things obvious (such as "Created Feburary 22nd), then check the Application Properties. Chances are, if nothing is listed for Title, Company, ect.. it is part of the infection.

I manually check the following folders when doing a virus removal after all the scans have gone through, and would advise you to do so as well if you feel confident..
Windows\System32
Windows\System32\Drivers

I'm looking for suspicious files that have been created very recently, or files that I know don't belong there. For example, some infections will create the same name files such as TmSSd.dll, and I'll recognize that and erase it. When in doubt, just google.com the name of the file and I'm sure something will come up for you as to whether it is safe or infectious.

If the name of the file seems randomly generated, its been created recently, and has no properties.. I'd say delete it. For example, ksdakjnhd.dll is likely a virus.. since not many companies slap their face onto the keyboard when creating dependencies. Though once again, if you don't know exactly what your doing.. this could turn out badly! Make sure you consult with someone, or do your research before EVER deleting a system file!

After running all of these removal utilities, you may want to run a policy scanner and check if there has been any irregular policies set for the computer such as "NoActiveDesktop" or something else undesired. If so, the scanner should allow you to fix that within the same utility.

After doing a complete removal of a virus(i), you may experience start-up errors because now those start-up processes may still be there, but are pointing to a non-existent start-up image (eg: deleted virus). You may either delete this start-up process, disable it, or run a registry cleaner such as CCleaner or Registry Mechanic. - There is a torn view on registry repair utilities, as they allegedly can cause damage to programs and or the operating system by deleting necessary keys. I've yet to have a failure due to a registry repair utility, though I see how it is certainly possible. Always do a registry backup before editing / repairing the registry in any way!

All in all, this is a wall of text. - Your malware infection may be simple to remove, and require nothing more than removing one or two infectious start-up processes. Though, having done this for quite a while, I assume things are worst than they seem and always investigate the entire possibility rather than taking the shortcut to a solution.

If removal isn't an option, you may always do a "destructive restore" if it is a manufactured PC, or simply reinstall Windows. While this will get rid of the virus completely, you'd lose data as well.. so back everything up first!

For safety reasons, I'd scan everything you backup before opening it on a clean PC!

Good luck, and if you have any questions.. feel free to private message me or post here. I'll help you to the best of my ability..
 
You can not run more than one anti virus program on your rig at a time. Don't fool with Norton. It's bloatware and is 100 times worse than any known virus and AOL combined to get back off of your system.

And you left out ESET. Nod32 is one of the top rated anti virus program on the market today. Also you get to test drive a fully functional copy for 30 days for FREE.
 
You can not run more than one anti virus program on your rig at a time. Don't fool with Norton. It's bloatware and is 100 times worse than any known virus and AOL combined to get back off of your system.

And you left out ESET. Nod32 is one of the top rated anti virus program on the market today. Also you get to test drive a fully functional copy for 30 days for FREE.

Correct on both statements.. Perhaps I forgot to mention that after running these utilities, you would remove them.. ;-p

I don't like Norton myself actually, but I decided to mention it to give a full unbiased list of options. I've seen it pick up a few things, but wouldn't use it over a long term.. only for a quick scan if you felt after using the other tools that things were still infected.
 
Norton reminds me of my dog "OMG there is something there! I cant do anything about/with it but its there!"

Are any of those scanner's free? Unfortunately I am restricted to free ones. Mom really doesnt care so long as nothing bad really happens.
 
Like atomic Rooster said your first step should be MalwareBytes' anti-malware... In my experience that has picked up everything my mother gets on her computer.... It was actually a life savior because now I don't get those calls like um it happened again can you help me get rid of this crap.... He gave a link to it so just check his post for it...:D:D:D and spybot search and destroy works very well too....also try running a disk cleanup or CC Cleaner to get rid of all of your temp files as well then after all this run avast again and after all that there "should" be nothing left on your computer.(virus's, trojans, malware, adware)
 
I ran all those yesterday, But not in safe mode or anything. I'll run them again today and giv it a shot, but I forgot how to access safe mode....
 
Press F8 at boot. :D

Just to reiterate a very important point made by Bahawolf, disable System Restore. Many nasty virii and malware will hang out in there, lying in wait for you to reboot your computer and infect the system again.
 
Every time i log onto the computer, a notice will pop up telling me that my firewall is not turned on, the first time this happened I got majorly ran over on the virus highway. I don't know why but I clicked it and my firewall was in fact off, perplexed i turned it back on, only to now discover my other settings were turned off. From then on i was bombarded with Trojans and worms like never before. i couldnt do anything, avast was having heart attacks. I got a real bad virus (two actually) in my active working memory. This all happened over the course of 3 days, the 3rd day was so bad i couldn't do anything. (this is when the two viruses got into my working memory)

Avast wound up doing an emergency shut down in order to get rid of them. Once they were gone I had just enough time to download a couple things (like say malware and spyware detectors and ad aware) These found and destroyed others that avast missed. but I kept getting the virus' comming in (from one website mainly) I finally got noscript on my computer and that stopped all of those from coming in from the adds and random redirects the site put me through.

So far to date noscipt has helped alot, yes it is a hassle at times to open up a web site or not, but I figure the more secure the better.

Now as for that no fire wall notice.

Its still popping up, after what happened the first time i clicked it Ive been warily ignoring it, apparently its only on my side of the computer. i have ran and checked my fire wall manually and it was shown to be on, and usually within 10 seconds the notice leaves entirely not even showing the little "no firewall" icon.

so my main quation is, is it ok to ignore it?
Does this have anything to do with a program called "Antivirus 2009" by any chance? I had the same thing happen on one of my machines, bombarded with popups saying that my firewall was disabled and I wasn't able to turn it back on. It also disabled Avast! which I was using already. It would go to a webpage automatically and looked like it was scanning for viruses and then it tells you that you need to download something or other.

It's an annoying thing and the only way I found to totally get rid of it was to reformat and reinstall windows xp.
 
Back
Top Bottom