Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Only Internet Explorer Works


  • Please log in to reply
1 reply to this topic

#1 lamkien

lamkien

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:45 AM

Posted 24 December 2011 - 06:08 PM

Hello,

Last night my laptop was infected by the "Win 7 Antispyware 2012" virus. I had Spybot Search and Destroy already on my computer, so I ran a scan with that first which let me access the internet. From there, I downloaded Malwarebytes and that seemed to clear that problem up (the 3 letter .exe file, jvm.exe or whatever).

I thought it was cleared up, but this morning I noticed my computer was extremely slowly and checked the processes tab. I found a ping.exe file eating up most of my CPU usage there. So, I searched the internet again and ran a variety of programs (most of which have since been deleted). I ran Malwarebytes again before going to Combofix - unfortunately I did not heed the warnings and ran that on my own. It ended up clearing up the ping.exe file, but since then I am stuck. At first, no programs would open but a reboot cleared that. Now, Google Chrome and Firefox no longer work, but Internet Explorer does. Several other programs have difficult connecting to the internet as well: Steam and Malwarebytes automatic updater. I can still connect to Ventrilo though.

I have tried a variety of programs since to no avail and am beginning to wonder if I screwed something up with Combofix. I think Window's Firewall may be behind this, since I can't access anything in the Action Center (I have Windows 7 Ultimate 64-bit). When I try to open the firewall, it gives me this error: The Windows Firewall with Advanced Security snap-in failed to load. Restart the Windows Firewall service on the computer you are managing. Error code: 0x6D9.

I have run the FSS which gives me this:

Farbar Service Scanner
Ran by Kien (administrator) on 24-12-2011 at 18:00:37
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Thank you,
Kien

BC AdBot (Login to Remove)

 


#2 lamkien

lamkien
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:45 AM

Posted 24 December 2011 - 06:52 PM

After searching around the forum, I ended up downloading the Comodo firewall. That seems to have solved all of my issues. However, I am still afraid I might be infected somewhere.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users