Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firewall Doesn't Stay On


  • Please log in to reply
3 replies to this topic

#1 KevenG123

KevenG123

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 28 September 2012 - 09:55 AM

HI,

I have been searching around the web trying to fix a problem with my Firewall for McAfee, which will not remain on. The problem started with McAfee giving me a "your computer is at risk" warning. When I checked my status, and saw the firewall off, I tried to turn it back on. It literally turns it self off in less than 1 second, every time, without fail.

I tried following some of the directions on some of the other threads from users that have had this same issue, but their directions didn't work properly for me (I guess my problem may have been a little different). I tried running the TDSSKiller, FSS, aswMBR, the McAfee Stinger, and ESET Online Scanner.

The McAfee stinger turned up nothing.

the ESET Online Scanner found 4 threats that it deleted (and I lost the Log, so I can't post it)
I ran the TDSSKiller a first time, it found 1 threat which instead of skip I chose delete for, and it prompted me for a reboot, which I performed, but the problem still exists (and yes I can't find the Log). A second scan by TDSSKiller turned up no threats or warnings.

The FSS and aswMBR Logs are below

FSS
Farbar Service Scanner Version: 19-09-2012
Ran by UVA (administrator) on 27-09-2012 at 23:08:17
Running from "C:\Users\UVA\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-27 23:16:49
-----------------------------
23:16:49.665 OS Version: Windows x64 6.1.7601 Service Pack 1
23:16:49.665 Number of processors: 2 586 0x170A
23:16:49.666 ComputerName: KRG2UF-PC UserName: UVA
23:16:52.325 Initialize success
23:17:09.194 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:17:09.197 Disk 0 Vendor: WDC_WD3200BEVT-75ZCT2 11.01A11 Size: 305245MB BusType: 11
23:17:09.220 Disk 0 MBR read successfully
23:17:09.223 Disk 0 MBR scan
23:17:09.226 Disk 0 Windows 7 default MBR code
23:17:09.229 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
23:17:09.242 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
23:17:09.261 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290205 MB offset 30800325
23:17:09.273 Disk 0 scanning C:\Windows\system32\drivers
23:17:22.690 Service scanning
23:17:51.711 Modules scanning
23:17:51.722 Disk 0 trace - called modules:
23:17:51.747 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
23:17:51.753 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c855d0]
23:17:52.095 3 CLASSPNP.SYS[fffff8800187243f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004697680]
23:17:52.102 Scan finished successfully
23:18:09.683 Disk 0 MBR has been saved successfully to "C:\Users\UVA\Downloads\MBR.dat"
23:18:09.700 The log file has been saved successfully to "C:\Users\UVA\Downloads\aswMBR.txt"


I'm running a Dell STUDIO 1555 on a 64-Bit system with Windows 7 Home Premium

Someone please HELP!!!!!!! Thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:06 PM

Posted 28 September 2012 - 09:58 AM

Uninstall mcafee using their tool

http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe

Reinstall it

Did that help?

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#3 KevenG123

KevenG123
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 05 October 2012 - 08:13 PM

I uninstalled and re-installed McAfee. The firewall stays on now, thank you! Now my problem is that my internet runs MUCH slower, and my laptop automatically mutes itself whenever I am playing music or watching a show. All I have to do is hit one of the volume buttons, and the sound comes back on. But after about a minute, my laptop will mute itself yet again.

So I still went ahead and downloaded the Malwarebytes and the RKILL. The logs are below:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.05.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
UVA :: KRG2UF-PC [administrator]

10/5/2012 12:18:26 PM
mbam-log-2012-10-05 (12-18-26).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 453765
Time elapsed: 2 hour(s), 49 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCR\bho_project.bho_object (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\bho_project.bho_object.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\UVA\Downloads\movie_player_1280.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\UVA\Downloads\mplayer_Setup.exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.

(end)




Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/05/2012 09:11:09 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/05/2012 09:12:39 PM
Execution time: 0 hours(s), 1 minute(s), and 29 seconds(s)

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:06 PM

Posted 05 October 2012 - 08:41 PM

Now my problem is that my internet runs MUCH slower


Mcafee may be the cause.Uninstall it and for free antivirus like microsoft security essentials

http://windows.microsoft.com/en-US/windows/products/security-essentials

and my laptop automatically mutes itself whenever I am playing music or watching a show. All I have to do is hit one of the volume buttons, and the sound comes back on. But after about a minute, my laptop will mute itself yet again.


Did you try reinstalling your sound driver?

Edited by narenxp, 05 October 2012 - 08:42 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users