Guest Daniel Posted January 13, 2008 Posted January 13, 2008 My pc will not allow me to turn on my firewall. It tells me the group policy has been set to disallow me to change the settings. I am the only person who uses this pc and it is in my home. I have ran avast anti-virus and found a trojan in my iexplore.exe and service.exe files. I have attempted to remove them repeatedly and then run another scan but they keep returning. I would like to get my security center back on and under my control. Can someone please help me? I am operating with Windows Vista Home Premium. Thank you Quote
Guest Malke Posted January 13, 2008 Posted January 13, 2008 Daniel wrote:<span style="color:blue"> > My pc will not allow me to turn on my firewall. It tells me the group policy > has been set to disallow me to change the settings. I am the only person who > uses this pc and it is in my home. I have ran avast anti-virus and found a > trojan in my iexplore.exe and service.exe files. I have attempted to remove > them repeatedly and then run another scan but they keep returning. I would > like to get my security center back on and under my control. Can someone > please help me? > > I am operating with Windows Vista Home Premium. Thank you</span> Go through these general malware removal steps systematically - http://www.elephantboycomputers.com/page2....emoving_Malware Include scanning with David Lipman's Multi_AV and follow instructions to do all scans in Safe Mode. Please see the special Notes regarding using Multi_AV in Vista. http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions http://www.pctipp.ch/downloads/sicherheit/...nning_tool.html - download site The site is in German but David's tool is in English so don't let that worry you. Scroll all the way down to almost the bottom of the page and you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool". You'll see "Download von www pctipp.ch" and the live link to download Multi_AV. You can also check to see if there are targeted removal steps for your malware here: Bleeping Computer removal how-to's - http://www.bleepingcomputer.com/forums/forum55.html When all else fails, run HijackThis and post your log in one of the specialty forums listed at the first link above (not here, please). Not all tools used will work in Vista and you will need to run them elevated. If you are unable to remove the infection by following the general steps, register at one of the HijackThis forums as suggested. Standard caveat: If the procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a professional computer repair shop (not your local version of BigComputerStore/GeekSquad). Please be aware that not all local shops are skilled at removing malware and even if they are, your computer may be so infested that Windows will need to be clean-installed. Have all your data backed up before you take the machine into a shop. Malke -- Elephant Boy Computers www.elephantboycomputers.com "Don't Panic!" MS-MVP Windows - Shell/User Quote
Guest M.Butzin Posted April 6, 2008 Posted April 6, 2008 "Malke" <notreally@invalid.invalid> wrote in message news:e3rI8zeVIHA.1168@TK2MSFTNGP02.phx.gbl...<span style="color:blue"> > Daniel wrote:<span style="color:green"> >> My pc will not allow me to turn on my firewall. It tells me the group >> policy has been set to disallow me to change the settings. I am the only >> person who uses this pc and it is in my home. I have ran avast >> anti-virus and found a trojan in my iexplore.exe and service.exe files. >> I have attempted to remove them repeatedly and then run another scan but >> they keep returning. I would like to get my security center back on and >> under my control. Can someone please help me? >> >> I am operating with Windows Vista Home Premium. Thank you</span> > > Go through these general malware removal steps systematically - > http://www.elephantboycomputers.com/page2....emoving_Malware > > Include scanning with David Lipman's Multi_AV and follow instructions to > do all scans in Safe Mode. Please see the special Notes regarding using > Multi_AV in Vista. > > http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions > http://www.pctipp.ch/downloads/sicherheit/...nning_tool.html - > download site > > The site is in German but David's tool is in English so don't let that > worry you. Scroll all the way down to almost the bottom of the page and > you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool". > You'll see "Download von www pctipp.ch" and the live link to download > Multi_AV. > > You can also check to see if there are targeted removal steps for your > malware here: > Bleeping Computer removal how-to's - > http://www.bleepingcomputer.com/forums/forum55.html > > When all else fails, run HijackThis and post your log in one of the > specialty forums listed at the first link above (not here, please). > > Not all tools used will work in Vista and you will need to run them > elevated. If you are unable to remove the infection by following the > general steps, register at one of the HijackThis forums as suggested. > > Standard caveat: If the procedures look too complex - and there is no > shame in admitting this isn't your cup of tea - take the machine to a > professional computer repair shop (not your local version of > BigComputerStore/GeekSquad). Please be aware that not all local shops are > skilled at removing malware and even if they are, your computer may be so > infested that Windows will need to be clean-installed. Have all your data > backed up before you take the machine into a shop. > > > Malke > -- > Elephant Boy Computers > www.elephantboycomputers.com > "Don't Panic!" > MS-MVP Windows - Shell/User</span> Malke, But won't you transfer the virus to the backup? Marc B. Quote
Guest Malke Posted April 6, 2008 Posted April 6, 2008 M.Butzin wrote: Snipping judiciously when quoting is wise. <span style="color:blue"> > Malke, > But won't you transfer the virus to the backup? > </span> What virus? What backup? Are you talking about my warning to always try and backup data before taking the machine to a professional? Then yes, of course one will want to scan the data before putting it back onto a clean machine. That is simply common sense. But there is no reason to throw out tons of non-infected pictures of "baby's first steps" in a panic! Or was there something else you wanted to know? Malke -- MS-MVP Elephant Boy Computers www.elephantboycomputers.com Don't Panic! Quote
Guest M.Butzin Posted April 8, 2008 Posted April 8, 2008 "Malke" <malke@invalid.invalid> wrote in message news:%237y75J$lIHA.5208@TK2MSFTNGP04.phx.gbl...<span style="color:blue"> > M.Butzin wrote: > > Snipping judiciously when quoting is wise. ><span style="color:green"> >> Malke, >> But won't you transfer the virus to the backup? >></span> > > What virus? What backup? Are you talking about my warning to always try > and > backup data before taking the machine to a professional? Then yes, of > course one will want to scan the data before putting it back onto a clean > machine. That is simply common sense. But there is no reason to throw out > tons of non-infected pictures of "baby's first steps" in a panic! > > Or was there something else you wanted to know? > > Malke > -- > MS-MVP > Elephant Boy Computers > www.elephantboycomputers.com > Don't Panic!</span> No, I am concerned that if a person sets up their computer to "automatically back up their system on a certain date and time" and later discover that their system has been infected, then they'll have a harder time restoring their system, unless the virus doesn't transfer to a system settings only backup. Norton and Windows, as you know allows this to be done on a schedule in the back ground, while the user continues until their system begins acting weird . Which leads to a false sense of security, right? Pointing out that even the back up "maybe/is infected" and if they use a system restore can continue to have problems. Inexperienced users think "Oh, I backed up my system automatically two days ago" I'll just restore to that point and all is fine. The reality maybe that they are just starting over with a Trojan or Virus.<> Is there a way to ensure that a back up is Virus~Trojan free? <> I back up to a portable HD after a scan but I am even suspicious of that. I just down loaded Ad Aware and my PC would not let me extract it, but (Spybot S&D & Norton 360) ran fine without finding anything (Windows Vista Home Prem) but when I ran MS Malicious Software Removal Tool, it did fix the problems. Article ID : 890830 Last Review : March 11, 2008 Revision : 44.3 Quote
Guest Malke Posted April 8, 2008 Posted April 8, 2008 M.Butzin wrote: <span style="color:blue"> > No, I am concerned that if a person sets up their computer to > "automatically back up their system on a certain date and time" and later > discover that their system has been infected, then they'll have a harder > time restoring their system, unless the virus doesn't transfer to a system</span> (major snippage) Well, yeah - of course if you image or otherwise completely back up an infected system the image or backup is infected! And honestly, most end users know that. My clients are home users and small businesses and even the most computer unsavvy of the lot ask me to make sure their data isn't infected before it goes back onto a clean machine. I assure them it will be carefully scanned first. People who are technically adept enough to image know to make a new image of the clean system! Or if we are talking about my clients, I do it for them. I'm not sure why we're having this discussion. Did you have a question? If yes, then please make a new post with all pertinent technical details included. Otherwise, this is an old, closed thread and I'm moving on. Malke -- MS-MVP Elephant Boy Computers www.elephantboycomputers.com Don't Panic! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.