Guest joseph Posted October 17, 2008 Posted October 17, 2008 In Control Panel / Windows Firewall / Exceptions ; I am suspicious of the some of the programs that are Enabled. Some have names like Remote Assistant, Network Diagnostics for W XP, and Windows Live Messneger. There are 9 at the top of the list which worry me? There is a box with a check mark in and just the word 'ENABLE',,, no name of a Program. When I click on Edit they have names which I will now Copy. I don't know about enabling these places to have access to my PC, whether they are important for operation or some type of intrusion. (Remember the only name they have is 'ENABLE".) Here is what comes up when I Click on Edit. "You can allow comms with this Program from any pc, including those on the Interneet" <<< this is what I am worried about, especially the Explorer one as I had some problems that revolved around explorer, C:\WINDOWS\system32\vhr.exe C:\WINDOWS\system32\kvhmmtn.exe C:\WINDOWS\system32\jpqrwxq.exe C:\WINDOWS\system32\hnwtb.exe C:\WINDOWS\system32\flcsn.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Gary\xgw.exe C:\Documents and Settings\Gary\ipb.exe C:\Documents and Settings\Gary\cwiu.exe If you can tell me whether it is important to some programs I use to allow this access, or whether someone has snuck in!? Quote
Guest Malke Posted October 17, 2008 Posted October 17, 2008 joseph wrote: <span style="color:blue"> > In Control Panel / Windows Firewall / Exceptions ; I am suspicious of the > some of the programs that are Enabled. Some have names like Remote > Assistant, Network Diagnostics for W XP, and Windows Live Messneger. > There are 9 at the top of the list which worry me? > There is a box with a check mark in and just the word 'ENABLE',,, no name > of a Program. > > When I click on Edit they have names which I will now Copy. I don't know > about enabling these places to have access to my PC, whether they are > important for operation or some type of intrusion. > (Remember the only name they have is 'ENABLE".) > Here is what comes up when I Click on Edit. > "You can allow comms with this Program from any pc, including those on the > Interneet" <<< this is what I am worried about, especially the Explorer > one as I had some problems that revolved around explorer, > C:WINDOWSsystem32vhr.exe > C:WINDOWSsystem32kvhmmtn.exe > C:WINDOWSsystem32jpqrwxq.exe > C:WINDOWSsystem32hnwtb.exe > C:WINDOWSsystem32flcsn.exe > C:WINDOWSExplorer.EXE > C:Documents and SettingsGaryxgw.exe > C:Documents and SettingsGaryipb.exe > C:Documents and SettingsGarycwiu.exe > > If you can tell me whether it is important to some programs I use to allow > this access, or whether someone has snuck in!?</span> You're definitely infected. Take the machine off the Internet and any Local Area Network and start cleaning. Go through these general malware removal steps systematically - http://www.elephantboycomputers.com/page2....emoving_Malware Include scanning with David Lipman's Multi_AV and follow instructions to do all scans in Safe Mode. Please see the special Notes regarding using Multi_AV in Vista. http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions http://tinyurl.com/yoeru3 - download link and more instructions You can also check to see if there are targeted removal steps for your malware here: Bleeping Computer removal how-to's - http://www.bleepingcomputer.com/forums/forum55.html When all else fails, get guided help. Choose one of the specialty forums listed at the first link. Register and read its posting FAQ. PLEASE DO NOT POST LOGS IN THE MS NEWSGROUPS. Standard disclaimer: I can't see and test your computer myself, so these are just suggestions based on many years of being a professional computer tech; suggestions based on what you've written. You should not take my suggestions as a definitive diagnosis. If you can't do the work yourself (and there is no shame in admitting this isn't your cup of tea), take the machine to a professional computer repair shop (not your local equivalent of BigComputerStore/GeekSquad). Please be aware that not all local shops are skilled at removing malware and even if they are, your computer may be so infested that Windows will need to be clean-installed. If possible, have all your data backed up before you take the machine into a shop. Malke -- MS-MVP Elephant Boy Computers - Don't Panic! FAQ - http://www.elephantboycomputers.com/#FAQ Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.