Trouble Engaging Firewall

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by jr_orkneyroad, Nov 30, 2015.

  1. jr_orkneyroad

    jr_orkneyroad Private E-2

    I recently installed Bitdefender Internet Security on my daughter's Laptop running Windows 7 Home Premium and had trouble engaging the firewall. That combined with some other odd behavior from IE, I decided to follow the Malware Removal Guide protocol. Hitman came up with a long list of potential threats, so here are the logs. Still unable to engage the firewall. Any assistance would be greatly appreciated. Thanks.
     

    Attached Files:

  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Re run Hitman Pro and have it remove all that it finds.


    Fix item using RogueKiller.

    Double-click RogueKiller.exe to run. (Vista/7/8 right-click and select Run as Administrator)
    When it opens, press the Scan button
    Now click the Registry tab and locate this detection:

    • [PUP][Folder] C:\ProgramData\{9925001E-4D97-434F-8579-2E06AF34678F} -> Found

    Place a checkmark next to this item, leave the others unchecked.
    Now press the Delete button.
    When it is finished, there will be a log on your desktop called: RKreport[2].txt
    Attach RKreport[2].txt to your next message. (How to attach)
    Reboot the machine.




    Download Cleano 0.61

    Download it to your desktop, Right click the cleano.exe file and run as admin > and place check marks in the boxes as follows (click on link below to see image)

    View attachment 148092
    Click clean now and exit the program.

    Let me know how things are running.
     
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Note for jr_orkneyroad: In order to do this with Hitman Pro, you will have to first enable the 30 day free trial license.
     
  4. jr_orkneyroad

    jr_orkneyroad Private E-2

    Thank you so much for your detailed instructions and quick turnaround! I do have a question for you however. I ran RogueKiller again, but the offending item listed below...

    [PUP][Folder] C:\ProgramData\{9925001E-4D97-434F-8579-2E06AF34678F} -> Found

    is actually under the "Files/Folders" tab rather than the Registry tab. There are two items under the registry tab, something similar to...

    Found > PUM.Policies > Policies > HKEY_LOCAL_MACHINE > (x64) Software\Microsoft\Windows\CurrentVerision\Policies\System > ConsentPromptBehaviorAdmin > 0
    Found > PUM.Policies > Policies > HKEY_LOCAL_MACHINE > (x86) Software\Microsoft\Windows\CurrentVerision\Policies\System > ConsentPromptBehaviorAdmin > 0


    Should I delete the [PUP][Folder] from Files/Folders or one of the PUM.Policies from Registry?

    Thanks!
     
  5. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Sorry, my bad. Delete from Files/folder tab.
     
  6. jr_orkneyroad

    jr_orkneyroad Private E-2

    Thanks again for your assistance. Attached is the final log from RougeKiller.
     

    Attached Files:

    Kestrel13! likes this.
  7. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    OK, have you continued on with other instructions?
     
  8. jr_orkneyroad

    jr_orkneyroad Private E-2

    Yes - all remaining instructions were followed.
     
  9. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Re scan with Hitman Pro, let me see if anything remains. Attach log.
    Then explain how things are running.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds