FirewallerV10.exe

G

Guest

I have just re-installed xp after a full format and the first thing after
sorting out my IE connection was to go to the microsoft site for any updates.
During the setup of the updates i got a pop up about vunerabilites and visit
"Fixnow"?? I just closed that and carried on. I then installed Zonealarm and
it found a programme called "FireawallerV10.exe" trying to access the
internet. In a search I found it in the windows prefetch folder. Read about
this folder and decided to allow this programme to access the internet. My
connection ground to a halt. I removed the programmes permission to connect
to the internet and within 5 seconds the thing had tried to connect over 500
times with varying target IP's. I downloaded netguard from NTL and ran a
sweep. It dectected this file as a virus but no virus info was given??. I
tried to delete and searched the reg for any strings but everytime I re-boot
the strings are there again.
I cant find the file anymore in explorer.

Another re-install tonight but how do I stop it happening again?
 
M

Malke

Big.banny said:
I have just re-installed xp after a full format and the first thing
after sorting out my IE connection was to go to the microsoft site for
any updates. During the setup of the updates i got a pop up about
vunerabilites and visit
"Fixnow"?? I just closed that and carried on. I then installed
Zonealarm and it found a programme called "FireawallerV10.exe" trying
to access the internet. In a search I found it in the windows prefetch
folder. Read about this folder and decided to allow this programme to
access the internet. My connection ground to a halt. I removed the
programmes permission to connect to the internet and within 5 seconds
the thing had tried to connect over 500
times with varying target IP's. I downloaded netguard from NTL and
ran a sweep. It dectected this file as a virus but no virus info was
given??. I tried to delete and searched the reg for any strings but
everytime I re-boot the strings are there again.
I cant find the file anymore in explorer.

Another re-install tonight but how do I stop it happening again?
Click to expand...

You should not connect a Windows computer to the Internet without a
firewall and antivirus in place. After a clean install, after you
install the hardware drivers (from a known-clean source), make sure
that you don't install any programs until you've gone to Windows Update
and also updated your antivirus definitions. Also see:

http://www.wilderssecurity.com/showthread.php?t=27971 - So How Did I Get
Infected Anyway?
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://www.claymania.com/safe-hex.html
http://www.aumha.org/a/parasite.htm - The Parasite Fight
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Malke
 
K

Kerry Brown

Big.banny said:
I have just re-installed xp after a full format and the first thing
after sorting out my IE connection was to go to the microsoft site
for any updates. During the setup of the updates i got a pop up about
vunerabilites and visit "Fixnow"?? I just closed that and carried
on. I then installed Zonealarm and it found a programme called
"FireawallerV10.exe" trying to access the internet. In a search I
found it in the windows prefetch folder. Read about this folder and
decided to allow this programme to access the internet. My connection
ground to a halt. I removed the programmes permission to connect to
the internet and within 5 seconds the thing had tried to connect over
500 times with varying target IP's. I downloaded netguard from NTL
and ran a sweep. It dectected this file as a virus but no virus info
was given??. I tried to delete and searched the reg for any strings
but everytime I re-boot the strings are there again.
I cant find the file anymore in explorer.

Another re-install tonight but how do I stop it happening again?
Click to expand...

What service pack level is your install CD? If it is less than SP2 then do
not connect to the Internet until one of the following is true:

1) SP2 is installed, or if SP1 go into the TCP/IP settings and turn on the
firewall
2) A 3rd party firewall is installed
3) you are connected to the Internet through a router.

If at least one of the above is not true you will be infected within minutes
of connecting to the Internet. If you have broadband access make sure the
Ethernet cable is physically disconnected. If you have broadband I highly
recommend you purchase a router even if you only have one computer
connected. It will give you a layer of protection that is completely
separate from your pc. Alternatively download SP2 and burn it to CD.
Immediately after installing Windows and before connecting to the Internet
install SP2. Here is a link to download SP2. If you have dialup it is a very
large download and may not be practical.

http://www.microsoft.com/downloads/...be-3b8e-4f30-8245-9e368d3cdb5a&DisplayLang=en

Kerry
 
C

cquirke (MVP Windows shell/user)

On Wed, 11 Jan 2006 02:37:04 -0800, Big.banny
I have just re-installed xp after a full format and the first thing after
sorting out my IE connection was to go to the microsoft site for any updates.
During the setup of the updates i got a pop up about vunerabilites and visit
"Fixnow"?? I just closed that and carried on.
Click to expand...

This why "just reinstall Windows" is such a DUMB IDEA !! :)

I'll bet your XP CD is "gold" or SP1, so the firewall wasoff and your
OS's RPC and LSASS services were unpatched and gaping at the Internet
(thanks to XP being designed as a "network client" rather than
standalone OS). You'd be attacked within minutes; that pop-upwas
99%-certain to be malware, and it hooks "close" to run anyway.
I then installed Zonealarm and it found a programme called
"FireawallerV10.exe" trying to access the internet. In a search I
found it in the windows prefetch folder.
Click to expand...

Ahhhh.... NOW I understand why ppl keep flapping about the Prefetch
folder! It's because they leave Windows wiht duuuhfault settings (no
firewall is as duuuh as you can get) which hide system files, hide
file name extensions, etc. Plus Search doesn't search in system
"folders" anyway... so you typically can't see what you most need to
see; all you get is the harmless .PF files in Prefetch, and they may
look like the real .EXE if the extension is hidden. What a mess!!

Ifyou've just wipedand re-installed, you have nothing to lose;start
all over again. This time, rip out all network cables, WiFi etc. and
turn on the firewall FIRST before getting patches etc.
Another re-install tonight but how do I stop it happening again?
Click to expand...

As above. See also: http://cquirke.mvps.org/reinst.htm


---------- ----- ---- --- -- - - - -
Click to expand...
Don't pay malware vendors - boycott Sony
 
G

Guest

Thanks all above.

The next night I installed with my lan cable out and installed SP2 from a CD
then turned on firewall only then did I connect my b/band and auto update. I
let it all update (35 security and critical updates ) and away I go.


Thanks again.

Dave
 
K

Kerry Brown

Big.banny said:
Thanks all above.

The next night I installed with my lan cable out and installed SP2
from a CD then turned on firewall only then did I connect my b/band
and auto update. I let it all update (35 security and critical
updates ) and away I go.


Thanks again.

Dave
Click to expand...

Your welcome. Glad you got it working.

Kerry
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

W32/Ovide.A 3
virus 6
pop ups and ad blockers 1
Downloaded something that I shouldn't! 1
Zero Upload Speed 6
Reinstall Windows 9
annoying messages 1
Moving Router 2

Top