Help Fast something turned off my Firewall

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Darlene C

Thread Starter
Joined
Nov 16, 2002
Messages
105
Help fast, something turned off my firewall and I can't turn it back on it is saying I need a Supervisor or something. I am the only user and I just ran my Norton Anti Virus today and it was clean, I have not been to more than a couple places on the net today. I have Spybot and SpywareBlaster both updated today and checked. This happened just a while ago at 6.00 Eastern Time. What do I do now?
 
Joined
Sep 27, 2002
Messages
867
Download HiJackThis from http://www.tomcoyote.org/hjt/ and unzip it.

Then click the HiJackThis.exe.

Click Scan.

When it's done the "Scan" button changes to a "Save Log". Save the log file it creates (it should open in Notepad),

Copy and Paste the results here in your post, so someone can determind what all is running in the background.

Note: Do not attempt to fix anything till told too!
 

Darlene C

Thread Starter
Joined
Nov 16, 2002
Messages
105
Logfile of HijackThis v1.97.3
Scan saved at 8:56:29 PM, on 10/12/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\Program Files\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\WinFax\WFXSWTCH.exe
C:\WINDOWS\System32\wfxsnt40.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\SysMetrix\SysMetrix.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Norton Personal Firewall\ccPxySvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Darlene\My Documents\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.worldnetdaily.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1.1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {57E69D5A-6539-4d7d-9637-775DE8A385B4} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\NORTON~1\WinFax\WFXSWTCH.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [PS2] C:\hp\drivers\keyboard\PS2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SysMetrix] C:\Program Files\SysMetrix\SysMetrix.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Check Spelling - res://C:\Program Files\ieSpell\ieSpell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\ieSpell.dll/SPELLOPTION.HTM
O9 - Extra button: ieSpell (HKLM)
O9 - Extra 'Tools' menuitem: ieSpell (HKLM)
O9 - Extra 'Tools' menuitem: ieSpell Options (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...pple.com/bonnie/us/win/QuickTimeInstaller.exe
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37872.6237615741
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab
 

Darlene C

Thread Starter
Joined
Nov 16, 2002
Messages
105
After a couple of reboots it finally came back on, before I tried to block traffic and it said Restricted Accounts are not allowed to Block or Allow Traffic..When double clicking on any item in firewall it said "You do not have the necessary rights to configure the items you have double clicked" I am the only one on this computer.
 
Joined
Sep 27, 2002
Messages
867
The only thing I see is

O3 - Toolbar: (no name) - {57E69D5A-6539-4d7d-9637-775DE8A385B4} - (no file)

looks like a Xupiter leftover. Some of the more knowledegable members may see something I've missed.


Run Hijack This a put a check by it had have it fix it.

Then you can try Free Version of Ad-Aware 6

and follow

Ad-Aware 6: Reference Guide by Winchester73 instructions on how to update and use it.

If that don't work, try to restore to a time before this happened using System Restore.
 

Darlene C

Thread Starter
Joined
Nov 16, 2002
Messages
105
Thanks VirtualMe,
I will put a check next to that item. Is there any chance that could be my Merriam-Webster Dictionary I don't see it listed on the list above? I thought I removed Jupiter some time ago and this just happened yesterday. I defraged last night thinking this might be the problem but this morning it wouldn't come on again unit I kept rebooting it. Why would it say I need authorization? How would I change authorization if I am the only user? This is a home computer and I am it.
 
Joined
Sep 27, 2002
Messages
867
If you go to http://www.spywareinfo.com/toolbars/ and scroll down to X {57E69D5A-6539-4d7d-9637-775DE8A385B4}: Xupitertoolbar.dll - Xupiter you see it is linked to Xupiter.

I don't think it has anything to do with Merriam-Webster Dictionary.

Your log don't show Xupiter as still being installed. It just shows a reference that was left in the registry after you unistalled it, and I don't think that whould have anything to do with your problem anyway.

I'm new to Windows XP so I don't know my way around it very well yet.

I don't know if a system restore before your troubles started will help or not, but may be worth a try.

I had to use my system restore Saturday when I was messing around with my Windows XP. :D
 
Joined
Mar 25, 2001
Messages
3,334
Darlene, do you know what this entry is:

O4 - HKLM\..\Run: [SysMetrix] C:\Program Files\SysMetrix\SysMetrix.exe

:confused:
 

Darlene C

Thread Starter
Joined
Nov 16, 2002
Messages
105
VirtualMe and Buckaroo,
Thanks for the help, I will have it deleted. Bucharoo that is a "SysMetrix and it is really useful. I needed it when my CPU was at 100%, and nothing worked, now I can't be without it. It has controls for Winamp, Click on the Weather it gives the temp. from your local Airport, Ram used, Memory, Swap, click for e-mail, empty the trash, and more things are added every new version. You can get skins for it at WinCustomize also for your Windows XP. I will try to insert a picture of my recent desktop. The calender is Rainlendar and the thing in the middle is BeatNik clock and date. All are free except the WindowBlinds, but all the skins can be downloaded at WinCustomize also. You can change it whenever you want. I hope my firewall problem is solved soon. Maybe I will be having 2004 put on earlier than need be. Does anyone know if a new Firewall needs to be bought or just the Norton AntiVirus. I hope this picture turns out I never sent one before.
 

Attachments

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top