• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

System Security Functions Disabled

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Viruses // Worms

View previous topic :: View next topic  
Author Message
wejacobs
Just Arrived
Just Arrived


Joined: 27 Apr 2009
Posts: 0


Offline

PostPosted: Mon Apr 27, 2009 9:11 pm    Post subject: System Security Functions Disabled Reply with quote

I am running Windows XP Pro, SP3, and I recently got a very nasty virus or malware infection from an innocent-looking web page. It disabled my firewall and apparently loaded me up with a huge number of viruses/malware items.

After many, many scans by various programs including Spybot S&D, Windows Defender, Malware Bytes Anti-Malware, Symantec Corporate Antivirus, RegCure, etc. my antivirus scans are coming up clean.

However, Window Firewall is still disabled, indicating that Group Policy is controlling it. All system administration tools (GPEDIT.MSC, REGEDIT.EXE, PING, etc.) issue an error indicating that this is not a valid WIN32 application. This also occurs in Safe Mode. I have a number application programs such as Adobe Acrobat (Std. Edition) that have apparently been damaged, and cannot be reinstalled, I believe because of the security issues.

I would really like to avoid reformatting the hard drive and reinstalling Windows.

Any help in getting my system fully operational again would be greatly appreciated.
Back to top
View user's profile Send private message
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Tue Apr 28, 2009 8:27 am    Post subject: Reply with quote

If tools like PING and REGEDIT have been infected the the only way to be sure is to format and reinstall. There are lots of DDLs and EXEs that run in the background that could also have been infected.

If you don't format/reinstall then you could be fighting this infection off for even longer.

Matt_s
Back to top
View user's profile Send private message
WhiteHat
Just Arrived
Just Arrived


Joined: 23 Nov 2005
Posts: 0
Location: Italy

Offline

PostPosted: Tue Apr 28, 2009 10:50 am    Post subject: Re: System Security Functions Disabled Reply with quote

wejacobs wrote:
After many, many scans by various programs including Spybot S&D, Windows Defender, Malware Bytes Anti-Malware, Symantec Corporate Antivirus, RegCure, etc. my antivirus scans are coming up clean.


When I approach a malware, I never scan from a live system.
Try the Avira rescue system or some equivalent live CD.
Once you detect the malware name, find and execute a specific removal tool from the live system (look at the Kaspersky list) and/or search in the virus database of the major anti-malware software productors to find the removal procedure.
Keep in mind that if your system has been infected by a rootkit, there is not so much to do than save your data (again, use a live CD and a separate, clean, external support o additional HD), format the system HD and reinstall both system and applications.

wejacobs wrote:
All system administration tools (GPEDIT.MSC, REGEDIT.EXE, PING, etc.) issue an error indicating that this is not a valid WIN32 application. This also occurs in Safe Mode.


Check if the files are still there. In that case, probably it's just a PATH system variable compromisation. Even this info is contained in the virus databases - the places you've to look in once you've identified the malware.

Hope this will help. Let us know.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Viruses // Worms All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register