Windows firewall disabled by malware.

[quicky008]

Today my system got infected with some kind of malware that disabled various components such as the task manager and windows defender firewall.I had kaspersky free av installed but it failed to completely remove the infected files and undo the harmful changes done by the malware.

KAV was detecting something called fr.exe (if i remember correctly) in the windows folder every time i booted into windows 10-despite deleting the file,the same file was detected again upon restarting the system which proves that the infection had not been completely removed.

So i scanned my system with hitman pro and it managed to detect the infected files(incl. some weird file simply called "d" among others) that seemed to escape kav-it also managed to restore the task manager's functionality,unfortunately however it couldn't get defender firewall up and running again.

when i tried to check defender's status via services.msc,this is what i observed:

Imgur

I tried various techniques suggested in youtube videos etc but to no avail-it seems no matter how much i try the darned firewall isnt gonna work.

Is there anything else(Short of a complete system format) that can be done to get the firewall working?If yes,please advice.

(ps-plz suggest a good av package as well which is more robust than kav free edition-i am thinking of discontinuing its use as it couldn't protect my system from the infection)

 

[billubakra]

Copy pasting from that thread

my system got infected twice while i was testing the free version of KAV on another secondary pc-i needed to use hitman pro to remove the malware,KAV couldnt detect it despite the fact that its supposedly a highly rated av product.

*geek.digit.in/community/threads/windows-firewall-disabled-by-malware.208240/

On my main system,i have been using eset since 2017 and so far there have been no infections luckily.I dont really like windows defender.

found a website called buyantiviruskeys.com which is selling 1 yr licenses for 250-is it reliable?

What was the name of the malware? Were you using any AV/Anti malware software before it was infected? You should have used Malwarebytes for that malware. "Sometimes" the malwares require specialized software which are for treating malwares only.

 

[quicky008]

it was an unknown malware,atleast i couldn't identify it.

 

[whitestar_999]

A system once infected cannot be trusted so format/fresh install is the recommended option. That is why your focus must be on not getting infected in the first place. Aside from usb drives, browsing is the most used method by which malware infects pc & even there it is the ads/extra junk which constitutes a majority of malware spreading. Use latest updated browsers with ad blockers & if possible try to learn how to use noscript which is probably the best option to debloat any web page at the cost of reduced functionality(depending on your perspective though).

 

[Zangetsu]

Use Malwarebytes Antimalware trial version as they give 30days trial with full features. So, scan it and remove the malware.

 

[quicky008]

yeah i have since formatted my system and installed eset trial version on it-and so far there have been no infections

I had also tried bitdefender briefly but its too aggressive and gives too many false positives and blocks even harmless apps-so i uninstalled it.