I was planning to change my AV. I had one from another company but the license expired. Then today I’ve tried Avast! free on my computer with WinXp Home Edition with SP3. After the installation I’ve made a full scan in safe mode and Avast! detected 5 viruses, one of them being the file “\windows\system32\drivers\ipsec.sys” infected with WIN32/Alureon. I’ve send them all to quarantine and restarted computer in normal mode. But then I noticed that there was no connection to internet.
Took a look at the “Device manager” with the option to show hidden devices enabled and I saw 2 alerts:
-Controlador de protocolo TCP/IP = Detenido. Archivo del controlador: tcpip.sys
-Traductor de direcciones de red ip =Detenido. Archivo del controlador: ipnat.sys
I’ve tried to start both manually but there was missing dependencies.
After 2 hours trying things in vain, I’ve decide to restore the file from the quarantine. When the file was again under “windows\system32\drivers” I’ve analyzed it with right click and it said it was clean >:(
I’ve restarted the computer again but still no connection.
I think I need to install ipsec.sys again and not just copy the file again to his original folder. But I don’t know how.