Jump to content

Blocked from Internet


bbubba

Recommended Posts

I am Blocked from Internet by a virus.

It started when I got the fake windows security pop up.

I also saw the virus SVC Host32 file.

Problem is I cannot access the internet to on the infected machine.

How can I unblock the internet?

###########################

I am on my laptop sending this.

I had to rename malewarebytes to run it,

I scanned and cleaned but no joy.

I would be much easier if I could get online with the infected machine.

Is there any way to do that?

Thanks

bbubba

Link to post
Share on other sites

This is quoted from one of the forum moderators. Many have been having this issue.

Welcome to Malwarebytes

Please try the following routine to see if you can get Malwarebytes to run without renaming it, it may also help you get it online.

Click on Start, click Run, and then type devmgmt.msc and click OK

On the View menu click on Show hidden devices

Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys

Highlight that driver and right click on it and select DISABLE

Now RESTART your computer.

Download a copy of Malwarebytes but DO NOT run it yet.

Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it.

Once the program is installed go to the UPDATE tab and try to update the program if you can.

Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found.

If that does work then please follow the routine below and post a new topic in the listed forum with the requested information.

Please read and follow the instructions provided here: http://www.malwarebytes.org/forums/index.php?showtopic=2936

When ready please post your logs here: http://www.malwarebytes.org/forums/index.php?showforum=7

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.

Link to post
Share on other sites

Also, if you do remove infections etc, but still can't get online, it would still be worth it to do as much as you can from the instructions in the first link (you'll need a flash drive to transfer the programs over), and post a new topic in the second link. The experts here are very good at fixing systems hosed by malware and they should be able to get everything in ship shape without reformatting. Good luck and safe surfing.

edit: you can also download updated definitions for MBAM to install on the infected machine if it can't go online here: http://www.gt500.org/malwarebytes/database.jsp

Link to post
Share on other sites

Okay, I followed your instructions and found two offending files just where you said they would be. The even had the yellow exclamation mark next to them.

I disabled both and rebooted. The old fake security window popped up again. I checked to ensure the two files were still disabled.

My browser is set to google as homepage and the machine would not go there. I was able to go to other sites and was able to download malwarebytes. I renamed the exe file, installed, checked for updates and scanned the machine.

The scan found 6 objects infected. I saved the log file.

During the scan the fake security center alert window popped up again.I rebooted again and did another scan with SuperAntiSpyware. It detected 10 registry items.

They all were TDSSserv issues.I have read where machines are always suspect after getting infected with Rootkit. This worries me.

I deleted the 10 items, restarted and was able to get to google page. The machine still seems sluggish.

What do you suggest as a next step?

Thanks,

b

Link to post
Share on other sites

  • Root Admin

Hello and Welcome to Malwarebytes.org

Please read and follow the instructions provided here: Pre- HJT Post Instructions

When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.