Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Virus/Malware blocking access to antivirus sites

  1. #1
    oh_why_me Guest

    Default Virus/Malware blocking access to antivirus sites

    I have a registered full version of zone alarm installed on my computer, along with a nonregisted version of lavasoft's adaware.

    I went onto a livejournal site(which ive done before mind you), and suddenly zone alarm flips out, mozilla firefox closes and utorrent opens up. This thing called WinWeb security installs itself onto my computer and is 'claiming' its plagued with viruses-- though the winweb is ironically the virus. I run zone alarm scan while I delete the hidden program files of winweb (it was in a folder of a random skew of digits in my application data folder). Zone alarm picks up 5 things, which are quarinteened and deleted. I go through program files, system32, and my processes to get rid of anything suspicious (after throroughly researching each one to verify this is the right action)

    I end up with a list of culprits-- ~.exe started it all and random things like ichat and GetModule30 appear and something in the Microsoft folder called Office6 (I cross check using my moms comp which im on now).
    So, I delete the bad .dlls except one that wont delete, even in safe mode done via cmd: Khfutnol.dll

    And yes, Ive erased all temp files.

    I notice that it (actually windows this time) has notified me that my computer is unsafe because automatic updates were turned off. I try to turn them on. It wont work.

    I try to do it manually by going to the website. It wont connect.

    I try to update zone alarm, lavasoft, and try to download that SAS program and run this antimalware program and even go to norton--- each time the page is either not displayed or it redirects me to amazon.com or advertisements for nonrelated items or another search page.


    Yet, it loads google, my email, etc.

    I am desperate. Please tell me there is something I can do to salvage my computer, please....

    Oh yeah. I tried system restore too. IT DISABLED THAT TOO.

    it will also not allow me to execute mbam which i downloaded onto this computer and transfered to mine via usb.

    and I
    just attempted the same thing with hijackthis---- same thing. Wont execute and instead opens up firefox with a popup ad.
    Thank you in advance, please save my soul.

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Pro

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: Virus/Malware blocking access to antivirus sites

    Hi!
    download DrWeb cure it from another system and make a boot CD.
    See if it will manage to clean some of your infections.

    See here how to do it:
    http://freedrweb.com/livecd/?lng=en

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    oh_why_me Guest

    Default Re: Virus/Malware blocking access to antivirus sites

    I downloaded the program and burnt the iso to a dvd+r, popped it the machine (while off) and then turned it on, f10-ing and
    immediately going to the change boot order where I selected Atapi cd/dvd drive as priority , however it still starts via Windows.
    I'll try burning another cd of it just in case it was an error on my side, but in the meantime, are there any other suggestions?
    edit: tried with another dvd, still isn't working. I'm starting to consider paying Geeksquad 200 bucks and moving all my stuff to my moms comp. Anything less expensive? As in free, maybe?

    Message Edited by oh_why_me on 12-03-2008 02:16 PM

  4. #4
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Virus/Malware blocking access to antivirus sites

    Disable the hdd in the bios for boot and use just the media drive for the boot.
    Often F12 brings up the booting drive list (not always) at the bios screen time period.

    Alternatively, pull the hdd out of the computer and scan the hdd with another computer 's scanners. Plug in either with a usb adapter or as a slave drive in the second computer.
    Basically the same scan as the dos scanner in the boot time - no window files are opened or running and the scan's detections are very good and the removal of found malware is 100%.
    But just becareful when deleting any of the windows files - or else the windows may not boot any more. You will have to replace all of the removed/deleted window's files before returning the hdd back to the usual computer.

    Oldsod.
    Best regards.
    oldsod

  5. #5
    oh_why_me Guest

    Default Re: Virus/Malware blocking access to antivirus sites

    I was able to find someone with the same problem on another forum, so I was able to solve it ^_^ In the end I had to disable TDSSserv.sys driver and that allowed me to install Mbam which got rid of the virus, and also allowed zone alarm to find more of its evil comrades as well. That done, I can back onto the anti-virus websites and everything else works too! Thank you though for your help though!

  6. #6
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: Virus/Malware blocking access to antivirus sites

    You're welcome!Glad to hear the issue is solved...Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #7
    bhampg Guest

    Default Re: Virus/Malware blocking access to antivirus sites

    hey--I have that same problem and have been searching and searching for help for it---i am not very computer savvy--and have had a heck of a time with this virus--can you please tell me how to get to driver you mentioned and then what to do --please give very detailed instructions for those of us who are not great with it but still need to fix our computers!--Thanks in advance!

  8. #8
    oh_why_me Guest

    Default Re: Virus/Malware blocking access to antivirus sites

    yeah, that virus **bleep**s butt, doesnt it?

    from computerhope forums: http://www.computerhope.com/forum/in...c,71593.0.html


    * Click on Start, click Run, and then type devmgmt.msc and click OK
    * On the View menu click on Show hidden devices
    * Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys
    * Highlight that driver and right click on it and select DISABLE
    * Now RESTART your computer.
    * Download a copy of Malwarebytes but DO NOT run it yet.
    * Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it.
    * Once the program is installed go to the UPDATE tab and try to update the program if you can.
    * Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found.

  9. #9
    cotnerbf Guest

    Default Re: Virus/Malware blocking access to antivirus sites

    Your posting and dedication to sharing your lessons were a God send.
    It worked like a
    charm.

    I have been an IT manager for many many years.

    I have always preached to my teams that even if they do not find an answer on the sites they post question to, they should go back and share their findings there for others to use.

    It is simply being socially responsible.

    I thank you for being the kind of person I admire and I thank you for the information that solved my problem.
    May God Bless You and Merry Christmas.


  10. #10
    djbc Guest

    Default Re: Virus/Malware blocking access to antivirus sites

    Hello,This information is very helpful for windows Xp users but, does anyone have anything helpful for those of us running windows Vista? Windows Vista doesn't afford you the option of disabling TDSSserv.sys. You can only unistall, (doesn't work) scan, or view properties. I can't download anything or visit any antivirus websites from my infected pc so that is not an option. Any help on this matter would be greatly appriciated. Thanks in advance.B-)

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •