Sign in to follow this  
Followers 0
Mindovermaster

Windows Hosed

20 posts in this topic

Long story short, my mom's computer is totally hosed.

 

First, the internet wouldn't work. It did have internet access, but wouldn't load any web page.

 

Then, MSE (antivirus) picked up a potential virus. But when you go to clean it, an error pops up, that it wasn't successful.

 

I then ran malwarebytes, found nothing. Even ran TDSSKiller, nothing.

 

After a restart, it doesn't get past the Welcome screen. Only way I can get in is through Safe Mode.

 

I tried malwarebytes in safe mode, no effect.

 

The file that MSE found was PcProtect.dll . Can anyone find out how to fix this?

Share this post


Link to post
Share on other sites

Yeah, sorry, it's Windows 7 (x32)

Share this post


Link to post
Share on other sites

give it a shot. run it in safe mode

Share this post


Link to post
Share on other sites

Ok, I now got rid of that nasty program, but I still don't get any internet. There's something blocking it. I even stopped MSE, and no dice.

 

Edit: I can go into normal mode again

Share this post


Link to post
Share on other sites

As with any malware, I suggest nuking it from orbit, and completely reinstalling Windows, if possible.

 

EDIT: Are you able to restore the machine to an earlier time before the malware infection?

Share this post


Link to post
Share on other sites

Have you checked internet options to see if a proxy server is setup in the connections then the LAN tab?  Make sure there are no checks in any of those boxes for proxy.

Share this post


Link to post
Share on other sites

Ok, I now got rid of that nasty program, but I still don't get any internet. There's something blocking it. I even stopped MSE, and no dice.

 

Edit: I can go into normal mode again

Have you tried resetting Internet Explorer to its default configuration?

http://support.microsoft.com/kb/923737

Share this post


Link to post
Share on other sites

She's using Firefox, that would be irrelevant, wouldn't it?

 

No, I have no previous restore points except for like a year ago.

 

I ran malwarebytes, and found nothing, so, yeah...

 

I'll just backup her crap and reinstall. Be done with it.

 

Or put Linux on it... :cry:  My Mom can't move away from Windows, unlike my Dad.

Share this post


Link to post
Share on other sites

She's using Firefox, that would be irrelevant, wouldn't it?

You didn't specify which browser you were using . . .

Share this post


Link to post
Share on other sites

You didn't specify which browser you were using . . .

 

I just assumed people these days use Firefox or Chrome. Sorry..

Share this post


Link to post
Share on other sites

try this before you nuke it.. it may work...find a clean copy of the drivers for the network card...go into device manager and delete the network card and drivers...restart and windows should try to reinstall drivers...use the clean drivers you found to reinstall the network card and hopefully you will get the internet back   but I agree with everyone that you should nuke it because all you are doing is putting bandaids on the problem which is your computer got compromised

Share this post


Link to post
Share on other sites

I think driver is not the issue. I have Internet access, just that it won't load any web page. It can see my router. It's very odd.

Share this post


Link to post
Share on other sites

Check the hosts file perhaps its routing a huge list of stuff to localhost. Also check the IE internet config (windows uses it) to make sure its not tryinto use a proxy also check the dns config for the nic card, had a virus once write some custom dns bull..to a client's pc.

Share this post


Link to post
Share on other sites

your tcp-ip protocol stack (network protocols that tell windows and chrome what to do after you connect to a site) is probably

hosed and the easiest way to reset is the delete the network card and reload it   

 

The TCP/IP stack is a complete set of networking protocols.  The OSI Model was meant to be a standardized way of connecting devices together, and most protocols have some direct correlation to the OSI Model.

 

The OSI Model as you know has 7 layers, the TCP/IP stack which is the most common Protocol suite in use today has 4.

 

So the easiest way to look at the TCP/IP stack is to compare them.

 

Layer Number   OSI Model Name   TCP/IP Equivalency                      TCP Protocols at this level

 

1.                      Physical                 Network Access or Interface layer   Cables and types of Transmissions (Cat45, FDDI, COAX, RJ11)

2.                      Data Link Layer      Network Access or Interface layer   Ethernet

3.                      Network                   Internetwork                                  IP (biggest most important)

4.                      Transport                Transport                                      TCP/UDP, Multiplexing, PAR

5.                      Session                  Application

6.                      Presentation           Application

7.                      Application             Application

 

my bet is the problem is layers 5,6,7..

1 person likes this

Share this post


Link to post
Share on other sites

Also, run HitmanPro from Bleeping Computer.com

Run it in safe mode. Yes, it's shareware but has a 30 day free trial. I just used it to fix my boss's son's Win7 64x laptop. 

Share this post


Link to post
Share on other sites

you forgot layer 8, user layer - this is quite often the root cause of most issues ;)

You can reset the tcp stack with this command from a elevated prompt as well

netsh int ip reset c:\resetlog.txt

Where is c:\resetlog.tx is the location of the log.

1 person likes this

Share this post


Link to post
Share on other sites

Meh, I just nuked it. It's all good now. It works, she's happy, can we move on...

Share this post


Link to post
Share on other sites

Meh, I just nuked it. It's all good now. It works, she's happy, can we move on...

Best bet, honestly. Friendly reminder: Make sure system restore is turned on, and creating regular restore points. :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.