Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Hi, I have known a problem lately about some malware that won't let you get to any of microsoft's sites or antimalware sites - by scaning my computer found some 01.tmp, 02.tmp files - the files are being deleted by malwarebytes at startup but spawn alive againg every time.
I was looking for help at this forum - found some topics about the issue, but could'nt find any answer.
so I went to war alone, and won... (after too many hours - about 6)
anyway, I'm new around here and probably won't last long, so this is kind of an advice for whomever has this malware problem or for the administrators of the forum trying to help other's:
the little $!#
!#! is poisening the dns cache - that's why you can't get to any site even you're editing your hosts file.
so what you shoud do is:
1. open CMD.EXE,
2. type in the command line: TASKLIST /SVC - this will list all proccesses currently runing with the services in the background.
3. look for a proccess "svchost.exe" with the service "Dnscache"
4. open task manager, and if you still don't have the "PID" column, go to "VIEW", "SELECT COLUMNS" and add it
5. kill the svchost proccess that is runing the dns cache by comapring the PID's from the CMD to those in the taskmanager.
6. now you can access site freely: the microsoft malicous remove tool will find it for you and also COMODO free antivirus.
7. NOTICE that until the malware is wiped out you should do steps 1-5 every time your computer is rebooting.
EDIT: Moved to more appropriate forum
I was looking for help at this forum - found some topics about the issue, but could'nt find any answer.
so I went to war alone, and won... (after too many hours - about 6)
anyway, I'm new around here and probably won't last long, so this is kind of an advice for whomever has this malware problem or for the administrators of the forum trying to help other's:
the little $!#
!#! is poisening the dns cache - that's why you can't get to any site even you're editing your hosts file.so what you shoud do is:
1. open CMD.EXE,
2. type in the command line: TASKLIST /SVC - this will list all proccesses currently runing with the services in the background.
3. look for a proccess "svchost.exe" with the service "Dnscache"
4. open task manager, and if you still don't have the "PID" column, go to "VIEW", "SELECT COLUMNS" and add it
5. kill the svchost proccess that is runing the dns cache by comapring the PID's from the CMD to those in the taskmanager.
6. now you can access site freely: the microsoft malicous remove tool will find it for you and also COMODO free antivirus.
7. NOTICE that until the malware is wiped out you should do steps 1-5 every time your computer is rebooting.
EDIT: Moved to more appropriate forum
This post has been edited by garmanma: 18 October 2009 - 09:42 AM
Back to top
