Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Windows 7 Internet Security - The Aftermath

  • Please log in to reply
2 replies to this topic

#1 Lnmul


  • Members
  • 2 posts
  • Local time:02:01 PM

Posted 25 December 2011 - 04:08 PM

Hi, I just followed your guide to remove the Windows 7 Internet Security virus, and I noticed I still have some issues left over, such as not being able to update Microsoft Security Essentials, or access my network settings.
Here is the result of running Farbar Service Scanner (FSS.exe, I noticed it was being asked for in other threads regarding this virus, or variants..)
Farbar Service Scanner 
Ran by Lnmul (administrator) on 25-12-2011 at 16:06:29
Microsoft Windows 7 Professional  Service Pack 1 (X64)

Internet Services:

Connection Status:
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.

Windows Firewall:

Firewall Disabled Policy: 

System Restore:
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.

System Restore Disabled Policy: 

File Check:
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****
How would I go about fixing whatever was damaged by the virus? The virus is no longer running, just lingering effects.
Thanks! - Lnmul

Edited by Lnmul, 25 December 2011 - 04:10 PM.

BC AdBot (Login to Remove)


#2 Lnmul

  • Topic Starter

  • Members
  • 2 posts
  • Local time:02:01 PM

Posted 25 December 2011 - 11:47 PM

Alright, after running chkdsk and performing general maintenance, I was able to get everything working properly again. Mods can close this thread.
Thanks! - Lnmul

#3 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,490 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:03:01 PM

Posted 26 December 2011 - 03:21 PM

Thanks for the update!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users