Edited by rajeev09, 02 June 2009 - 06:42 PM.
Posted 31 May 2009 - 08:58 PM
Posted 05 June 2009 - 06:56 AM
1. Click "Start," click "Control Panel," click "Network and Internet Connections," and then click "Network Connections."
2. Right-click the network connection that you want to configure (the one you use to connect to the Internet), and then click Properties.
3. On the General tab (for a local area connection), or the Networking tab (for all other connections), click "Internet Protocol (TCP/IP)", and then click "Properties."
4. Click "Use the following DNS server addresses," and then type 18.104.22.168 in the Preferred DNS server and 22.214.171.124 in the Alternate DNS server boxes.
5. Click "OK"
Reboot. Verify that the changes worked:
Click "Start," Click "Run," type: cmd , OK to bring up a black command window. Type with an Enter after each line
(There will be an entry for DNS Server. Verify that it has the 126.96.36.199 and 188.8.131.52 addresses.)
Sometimes you can get Hijackthis to work by changing its name.
Now if you have XP, see if you can get Ice Sword to download and run:
Download ice sword from:
using one of the links under DOWNLOADS.
SAVE it to your desktop, close all programs and then Rightclick on it and select Extract All. Let it extract to your desktop. It should create a folder icesword122en on your desktop. Doubleclick on the folder icesword122en to open it and then doubleclick on icesword.exe.
It should open a new window. In the left column at the bottom click on File. Then on the "+" in front of Local Drive C: then on the "+" in front of Windows. Click on on the "+" in front of System32. You will have to scroll down to find it. Click on Drivers.
Look in the right pane and if you see any which are named:
clbdriver.sys, tdsserv.sys or seneka.sys. Right click on them and Force Delete.
Also Force Delete any which start with TDS or UAC or ovfst.
If you don't find any of the above then click once or twice on the column header which says Date Modified and then write down the names of the 10 newest files. Repeat for System32.
Now look in the left column where it says Functions and under Functions find SSDT and click on it. Look in the right hand pane for lines in red. Usually there will be more than one line referencing the same file path so don't bother copying every line. Just give me the file path once.
Download but do not yet run ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:
:!: It must be saved to your desktop, do not run it :!:
:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html
Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
Doubleclick on george to start the program.
* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.
Re-activate your protection programs at this time :!:
Reboot now, please :!:
Post Back (copy/paste the .txt files, do not use attachments)
After following the above, post back with:
1. Name of files you Force Deleted or ten newest files in Drivers and Sytem32
2. Contents of C:\Combofix.txt;
PS If you can't get to the download sites, have a friend download the files and put them on a CD. Don't use a USB drive unless it's never been on your PC and you can leave it in until we finish. Copy the tools to your desktop and then proceed as above.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users