I got doomed with DNSchanger

[paulcheung]

I got doomed at home. if I can't get online to the site to fix the problem, how can I fix it? Tdsskiller is in the list for fix this thing. Can I download at the work computer and carry home to fix that? Can someone list the ip address for tdsskiller. at home I can connect to the site if I type the ip address instead the name.

Will all the computers connected to the same router be infected?

Thank you.

 

[billyb0b]

kaspersky makes a great little tool called TDSKiller specifically for this.

 

[paulcheung]

Can I download it from another computer and use it to kill it? do you know the ip address for this site? I can go there if i know the ip address.
Thank you

 

[copeman]

im sure you can download it onto a flash drive and run it on infected computer.

 

[MontyAC]

Can you log into your router? If yes, then put in OpenDNS server addresses for your dns ip's.

IP address:

208.67.222.222

208.67.220.220

http://blog.opendns.com/2012/07/06/...riends-get-caught-without-internet-on-july-9/

 

[Bubbaleone]

I got doomed at home. if I can't get online to the site to fix the problem, how can I fix it? Tdsskiller is in the list for fix this thing. Can I download at the work computer and carry home to fix that? Can someone list the ip address for tdsskiller. at home I can connect to the site if I type the ip address instead the name.

Will all the computers connected to the same router be infected?

Thank you.

Download Kaspersky Anti-rootkit utility TDSSKiller and copy it to a USB flash drive. Copy from the USB flash drive to the desktop of all the infected PCs, then run TDSSKiller.exe on each PC. Wait until the scanning and disinfection completes. A reboot might be required after the disinfection has been completed.

The following applies to all the PCs behind the router: open a command prompt with administrative rights and run the command:

ipconfig /flushdns

Next, go to C:\Windows\System32\Drivers\Etc and clear (if even present) the read-only attribute of the Host file. Then open Host with Notepad and make sure this line, and nothing else, is present: 127.0.0.1 localhost. Save Host and reapply read-only attribute.

As MontyAC suggests, open a browser and log into the router to configure static DNS. Also check the router firewall settings. If you're not sure, set it to default. Just a suggestion: Configure all the PCs behind your router with static IP addresses, and use the same DNS you've assigned to the router. Much less chance of ever being hijacked when all PCs are configured this way.


.

 

[paulcheung]

Thanks guys,
I download tddskiller from another computer and run on it. but it didnot find anything first and I shutdown, reboot, it connect to the internet so I goto the site again and down the tddskiller. run it again it still find nothing, then I change parameters to check the digital signature and so, it found something suspicious, so I quarrantine them, hope it fixed now.
well it is connected now so, I keep my fingers cross.
Thanks again.
cheers