wits end, zeroaccess/cryptor, tcpip issues...

Welcome to Major Geeks!

Let's try the below to fix you networking problem.

1. Go to Start ==> Run (or Windows key+R)
   • Type the following in the run box and click OK: notepad c:\windows\inf\nettcpip.inf
     (note that there is space after notepad)
   • The above file will open in the notepad.
   • Under TCP/IP Primary Install section find the following: Characteristics = 0xA0
   • Edit 0xA0 and replace it with 0x80 (replace A with 8)
   • Under File menu click Save and close the notepad.
2. Go to Start ==> Control Panel. Double-click Network Connections. Right-click Local Area Connection, and select Properties.
   • On the General tab, click Install a popup window opens.
   • Select Protocol from the list and then click Add.
   • A new window opens, click Have Disk....
   • In the browse... box type c:\windows\inf
     
   • Click OK.
   • Select Internet Protocol (TCP/IP), and then click OK.
   • On the Local Area Connection Properties screen select Internet Protocol (TCP/IP) and click Uninstall, and then click Yes.
   • Wait until it asks to restart, and then restart as requested. Continue with the below after restarting.
3. Go to Start ==> Run (or Windows key+R)
   • Type the following in the run box and click OK: notepad c:\windows\inf\nettcpip.inf
     (note that there is space after notepad)
   • A file opens in the notepad. Under TCP/IP Primary Install section find the following: Characteristics = 0x80
   • Edit 0x80 and replace it with 0xA0 (replace 8 with A)
   • Under File menu click Save and close the notepad.
4. Go to Start ==> Control Panel. Double-click Network Connections. Right-click Local Area Connection, and select Properties.
   • On the General tab, click Install
   • A popup window opens. Select Protocol.
   • A new popup window opens. Select Internet Protocol (TCP/IP), and then click OK.
   • Wait until it asks to restart, and then restart as requested. Continue with the below after restarting.
5. After restart please run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).
6. Then attach the below logs:
   • C:\MGlogs.zip

 

Looks like that took care of your problems with TCPIP. Are you having any other problems?

 

Also see uf you can find and delete the below files. Make sure they do not come back after a reboot. Let me know if you cannot see them. They are present.


C:\Documents and Settings\hec\Local Settings\Application Data\oid711gu8xhb03rf7p358s0cbgfia7nt8yyel
C:\Documents and Settings\All Users\Application Data\oid711gu8xhb03rf7p358s0cbgfia7nt8yyel
C:\Documents and Settings\hec\Templates\oid711gu8xhb03rf7p358s0cbgfia7nt8yyel

 

Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.

• Now open Repair_Windows.exe
• Go to Start Repairs tab.
• Choose "Custom Mode" and press "Start".
• Create a System Restore point if prompted.
• In the Custom Mode window, select the following repair options:
  • Reset Registry Permissions
  • Register System Files
  • Repair WMI
  • Remove Policies Set By Infections
  • Repair Winsock & DNS Cache
  • Repair Proxy Settings
  • Repair Windows Updates
• Now click the Start button.
• Be patient while the tool repairs the selected items.
• If asked to reboot the computer for the changes to take affect, make sure other tasks in the program are not still running before accepting to restart.

Now download SubInACL.msi from Microsoft.

• Now double click on SubInACL.msi to run the installer. Accept any prompts you get about installing this.
• Now download the below file and save it to your Desktop:
  • resetperm-x64.cmd
• Now right click onresetperm.cmd and select Run As Administrator to run this script. Be patient as this may take awhile to run. Also it is imperative that you Run As Administrator. This is not the same thing as your user account having administrator priviledges.

Once it finishes, reboot your PC.


Now if necessary to get your network interface working, rerun my fix from message # 4.


Then please run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\MGlogs.zip

Also let me know if your status has improved, stayed the same, or gotten worse.

 

Sorry about that. I copied in the wrong boilerplate for your Windows version. Use the below instead. I'll start with running the command script file since you already installed SubInAcl.

• Now download the below file and save it to your Desktop:
  • resetperm.cmd
• Now double click on resetperm.cmd to run this script. Be patient as this may take awhile to run. Also it is imperative that you Run As Administrator. This is not the same thing as your user account having administrator priviledges.

Once it finishes, reboot your PC.

Then continue with the remaining instructions from my previous message

 

Yes this may be a good idea. Also I would like you to run the below while it is not working so you will need to download it while you have a connection.


Now please download Farbar Service Scanner and run it on the computer with the issue.

• Put a check mark in each option box on the left side.
• Click "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please attach this log to your next reply.