View all database entries

ALL  PP  F0  F1  F2  F3  R0  R1  N1  N2  N3  N4  O1  O2  O3  O4  O5  O6  O7  O8  
O9  O10  O11  O12  O13  O14  O15  O16  O17  O18  O19  O20  O21  O22  O23  CHR  FF  

View MDO database (O17)

Showing entries 1 to 19 of 19.


(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{0A613956-1E91-46BC-924A-18E09529591E}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix / Info: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows ALL; discovered by nasdaq
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{20B8F31B-F6BD-4542-9E1F-6DAE9135273D}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix / Info: HijackThis - Remove with Add/Remove program applet.
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows ALL; discovered by nasdaq
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{583DA6D5-67A1-4176-8AD3-13A906572716}: NameServer = 195.95.218.4 85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix / Info: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows ALL; discovered by nasdaq
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{686EF0E6-8721-410E-A334-5C72A02A9AEA}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix / Info: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows ALL; discovered by nasdaq
(L) O17 - HKLM\System\CCS\Services\Tcpip\..\{78122F29-E19D-4221-AE44-FFF9024A8173}: NameServer = 206.47.244.56 206.47.244.14
Bell Canada
http://www.samspade.org/t/lookat?a=206.47.244.14
Windows ALL; discovered by Angoid
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{90F080AC-AC09-46EC-9007-B547A922DB48}: NameServer = 69.50.184.84,195.225.176.37
Trojan.Flush.B
Fix / Info: HijackThis, Symantec's instructions
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html
Windows ALL; discovered by Angoid
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{B6CC3849-AC26-4F75-BB33-9659F7F2C299}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix / Info: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows ALL; discovered by nasdaq
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{B7C5CD2F-2641-45F4-80FC-4A9027A3AE55}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix / Info: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows ALL; discovered by nasdaq
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{C2C62D71-7349-42A3-B119-168AB06EC5E4}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix / Info: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows ALL; discovered by nasdaq
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{CD4D30E6-C9AA-4CC8-A8E0-DD61E8DD5CCD}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix / Info: HijackThis - Remove with Add/Remove program applet.
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows ALL; discovered by nasdaq
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{CE5A438C-09EA-4221-B8F2-B7864E988FB6}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix / Info: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows ALL; discovered by nasdaq
(L) O17 - HKLM\System\CCS\Services\Tcpip\..\{DA0F66F8-3636-49C8-833C-125AB927B765}: NameServer = 213.120.62.99 213.120.62.102
BT Worl internet provider.
Windows ALL; discovered by nasdaq
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{DA0F66F8-3636-49C8-833C-125AB927B765}: NameServer = 69.50.184.84 195.225.176.37
Trojan.Flush.B is a Trojan horse program that modifies DNS settings on the compromised computer.
Fix / Info: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html
Windows ALL; discovered by nasdaq
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{DF8E89A4-78BB-4409-897F-C766EB79EB33}: NameServer = 69.50.184.84,195.225.176.37
Trojan.Flush.B
Fix / Info: HijackThis, Symantec's instructions
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html
Windows ALL; discovered by Angoid
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{F7D2BF6B-B150-4706-8C27-62DBCDE56F3F}: NameServer = 69.50.184.84,195.225.176.37
Trojan.Flush.B
Fix / Info: HijackThis, Symantec's instructions
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html
Windows ALL; discovered by Angoid
(L) O17 - HKLM\System\CCS\Services\Tcpip\..\{FC3E942F-90A7-4F22-8EAD-5005A93A4EC8}: NameServer = 80.118.196.41 80.118.192.111
Appears to be some French entry, possibly to do with www.neuf.fr and www.9online.fr
Fix / Info: Legitimate
http://www.bullguard.com/forum/9/Very-bigs-problemsI-struggle-a_4135.html
Windows ALL; discovered by Angoid
(L) O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = www.sify.com
Sify.com - ISP and Broadband Provider
http://broadband.sify.com/
Windows ALL; discovered by Angoid
(L) O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 202.144.10.50,202.144.13.50
Resolves to Sify.com - ISP and Broadband provider
http://www.samspade.org/t/lookat?a=202.144.13.50
Windows ALL; discovered by Angoid
(X) O17 - HKLM\System\CS1\Services\Tcpip\..\{0A613956-1E91-46BC-924A-18E09529591E}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix / Info: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows ALL; discovered by nasdaq

This is a list of items that is designed to help with the analysis of HijackThis, DDS, OTL and FRST logs.
It is by no means exhaustive (in fact it is being added to all the time), and is intended to complement other legitimate online lists.