ALL PP F0 F1 F2 F3 R0 R1 N1 N2 N3 N4 O1 O2 O3 O4 O5 O6 O7 O8
O9 O10 O11 O12 O13 O14 O15 O16 O17 O18 O19 O20 O21 O22 O23 CHR FF
View MDO database (O17)
Showing entries 1 to 19 of 19.
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{0A613956-1E91-46BC-924A-18E09529591E}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{20B8F31B-F6BD-4542-9E1F-6DAE9135273D}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Remove with Add/Remove program applet. http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{583DA6D5-67A1-4176-8AD3-13A906572716}: NameServer = 195.95.218.4 85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{686EF0E6-8721-410E-A334-5C72A02A9AEA}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
|
(L) O17 - HKLM\System\CCS\Services\Tcpip\..\{78122F29-E19D-4221-AE44-FFF9024A8173}: NameServer = 206.47.244.56 206.47.244.14 Bell Canada http://www.samspade.org/t/lookat?a=206.47.244.14 Windows ALL; discovered by Angoid |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{90F080AC-AC09-46EC-9007-B547A922DB48}: NameServer = 69.50.184.84,195.225.176.37 Trojan.Flush.B Fix / Info: HijackThis, Symantec's instructions http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html Windows ALL; discovered by Angoid |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{B6CC3849-AC26-4F75-BB33-9659F7F2C299}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{B7C5CD2F-2641-45F4-80FC-4A9027A3AE55}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{C2C62D71-7349-42A3-B119-168AB06EC5E4}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{CD4D30E6-C9AA-4CC8-A8E0-DD61E8DD5CCD}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Remove with Add/Remove program applet. http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{CE5A438C-09EA-4221-B8F2-B7864E988FB6}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
|
(L) O17 - HKLM\System\CCS\Services\Tcpip\..\{DA0F66F8-3636-49C8-833C-125AB927B765}: NameServer = 213.120.62.99 213.120.62.102 BT Worl internet provider. Windows ALL; discovered by nasdaq |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{DA0F66F8-3636-49C8-833C-125AB927B765}: NameServer = 69.50.184.84 195.225.176.37 Trojan.Flush.B is a Trojan horse program that modifies DNS settings on the compromised computer. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html Windows ALL; discovered by nasdaq |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{DF8E89A4-78BB-4409-897F-C766EB79EB33}: NameServer = 69.50.184.84,195.225.176.37 Trojan.Flush.B Fix / Info: HijackThis, Symantec's instructions http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html Windows ALL; discovered by Angoid |
|
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{F7D2BF6B-B150-4706-8C27-62DBCDE56F3F}: NameServer = 69.50.184.84,195.225.176.37 Trojan.Flush.B Fix / Info: HijackThis, Symantec's instructions http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html Windows ALL; discovered by Angoid |
|
(L) O17 - HKLM\System\CCS\Services\Tcpip\..\{FC3E942F-90A7-4F22-8EAD-5005A93A4EC8}: NameServer = 80.118.196.41 80.118.192.111 Appears to be some French entry, possibly to do with www.neuf.fr and www.9online.fr Fix / Info: Legitimate http://www.bullguard.com/forum/9/Very-bigs-problemsI-struggle-a_4135.html Windows ALL; discovered by Angoid |
|
(L) O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = www.sify.com Sify.com - ISP and Broadband Provider http://broadband.sify.com/ Windows ALL; discovered by Angoid |
|
(L) O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 202.144.10.50,202.144.13.50 Resolves to Sify.com - ISP and Broadband provider http://www.samspade.org/t/lookat?a=202.144.13.50 Windows ALL; discovered by Angoid |
|
(X) O17 - HKLM\System\CS1\Services\Tcpip\..\{0A613956-1E91-46BC-924A-18E09529591E}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
This is a list of items that is designed to help with the analysis of HijackThis, DDS, OTL and FRST logs.
It is by no means exhaustive (in fact it is being added to all the time), and is intended
to complement other legitimate online lists.