View MDO database (O17)
Showing entries 1 to 19 of 19.
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{0A613956-1E91-46BC-924A-18E09529591E}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{20B8F31B-F6BD-4542-9E1F-6DAE9135273D}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Remove with Add/Remove program applet. http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{583DA6D5-67A1-4176-8AD3-13A906572716}: NameServer = 195.95.218.4 85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{686EF0E6-8721-410E-A334-5C72A02A9AEA}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
(L) O17 - HKLM\System\CCS\Services\Tcpip\..\{78122F29-E19D-4221-AE44-FFF9024A8173}: NameServer = 206.47.244.56 206.47.244.14 Bell Canada http://www.samspade.org/t/lookat?a=206.47.244.14 Windows ALL; discovered by Angoid |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{90F080AC-AC09-46EC-9007-B547A922DB48}: NameServer = 69.50.184.84,195.225.176.37 Trojan.Flush.B Fix / Info: HijackThis, Symantec's instructions http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html Windows ALL; discovered by Angoid |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{B6CC3849-AC26-4F75-BB33-9659F7F2C299}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{B7C5CD2F-2641-45F4-80FC-4A9027A3AE55}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{C2C62D71-7349-42A3-B119-168AB06EC5E4}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{CD4D30E6-C9AA-4CC8-A8E0-DD61E8DD5CCD}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Remove with Add/Remove program applet. http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{CE5A438C-09EA-4221-B8F2-B7864E988FB6}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
(L) O17 - HKLM\System\CCS\Services\Tcpip\..\{DA0F66F8-3636-49C8-833C-125AB927B765}: NameServer = 213.120.62.99 213.120.62.102 BT Worl internet provider. Windows ALL; discovered by nasdaq |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{DA0F66F8-3636-49C8-833C-125AB927B765}: NameServer = 69.50.184.84 195.225.176.37 Trojan.Flush.B is a Trojan horse program that modifies DNS settings on the compromised computer. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html Windows ALL; discovered by nasdaq |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{DF8E89A4-78BB-4409-897F-C766EB79EB33}: NameServer = 69.50.184.84,195.225.176.37 Trojan.Flush.B Fix / Info: HijackThis, Symantec's instructions http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html Windows ALL; discovered by Angoid |
(X) O17 - HKLM\System\CCS\Services\Tcpip\..\{F7D2BF6B-B150-4706-8C27-62DBCDE56F3F}: NameServer = 69.50.184.84,195.225.176.37 Trojan.Flush.B Fix / Info: HijackThis, Symantec's instructions http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html Windows ALL; discovered by Angoid |
(L) O17 - HKLM\System\CCS\Services\Tcpip\..\{FC3E942F-90A7-4F22-8EAD-5005A93A4EC8}: NameServer = 80.118.196.41 80.118.192.111 Appears to be some French entry, possibly to do with www.neuf.fr and www.9online.fr Fix / Info: Legitimate http://www.bullguard.com/forum/9/Very-bigs-problemsI-struggle-a_4135.html Windows ALL; discovered by Angoid |
(L) O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = www.sify.com Sify.com - ISP and Broadband Provider http://broadband.sify.com/ Windows ALL; discovered by Angoid |
(L) O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 202.144.10.50,202.144.13.50 Resolves to Sify.com - ISP and Broadband provider http://www.samspade.org/t/lookat?a=202.144.13.50 Windows ALL; discovered by Angoid |
(X) O17 - HKLM\System\CS1\Services\Tcpip\..\{0A613956-1E91-46BC-924A-18E09529591E}: NameServer = 195.95.218.4,85.255.112.9 Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites. Fix / Info: HijackThis - Trojan/Virus removal tools http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html Windows ALL; discovered by nasdaq |
This is a list of items that is designed to help with the analysis of HijackThis, DDS, OTL and FRST logs.
It is by no means exhaustive (in fact it is being added to all the time), and is intended
to complement other legitimate online lists.