(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{0A613956-1E91-46BC-924A-18E09529591E}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix using: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{0F902301-D005-499E-8448-F9E2EC98B9A7}: NameServer = 8.8.8.8
Sysinternals Antivirus ROGUE! anti-spyware program.
http://www.bleepingcomputer.com/virus-removal/remove-sysinternals-antivirus
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{20B8F31B-F6BD-4542-9E1F-6DAE9135273D}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix using: HijackThis - Remove with Add/Remove program applet.
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{583DA6D5-67A1-4176-8AD3-13A906572716}: NameServer = 195.95.218.4 85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix using: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{686EF0E6-8721-410E-A334-5C72A02A9AEA}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix using: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(L)O17 - HKLM\System\CCS\Services\Tcpip\..\{78122F29-E19D-4221-AE44-FFF9024A8173}: NameServer = 206.47.244.56 206.47.244.14
Bell Canada
http://www.samspade.org/t/lookat?a=206.47.244.14
Windows: ALL; discoverer: Angoid (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{90F080AC-AC09-46EC-9007-B547A922DB48}: NameServer = 69.50.184.84,195.225.176.37
Trojan.Flush.B
Fix using: HijackThis, Symantec's instructions
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html
Windows: ALL; discoverer: Angoid (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{9239B395-78B0-4938-AC0D-692A7A7C682C}: NameServer = 8.8.8.8
Sysinternals Antivirus ROGUE! anti-spyware program.
http://www.bleepingcomputer.com/virus-removal/remove-sysinternals-antivirus
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{B6CC3849-AC26-4F75-BB33-9659F7F2C299}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix using: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{B7C5CD2F-2641-45F4-80FC-4A9027A3AE55}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix using: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{C2C62D71-7349-42A3-B119-168AB06EC5E4}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix using: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{CD4D30E6-C9AA-4CC8-A8E0-DD61E8DD5CCD}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix using: HijackThis - Remove with Add/Remove program applet.
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{CE5A438C-09EA-4221-B8F2-B7864E988FB6}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix using: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{D3D77D58-5997-458E-A70C-892555CEEC52}: NameServer = 8.8.8.8
Sysinternals Antivirus ROGUE! anti-spyware program.
http://www.bleepingcomputer.com/virus-removal/remove-sysinternals-antivirus
Windows: ALL; discoverer: nasdaq (Edit)
|
(L)O17 - HKLM\System\CCS\Services\Tcpip\..\{DA0F66F8-3636-49C8-833C-125AB927B765}: NameServer = 213.120.62.99 213.120.62.102
BT Worl internet provider.
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{DA0F66F8-3636-49C8-833C-125AB927B765}: NameServer = 69.50.184.84 195.225.176.37
Trojan.Flush.B is a Trojan horse program that modifies DNS settings on the compromised computer.
Fix using: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{DF8E89A4-78BB-4409-897F-C766EB79EB33}: NameServer = 69.50.184.84,195.225.176.37
Trojan.Flush.B
Fix using: HijackThis, Symantec's instructions
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html
Windows: ALL; discoverer: Angoid (Edit)
|
(X)O17 - HKLM\System\CCS\Services\Tcpip\..\{F7D2BF6B-B150-4706-8C27-62DBCDE56F3F}: NameServer = 69.50.184.84,195.225.176.37
Trojan.Flush.B
Fix using: HijackThis, Symantec's instructions
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.b.html
Windows: ALL; discoverer: Angoid (Edit)
|
(L)O17 - HKLM\System\CCS\Services\Tcpip\..\{FC3E942F-90A7-4F22-8EAD-5005A93A4EC8}: NameServer = 80.118.196.41 80.118.192.111
Appears to be some French entry, possibly to do with www.neuf.fr and www.9online.fr
Fix using: Legitimate
http://www.bullguard.com/forum/9/Very-bigs-problemsI-struggle-a_4135.html
Windows: ALL; discoverer: Angoid (Edit)
|
(L)O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = www.sify.com
Sify.com - ISP and Broadband Provider
http://broadband.sify.com/
Windows: ALL; discoverer: Angoid (Edit)
|
(L)O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 202.144.10.50,202.144.13.50
Resolves to Sify.com - ISP and Broadband provider
http://www.samspade.org/t/lookat?a=202.144.13.50
Windows: ALL; discoverer: Angoid (Edit)
|
(X)O17 - HKLM\System\CS1\Services\Tcpip\..\{0A613956-1E91-46BC-924A-18E09529591E}: NameServer = 195.95.218.4,85.255.112.9
Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.
Fix using: HijackThis - Trojan/Virus removal tools
http://securityresponse.symantec.com/avcenter/venc/data/trojan.flush.e.html
Windows: ALL; discoverer: nasdaq (Edit)
|
(X)O17 - HKLM\System\CS1\Services\Tcpip\..\{0F902301-D005-499E-8448-F9E2EC98B9A7}: NameServer = 8.8.8.8
Sysinternals Antivirus ROGUE! anti-spyware program.
http://www.bleepingcomputer.com/virus-removal/remove-sysinternals-antivirus
Windows: ALL; discoverer: nasdaq (Edit)
|
