i have trojan dns change help i need to remov

May 12, 2010 at 15:05:12
Specs: Windows 7, 1gb
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\RegCure\RegCure.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Prize Live Toolbar BHO - {a4d3eb65-a437-449e-b7ef-203afb312f46} - mscoree.dll (file missing)
O3 - Toolbar: Prize Live Toolbar - {594d6baf-faa1-4ff1-beff-e4f1674c22c5} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\aestsrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\STacSV.exe

--
End of file - 3880 bytes


See More: i have trojan dns change help i need to remov

Report •

#1
May 12, 2010 at 15:30:55
And What Anti-Virus scans have you tried? I recommend a Malwarebytes scan...

http://www.malwarebytes.org/


Report •

#2
May 12, 2010 at 16:09:24
I tryed that already it still keeps coming up

Report •

#3
May 12, 2010 at 16:10:06
it takes it off when i go offline then i run malybytes again online it comes back

Report •

Related Solutions

#4
May 12, 2010 at 16:18:55
i tyred Avg Nortan ,and avasts nothing comes up

Report •

#5
May 12, 2010 at 16:26:43
Sounds like you have a rootkit. They are hard to get rid of because Windows keeps restoring them after the anti-virus removes them...

http://blogs.techrepublic.com.com/n...


Report •

#6
May 12, 2010 at 16:28:19
how can i get of rootkit?

Report •

#7
May 12, 2010 at 16:28:55
I mean how can i get rid of rootkit?

Report •

#8
May 12, 2010 at 17:05:16
The Post I gave you had some of the solutions in it.

http://blogs.techrepublic.com.com/n...

but the absolute best way is to format and reinstall windows. I just re image computers that get one because I do not know if I got rid of it entirely.


Report •

#9
May 13, 2010 at 01:25:56
The Rescue CD from Kaspersky removed a very nasty rootkit for me, so easily that is almost unbelievable after I tried so many other things and failed. Maybe give that a try.

I think the other tools failed because it was run under the infected windows, which is controlled by rootkit. Boot from the Rescue CD, so the rootkit/your infected windows isn't activated, then do the scan, it reveals all, at least in my case. Good luck!

http://devbuilds.kaspersky-labs.com...


Report •

Ask Question