Question about Operating Systems

1 Answer

I can't get rid of a trojan "DNSChanger.f!rootkit". Any ideas?

Posted by on

1 Answer

  • Level 3:

    An expert who has achieved level 3 by getting 1000 points

    All-Star:

    An expert that got 10 achievements.

    MVP:

    An expert that got 5 achievements.

    Genius:

    An expert who has answered 1,000 questions.

  • Master
  • 1,605 Answers

Download the "search and distory" from spybot.
take the computer off line while you scan for Trojan.
you need to scan the machine few time and restart it in bewteen each scan.

do a search on google for "dnsChanger*". and check the registry following the instruction.
NOTE: CARE MUST BE TAKEN WHEN VIEWING AND CHANGE THE SETTING IN THE REGISTRY.
make a backup copy of the registry if you are going to change anything at all.

Posted on Dec 08, 2008

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

2 Answers

How do i get rid of a trojan horse virus


If you are having trouble with suspected viruses on your computer, visit:

http://www.bleepingcomputer.com

Check out the forums to see what other remedies might be there. If worse comes to worst, post your own topic and someone will help you. One time, I had a terrible, very new, rootkit virus and it took 2 weeks to finally remove. But the help from BleepingComputer was exquisite.

Aug 13, 2012 | Microsoft Windows Vista Home Premium with...

1 Answer

Antivirus for dijamante virus/trojan required please guide


Use Prevx 3.0 to remove DIJAMANTE.EXE, along with any other viruses, spyware, adware, trojans, rootkits, worms, information stealers, keyloggers, bots, and other form of malicious threat that may reside on your PC.

Dec 15, 2010 | Operating Systems

4 Answers

I want to remove trojans from my pc


Assuming you're using windows. I'd use the instructions at http://forums.moneysavingexpert.com/showthread.php?t=133269

Sep 10, 2010 | Operating Systems

1 Answer

HOW TO REMOVE THE ROOTKIT.TDSS caused by the Trojan virsus


Hi, You have to remove these to get rid of this Rootkit. This post is for an Advanced User Only!
Files and Processes:
  • Files which spread the Virus:
  • RkLYLyoM.exe, podmena.exe, file.exe, ~.exe, 7-v3av.exe, csrssc.exe (note that this is not CSRSS.EXE), 72631899.exe, 1776260179.exe, ucxmykkc.exe.
  • The above files will create processes and run while spreading the Virus and providing Backdoors to your machine as well as performing Remote Attacks on Servers.
  • This Rootkit and associated Trojan creates .sys (system files) to alter network configurations as well.
  • Delete these files.
  • _VOIDd.sys, _VOID[random].sys, UAC[random].sys, UACyylfjdaa.dll, TDSSnrsr.dll, TDSSmaxt.sys, tdssserf.dll, TDSSriqp.dll, TDSSciou.dll, TDSSoexh.dll, tdidrv2.sys, RkLYLyoM.exe, podmena.exe, tdssserv.sys, file.exe, ~.exe, 7-v3av.exe, csrssc.exe, 72631899.exe, 1776260179.exe, ucxmykkc.exe
  • Each variant of this is associated with one or more files in the above list. It drops .dll (dynamic link library files) as well. Dll files and Sys files are the actual performers in the background.
  • You have to remove these files from the startup as well. Using msconfig. From their you may be able to find additional files associated with this one as well. Verify by browsing. Browse by the file name. If you found that it is a virus, note the path and next time you will be able to remove it. I ll provide instructions at the bottom of this post.

  • Directories:
  • C:\WINDOWS\_VOID[random]\
  • Delete this as well.

  • Delete Registry values Associated with this.
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\_VOIDd.sys
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\_VOID[random]
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UACd.sys
Note: Random means the file name will be different for each instance.
  • Unregistering DLL files. The most important one.
  • You have to unregister these .dll files.
  • UACyylfjdaa.dll, TDSSnrsr.dll, tdssserf.dll, TDSSriqp.dll, TDSSciou.dll, TDSSoexh.dll.
  • The unregistering instruction will be provided at the bottom of this post.
You must delete your Temporary internet Files and Local Settings \ Temp. Located - Root:\Documents and Settings\[Admin account name - this may be either Administrator or any other account which has Admin Rights]\Local Settings\Temp. Note: Root is the Partition which has Windows Installed (Example C drive)
You must be able to see Hidden Files and Folders. Follow the steps...
You must clean your Browser Cache using Internet Options. Each and every browser has a place to clear the Cache. As an example "Google Chrome has it under Options -> Under the Hood -> Clear Browsing Data. Its better if you can disable Local Caching.
I recommend to do this in Safemode. Use F8 after restarting the machine. The select Safemode. Note: You may or may not find Processes associated with this RK however because they will not be loaded. If so you can use msconfig to locate "Startup" programs.
After everything done, flush your DNS. Get a Command Prompt (Start -> Run -> Type cmd.exe and hit Enter) Type this command and hit Enter. ipconfig/ flushdns
Contd...Post is too long...

Jul 13, 2010 | Dell Microsoft Windows XP Home Edition

1 Answer

My computer is infected with trojans and banker viruses and i cant get my security disks to load.. Help.


Download, install and update the below antivirus and try:-
http://www.free-av.com/en/download/download_servers.php

May 20, 2010 | Operating Systems

2 Answers

How to remove TR/rootkit.gen trojan from Windows/system32 ? elp me pleasee


hello get an antivirus, that is all you require or windows essential security

Mar 27, 2010 | Microsoft Windows XP Professional

1 Answer

Rootkit taking my machine to pieces.


Hello!

For you information, you can´t beat a virus with repair system.
When virus come on your system, you must install a new system with full format hard disk.
I can´t see any antivirus program who can beat virus in the system.
I hope that will be helpful.

Nov 02, 2009 | Intel Operating Systems

2 Answers

Rootkit.19154! How to get rid o it?


There are many ways to protect your computer for hacking tools such as root kits. Download Windows Defender here. Also, you can scan your computer using this effective tool http://eset.com/onlinescan

Goodluck!

Oct 01, 2009 | Microsoft Windows XP Home Edition

2 Answers

Trojan on computer


You have to download trojan remover...

Dec 08, 2008 | Operating Systems

2 Answers

Anoying Security Alert


Download, update and run Spybot Search & Destroy at www.spybot.com Works better than most stuff you pay for.

Sep 11, 2007 | Microsoft Windows XP Professional With...

Not finding what you are looking for?
Operating Systems Logo

Related Topics:

89 people viewed this question

Ask a Question

Usually answered in minutes!

Top Operating Systems Experts

Les Dickinson
Les Dickinson

Level 3 Expert

18298 Answers

Brian Sullivan
Brian Sullivan

Level 3 Expert

27725 Answers

Prashant  Sharma
Prashant Sharma

Level 3 Expert

1127 Answers

Are you an Operating System Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...