| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 99864 | 2009-05-17 13:52:00 | how to delete infected HKEY entries? please help! | flipchick5254 (14918) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 774680 | 2009-05-17 13:52:00 | i found a trojan on my computer and i'm tryin to get rid of it manually. on my last scan these hkey entries popped up: HKEY_LOCAL_MACHINE\SYSTEM\CurrentContr... (Trojan.DNSChanger) -> Data: 85.255.112.68 85.255.112.221 1.2.3.4 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentContr... (Trojan.DNSChanger) -> Data: 85.255.112.68 85.255.112.221 1.2.3.4 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet00... (Trojan.DNSChanger) -> Data: 85.255.112.68 85.255.112.221 1.2.3.4 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet00... (Trojan.DNSChanger) -> Data: 85.255.112.68 85.255.112.221 1.2.3.4 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet00... (Trojan.DNSChanger) -> Data: 85.255.112.68 85.255.112.221 1.2.3.4 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet00... (Trojan.DNSChanger) -> Data: 85.255.112.68 85.255.112.221 1.2.3.4 -> Delete on reboot. it says ut can delete automatically when i reboot my computer but whenever i do, they never delete. "/ how can i safely get rid of these manually? D: |
flipchick5254 (14918) | ||
| 774681 | 2009-05-17 14:58:00 | Try the following link... www.malwarebytes.org |
bob_doe_nz (92) | ||
| 774682 | 2009-05-17 19:39:00 | Turn off system restore download hijack this to your desktop run it and save the scan log then post it here. Also download and run Trojan remover. Both these programs are free although Trojan remover is a trial it will work install it update it then select all entries then run it | gary67 (56) | ||
| 774683 | 2009-05-17 21:39:00 | It is most probably reinfecting via an infected system restore point Disable it-Right click My computer>properties>System restore tab>Tick "disable System restore on all drives">OK ONce you have disabled system restore download mbam: www.malwarebytes.org Update, and perform a full scan. Then, download HJT: www.trendsecure.com Perform a scan and post the logfile here. Have you tried deleting the registry entries in Safe mode? Try running CCleaner, and clear both all temporary files and the registry option, to clear out leftover malware keys/values Blam |
Blam (54) | ||
| 1 | |||||