worm keeps modifying dns setttingsin registry

Discussion in 'Malware Help (A Specialist Will Reply)' started by rhinocl, Dec 27, 2008.

  1. rhinocl

    rhinocl Private E-2

    I had a virus w32.tidserv
    I have removed it a few times with various pieces of software, however it has installed a script or something similar that keeps changing my dns server to a known problem server in the Ukraine. It seems to work OK, but I know it will redirect when it wants to. I keep deleting all the dns data and keys in the registry but they keep appearing. Is there a simple to use program that will let me know what is changing my registry settings? Is there any way to lock the registry so that it can only be modified by keyboard input?
     
    rhinocl, Dec 27, 2008
    #1
  2. rhinocl

    rhinocl Private E-2

    I was able to completely remove the effects of this virus by following them malware removal guide on this forum. I had just about given up on that. Thanks.
     
    rhinocl, Dec 29, 2008
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You're welcome. It would however be a very good idea to attach the 4 requested logs to make sure that you are clean.
     
    chaslang, Jan 1, 2009
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds