xxsilk109xx
New Member
- Reaction score
- 1
- Location
- Savannah, GA
A customer came in today and dropped off a computer that he had ran an SAS scan on, it removed the following entries. Once removed he cant get on internet.
what SAS removed:
Application Version : 4.55.1000
Core Rules Database Version : 7396
Trace Rules Database Version: 5208
Scan type : Quick Scan
Total Scan Time : 00:08:23
Memory items scanned : 633
Memory threats detected : 0
Registry items scanned : 1610
Registry threats detected : 4
File items scanned : 5272
File threats detected : 564
System.BrokenFileAssociation
HKCR\.exe
Trojan.DNS-Changer (Hi-Jacked DNS)
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS#NAMESERVER
HKLM\SYSTEM\CONTROLSET001\SERVICES\TCPIP\PARAMETERS#NAMESERVER
HKLM\SYSTEM\CONTROLSET002\SERVICES\TCPIP\PARAMETERS#NAMESERVER
When I try to get an ipconfig /all, i get:
Windows IP configuration
An internal error occured: Access is denied
Additional Information: Unable to open registry key for tcpip
I have tried running winsock fix, checked all the regular settings through IE, etc. however I have noticed that it does not see internet explorer installed for some reason...
Not really sure what to make of this registry error and how to fix it. I have restored what SAS did and it still does not work..
any suggestions?
what SAS removed:
Application Version : 4.55.1000
Core Rules Database Version : 7396
Trace Rules Database Version: 5208
Scan type : Quick Scan
Total Scan Time : 00:08:23
Memory items scanned : 633
Memory threats detected : 0
Registry items scanned : 1610
Registry threats detected : 4
File items scanned : 5272
File threats detected : 564
System.BrokenFileAssociation
HKCR\.exe
Trojan.DNS-Changer (Hi-Jacked DNS)
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS#NAMESERVER
HKLM\SYSTEM\CONTROLSET001\SERVICES\TCPIP\PARAMETERS#NAMESERVER
HKLM\SYSTEM\CONTROLSET002\SERVICES\TCPIP\PARAMETERS#NAMESERVER
When I try to get an ipconfig /all, i get:
Windows IP configuration
An internal error occured: Access is denied
Additional Information: Unable to open registry key for tcpip
I have tried running winsock fix, checked all the regular settings through IE, etc. however I have noticed that it does not see internet explorer installed for some reason...
Not really sure what to make of this registry error and how to fix it. I have restored what SAS did and it still does not work..
any suggestions?