Jump to content

Infected DNSAPI.DLL Trojan.Patched.Shopperz.1


bezadm

Recommended Posts

Hi, I realized a month ago that my MS Security Essential has issued an alarm that "dnsapi.dll" under [Windows]\system32 and [Windows]\sysWOW64 is patched by a trojan. Removing it resulted in loss of internet connection in web browsers and Skype. So each time I had to recover the infected dll. It seems the trojan has removed the original Windows file for good. I have not tried to see how Malawarebytes deals with the infected file after it prompts me about the scan results. I have noticed many users have trouble restoring the original file.

 

I have no restore points from before the infection took place.

 

addition.txt, and frst.txt attached. utorrent not running as advised (it is a portable version only, I deleted the folder and I do not keep it resident).

 

Please advise the best method to restore the original file.

 

Thanks.

Behzad

Addition.txt

FRST.txt

Link to post
Share on other sites

Hello and Welcome!

Well we would really like to help you further if we could but since the logs show that this computer has entries designed to steal and/or pirate software (from Microsoft, ACDsee and Adobe) we will not be able to assist you without you removing and/or uninstalling the pirated software.

This topic will be closed by one of the Admins or Mods due to evidence of cracked or pirated software on this system.

Piracy Policy

Thank you

Link to post
Share on other sites

  • Root Admin

127.0.0.1 acdid.acdsystems.com127.0.0.1   clients.babylon.co.il
127.0.0.1    acdid.acdsystems.com
127.0.0.1       adobeereg.com
127.0.0.1       www.adobeereg.com
127.0.0.1       activate.adobe.com
127.0.0.1       activate-sea.adobe.com
127.0.0.1       activate-sjc0.adobe.com
127.0.0.1       wwis-dubc1-vip60.adobe.com

<snip>

Task: {C650956F-0941-4256-9D9C-285D55E4438D} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.