GeekPolice Tech TutorialsLog in

 

Trojan.DNSChanger and SearchScopes

Share

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
DDS is telling me that it was not meant to run in compatibility mode.

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
Ok. Please run MBAM again and make sure the infection is cleaned.

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
Malwarebytes Anti-Malware

Scan Date: 3/31/2015
Scan Time: 12:59:40 PM
Logfile:
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.03.31.07
Rootkit Database: v2015.03.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Michelle

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 367400
Time Elapsed: 55 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 1
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{5EA0F310-66E7-47DE-8308-90A94C0279A0}|NameServer, 31.168.228.251,82.166.96.251, Good: (), Bad: (31.168.228.251,82.166.96.251),Replaced,[d142df6d9feb82b46f38f6067b8a7789]

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



No matter how many times I do the scan and clean, this Trojan is still there.

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
Please go to Control Panel, Programs and Features and make sure that there are no unwanted programs there. Also, check you browser to make sure there are no Add-ons.

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
Both are clean. I had an "UltraVNC" record in my Programs that I couldn't uninstall so I deleted the registry key for it.

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
DarrenC wrote:
Both are clean. I had an "UltraVNC" record in my Programs that I couldn't uninstall so I deleted the registry key for it.

You might want to look in Program Files to see if there is anything left there.

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
There was nothing out of the ordinary that I could find

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
So, where do we stand now?

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
Same as before. Had more pop-ups today.

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
What browser are you using?

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
Chrome

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
Do you receive any pop-ups with other browsers?

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
Nope. It is apparently just Chrome.

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
Did you try uninstalling and re-installing Chrome? Did you check if there are any add-ons in Chrome?

descriptionRe: Trojan.DNSChanger and SearchScopes

more_horiz
Uninstalled Chrome. Ran everything I had for scans. Antimalware came back with the same thing, and now I am getting popups in Firefox...
Permissions in this forum:
You cannot reply to topics in this forum