Trojan.DNSChanger and SearchScopes

# AdwCleaner v4.201 - Logfile created 20/04/2015 at 10:15:08
# Updated 08/04/2015 by Xplode
# Database : 2015-04-19.4 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Michelle - MICHELLE-LAPTOP
# Running from : C:\Users\Michelle\Downloads\adwcleaner_4.201.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\VCL

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

#NAME?


-\\ Mozilla Firefox v37.0.1 (x86 en-US)


#NAME?


*************************

AdwCleaner[R0].txt - [725 bytes] - [20/04/2015 10:15:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [783 bytes] ##########

Is it affecting the operation of your computer?

What do you mean?

I cannot run Chrome properly without pop-ups

DarrenC wrote:

What do you mean?

I cannot run Chrome properly without pop-ups

Does it happen with other browsers?

Just Chrome

There is something amiss with Chrome. Did you try uninstalling and reinstalling it?

Yup. Tried that on page 2 =(

Do you have any Add-ons in Chrome. It appears the something in Chrome is causing these pop-ups.

There are no add-ons or anything in any browser. The adds in Chrome seem to be coming from "CloudScout" but there is nothing evident in my installed programs or anything. I changed my DNS back to be automatically obtained and there was one in there (I assume was changed by the DNSChanger that MBAM keeps finding) but I still have the ads and pop-ups

This is a puzzler. Let's try running this. In the meantime, I will have a colleague take a look at this thread.

Please download RenewMyDNS by DragonMaster Jay.

•Save it to your Desktop.
•Right-click on the file and select Extract All...
•Choose a location to save extracted files and keep pressing Next until Finished.
•Double-click RenewMyDNS folder, then double-click RenewMyDNS.bat to start the program.
•Follow the prompts, and when finished it will launch a log.
•Post that log in your next reply.
•After posting the log, delete the folder RenewMyDNS.

RenewMyDNS by DragonMaster Jay
DNS Diagnostics and refresher
Version 0.1.4 - November 2009

Microsoft Windows [Version 6.3.9600]


(((((((((((((((((((( Network and DNS Information ))))))))))))))))))))



Windows IP Configuration

Host Name . . . . . . . . . . . . : Michelle-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter DP VPN Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DP VPN Connection
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.0.212(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Local Area Connection* 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
Physical Address. . . . . . . . . : 9C-AD-97-AC-62-C2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188EE 802.11 b/g/n Wi-Fi Adapter
Physical Address. . . . . . . . . : 9C-AD-97-AC-62-C2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b84e:d920:7343:e32c%5(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.10.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, April 20, 2015 10:22:36 AM
Lease Expires . . . . . . . . . . : Thursday, April 23, 2015 6:27:32 AM
Default Gateway . . . . . . . . . : 192.168.10.1
DHCP Server . . . . . . . . . . . : 192.168.10.1
DHCPv6 IAID . . . . . . . . . . . : 110931351
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-5F-BE-D0-64-51-06-AE-1D-04
DNS Servers . . . . . . . . . . . : 192.168.10.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 64-51-06-AE-1D-04
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

(((((((((((((((((((( DNS-Fake Request Testing and Flush ))))))))))))))))))))

... Requests made were successful

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.


(((((((((((((((((((( Speed-test - Ping ))))))))))))))))))))

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Request timed out.
Request timed out.
Reply from 206.190.36.45: bytes=32 time=68ms TTL=52
Reply from 206.190.36.45: bytes=32 time=69ms TTL=52

Ping statistics for 206.190.36.45:
Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 68ms, Maximum = 69ms, Average = 68ms

Pinging GeekPolice.net [184.168.221.8] with 32 bytes of data:
Request timed out.
Reply from 184.168.221.8: bytes=32 time=147ms TTL=56
Reply from 184.168.221.8: bytes=32 time=228ms TTL=55
Reply from 184.168.221.8: bytes=32 time=152ms TTL=56

Ping statistics for 184.168.221.8:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 147ms, Maximum = 228ms, Average = 175ms

Pinging facebook.com [173.252.120.6] with 32 bytes of data:
Request timed out.
Reply from 173.252.120.6: bytes=32 time=109ms TTL=83
Reply from 173.252.120.6: bytes=32 time=109ms TTL=83
Reply from 173.252.120.6: bytes=32 time=113ms TTL=83

Ping statistics for 173.252.120.6:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 109ms, Maximum = 113ms, Average = 110ms

Pinging microsoft.com [134.170.185.46] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 134.170.185.46:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

********************
EOF

Any change?

Seemingly good, so far, since the DNS change I mentioned

Please keep me posted.

It seems to be OK again so far

Ok. This was a tough one but I learned something. You can do the clean up I suggested earlier and we'll be done. I will lock this thread. If you need it re-opened, please send me a pm.

Sounds good. Thanks again!

DarrenC wrote:

Sounds good. Thanks again!

You're welcome.