Jump to content

TT280

Members
  • Posts

    4
  • Joined

  • Last visited

Everything posted by TT280

  1. That seemed to run OK however Kaspersky wasn't too happy about it! It thought a trojan was running and wants to disinfect? Please see attached jpeg.
  2. Hi Kevin, Been through everything I can think of that I might have used in the period I contracted the malware and everything appears to be working as it should. Next question I guess is what I should do now, assuming it has been removed, to prevent reinfection. Kaspersky seems to have failed in this case so I should inform them. What info should I send them? Thanks for your help in this.
  3. Hi Kevin, Thanks for the help. Please find logs pasted below and note pad versions attached. After a quick test the browsers look clear now, fingers crossed? Thanks. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 06/09/2015 Scan Time: 12:18 Logfile: Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.09.06.03 Rootkit Database: v2015.08.16.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: User Scan Type: Threat Scan Result: Completed Objects Scanned: 438712 Time Elapsed: 6 min, 20 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) # AdwCleaner v5.005 - Logfile created 06/09/2015 at 13:42:22 # Updated 31/08/2015 by Xplode # Database : 2015-09-04.4 [server] # Operating system : Windows 7 Professional Service Pack 1 (x64) # Username : User - HFIELD-YOYO-01 # Running from : C:\Users\User\Desktop\AdwCleaner.exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder Deleted : C:\Program Files (x86)\globalUpdate [-] Folder Deleted : C:\ProgramData\ec9c076800005c0d [-] Folder Deleted : C:\ProgramData\{75d7e487-1bf3-6eea-75d7-7e4871bf921c} [-] Folder Deleted : C:\Users\User\AppData\Local\globalUpdate [-] Folder Deleted : C:\Users\User\AppData\Roaming\Store [-] Folder Deleted : C:\Users\User\AppData\Roaming\WTools ***** [ Files ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\836e2399-690b-e108-8b60-102ea7cccd8c [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{062D6B05-B83A-46DE-81AD-1750FB7C8DE5} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{92B0265C-B929-4D42-BA54-75AA39C99198} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{062D6B05-B83A-46DE-81AD-1750FB7C8DE5} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{92B0265C-B929-4D42-BA54-75AA39C99198} [-] Key Deleted : HKCU\Software\GlobalUpdate [-] Key Deleted : HKCU\Software\Store [-] Key Deleted : HKCU\Software\WTools [-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} [-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate [!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate [!] Key Not Deleted : [x64] HKCU\Software\Store [!] Key Not Deleted : [x64] HKCU\Software\WTools ***** [ Web browsers ] ***** [-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : uk.ask.com ************************* :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1998 bytes] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.0 (08.31.2015:1) OS: Windows 7 Professional x64 Ran by User on 06/09/2015 at 13:56:24.98 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5pjxz78z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\5pjxz78z.default\minidumps [1 files] ~~~ Chrome [C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 06/09/2015 at 13:58:28.87 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.19, December 2014 (build 5.19.10902.0) Started On Fri Dec 26 09:58:24 2014 Engine: 1.1.11202.0 Signatures: 1.189.872.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Fri Dec 26 09:59:10 2014 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0) Started On Wed Jan 14 03:00:20 2015 Engine: 1.1.11302.0 Signatures: 1.191.1276.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Jan 14 03:01:22 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0) Started On Wed Feb 11 03:00:49 2015 Engine: 1.1.11302.0 Signatures: 1.191.3593.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 11 03:02:05 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0) Started On Sat Mar 21 10:28:11 2015 Engine: 1.1.11400.0 Signatures: 1.193.1181.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Sat Mar 21 10:29:47 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0) Started On Sat Apr 18 21:38:34 2015 Engine: 1.1.11502.0 Signatures: 1.195.1215.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Sat Apr 18 21:40:18 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.24, May 2015 (build 5.24.11401.0) Started On Thu May 14 07:06:42 2015 Engine: 1.1.11602.0 Signatures: 1.197.1100.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu May 14 07:08:02 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.25, June 2015 (build 5.25.11502.0) Started On Wed Jun 24 02:29:03 2015 Engine: 1.1.11701.0 Signatures: 1.199.892.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Jun 24 02:31:29 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.26, July 2015 (build 5.26.11604.0) Started On Thu Jul 23 02:53:13 2015 Engine: 1.1.11804.0 Signatures: 1.201.883.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Jul 23 02:55:15 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.27, August 2015 (build 5.27.11700.0) Started On Wed Aug 12 01:22:42 2015 Engine: 1.1.11903.0 Signatures: 1.203.693.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Aug 12 01:24:54 2015 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.27, August 2015 (build 5.27.11700.0) Started On Sun Sep 06 14:04:43 2015 Engine: 1.1.11903.0 Signatures: 1.203.693.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Sun Sep 06 14:16:51 2015 Return code: 0 (0x0) mrt 2015-09-06 14-10ish.log JRT 2015-09-06 13-56.txt AdwCleaner 2015-09-06 13-42.txt Malwarebytes Scan 2015-09-06 12-18.txt
  4. Hi, I seem to be in the same position as Manbaby (Posted 25 August 2015 - 11:37 AM). Have been through all the steps I can find to remove 'DNSUnlocker', run Kaspersky, Malwarebytes, tried removing 'addons', but couldn't find any. Finally I have followed the instructions in this topic up to the point where you advise using Rogue Killer but 'not fixing anything'. I didn't fix anything. You then advise sending some of the log files and waiting for ypour response. Please see attached below. DNSUnlocker appears on all my browsers (Explorer, Chrome and Firefox). <2015-08-31A Malwarebytes Scan Result.xml> is result before removal of files. <2015-08-31B Malwarebytes Scan Result.xml> is a scan after removal of files Thanks, TT280 2015-08-31A Malwarebytes Scan Result.xml2015-08-31B Malwarebytes Scan Result.xml Addition.txt FRST.txt Roguekiller Export TXT Log 2015-08-31A.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.