Jump to content

Utopia.net dns hijacker (no internet)

Lyx

By Lyx
in Resolved Malware Removal Logs

 Share

Recommended Posts

Lyx

Lyx

Posted
Posted

Hi, so now it's my time to have issues with the infamous utopia.net

Here is the situation:I don't have access to internet with google chrome, discord, steam or anything.

But I can use the ping command in the CMD to ping 8.8.8.8 and 8.8.4.4 and I do have a reply.

In the task manager>performance under my ethernet, the DNS name is utopia.net

In my registry in here :

Ordinateur\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\

I have a value where DhcpDomaine is set to "utopia.net"

Also, my router itself is corrupted, because I have the very same issue with my desktop (using ethernet) and my laptop (using wifi)

So while my desktop wasn't connected to my router, I ran adwcleaner and zhpcleaner and various antimalware software and forcing my dns to be 8.8.8.8 and 8.8.4.4 and hard reset my router manually with a button. But it didn't work.


The difference with all the post I have seen about utopia, is that it appears that I'm the only one without internet access...

I can provide you with anything you need to help me, I know my ways around a computer so I'll be able to do pretty much anything you ask.

Now I'm helpless, I tried everything I knew, so if you can be of any help, it would be amazing.

Lyx.

Link to post
Share on other sites
nasdaq

nasdaq

Posted
Posted

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Using a running computer or phone with an internet connection download this Farbar program.
Copy the Downloaded file to the DESKTOP of the compromised computer and run it as an administrator.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs  for my review.

Wait for further instructions
====

Link to post
Share on other sites
Lyx

Lyx

Posted
  • Author
Posted

Oh nasquad, I saw you solve a similar issue few months ago, I was really hoping you would help me, thanks for the help.

I not sure that copy/past FRST.txt is a good idea, there is more than 1000 line, so I attached it.

And some update, I tried to disconect all my computer from my router, and reset the router to factory setting with the button, and try to conect my phone to it, (who was not in wifi before) and their is still the same issue but on my phone that worry me a lot...

 

Addition.txt FRST.txt

Link to post
Share on other sites
nasdaq

nasdaq

Posted
Posted

Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know if your problem is solved.

fixlist.txt

Link to post
Share on other sites
nasdaq

nasdaq

Posted
Posted

Hi,

Yes!

Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

How is it now?

Link to post
Share on other sites
  • 2 weeks later...
  • 3 weeks later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept