Welcome, Guest
Username: Password: Remember me
The place to discuss all things IT and Internet related. Computers, Devices, Phones, Storage, Hardware and Software, Browsers, Connections, Proxy Servers, Security, Troubleshooting and more.

TOPIC: DNS Unlocker ad popup malware and Google Chrome

DNS Unlocker ad popup malware and Google Chrome 13 Sep 2015 00:39 #1

  • novum
  • novum's Avatar
  • Offline
  • Platinum Member
  • Posts: 18914
  • Likes received: 8920
So i kept getting this malware called DNS Unlocker which turns words on webpages into links and pops up ads.

Google Chrome seems to be more succeptible to this than the other browsers? So much so that ive just stopped using it and i uninstalled Chrome for now.

Firefox seems much better.

I use norton antivirus and that seems useless at stopping DNS unlocker. Im not sure how it gets in to infect but im thinking through google ads.

Anyway AdwCleaner finds the infected files, download it here toolslib.net/downloads/viewdownload/1-adwcleaner/

This malware also sneakily changes the DNS settings in your web connection, heres how to check for that in windows 7....

Control Panel > Network and Internet > Network and Sharing Center > Change Adapter Settings > Right-click your active internet connection (usually Wi-Fi since everyone uses that, unless your using a desktop) and click properties > Now under the Networking tab, scroll down until you find Internet Protocol Version 4 (TCP/IPv4) > Highlight that then click on properties > Both options in this windows should be automatic! The first option should be set to "Obtain an IP address automatically" and the second should be set to "Obtain DNS server address automatically!" If your computer belongs to a company or you actually have a custom DNS then this would not apply to you. Once you are finish, click "OK" and close the windows > Now go back into Chrome and reset your settings one more time and boom! It should work just fine.
I remember the good old days, when 90+ year olds in nursing homes lived forever. Darn this pesky virus.

1365 = 1

1.1365 = 1,283,305,580,313,352
Only registered members can reply. Create an Account to join the discussion.

DNS Unlocker ad popup malware and Google Chrome 13 Sep 2015 01:35 #2

  • Mario
  • Mario's Avatar
  • Offline
  • Mushroom Kingdom
  • You have the Right NOT to Vote! = for EVIL!
  • Posts: 4648
  • Likes received: 1516
I never touched Google Chrome since there beginnings... :nono: :noway:

Also was very sceptical about Opera Chrome being also run by them ......... but so far so good!


Never ended up with this one yet! (DNS Unlocker ) :dunno:

You using Opera Chrome also?

I'm only using these two Extensions & with one tool I can block anything as long it has a http:// address or even IP number.
You can block things out per web-page or even globally......

If you managed to locate the nasty address you just block it out for keeps with the HTTP Switchboard!

HTTP Switchboard
https://addons.opera.com/en/extensions/details/http-switchboard/





|||||||| ||||||||

Also I made it easy for myself like 1, 2 , 3 should I ever end up with any of there viruses if it did not get into my registry.

I always keep one clean Opera Chrome as a backup with all its files when it was clean & just copy it over it & all is gone in a minute!


Only make a copy of three entire folders >>>


1) C:\Program Files (x86)\Opera

2) C:\Users\YOUR USER ACCOUNT NAME\AppData\Local\Opera Software\Opera Stable

3) C:\Users\YOUR USER ACCOUNT NAME\AppData\Roaming\Opera Software\Opera Stable

@ oiram @
Last Edit: 13 Sep 2015 03:00 by Mario.
Only registered members can reply. Create an Account to join the discussion.

DNS Unlocker ad popup malware and Google Chrome 13 Sep 2015 02:33 #3

  • Mario
  • Mario's Avatar
  • Offline
  • Mushroom Kingdom
  • You have the Right NOT to Vote! = for EVIL!
  • Posts: 4648
  • Likes received: 1516
One more trick should you end up with something nasty in general & it infested your registry!

For me its quicker then using the restore function also it will change things I don't like it to change & does not guaranty to get rid of a virus which maybe was to long within your system & will just end up being replaced again through the restore system function.......

This was my life saver a hundred times over; because I'm playing around a lot within the heart of Windows.

(For experienced confident users only)

Requirement basic:


1) Always have a second partition with a basic Windows installed

2) A full copy of this Folder ............. C:\Windows\System32\config

3 ) A copy of this file ............... C:\Users\YOUR USER ACCOUNT NAME\ntuser.dat


Note:
You can only copy this Folder & the File if you entered your computer from the second Windows partition
Always make a copy of this Folder & File when your computer is clean & you happy with the general setup overall!

The only other way to copy this Folder & File if you are in a active Windows is by using this tool >>>

Shadow Explorer << Note: Restore system has to be active to see the Shadow copy files in the Explorer!
http://www.shadowexplorer.com/downloads.html


This self created system will kill everything out of your system ..... even self created problems by playing around to much!

So if you got the Copy of the entire Folder and the File ..


1) you open your computer within your second partition

2) go to your D:\ drive and delete the entire config folder ( D:\Windows\System32\config) & replace it with your clean backed up Folder! >> (Which you copied from the exact same location when your Computer was in a clean state! )

3) Go to your D:\ drive and delete the File ( D:\Users\YOUR USER ACCOUNT NAME\ntuser.dat) & replace it with your clean backed up file! >> (Which you copied from the exact same location when your Computer was in a clean state! )

Should you worry to delete the original Folder & File just simply copy it to somewhere save so you can always return to the original state & situation!

And everything will be as it was when you created the backup of the Folder & file!
Anything nasty you collected from the time you taken the clean backup until the day you replace it will be gone & it will be clean as before!

For explanation:
This Folder & File is your heart of Windows ........ Its your entire registry from A to Z.


Because of my self created repair to normal system I could not care about any viruses they creating & I may end up with!
Ill be back as normal in max 3 to 5 min without the need to search around for anything! :thumbup: :cool:

@ oiram @
Last Edit: 13 Sep 2015 03:21 by Mario.
Only registered members can reply. Create an Account to join the discussion.
User(s) who Liked this post: Return of Zorro

DNS Unlocker ad popup malware and Google Chrome 13 Sep 2015 03:29 #4

  • novum
  • novum's Avatar
  • Offline
  • Platinum Member
  • Posts: 18914
  • Likes received: 8920
Yep what you said makes sense mario, another way to backup your stuff before it gets molested. :hahano: and get it back quickly.

I dont use opera chrome and havent used it, ive only used google chrome.

With firefox the infection doesnt seem to happen.... it seems like the malware goes in the chrome cookies when browsing certain sites that have google ads with chrome.... and its stored here C:\Users\YOUR_USERNAME\AppData\Local\Google\Chrome\User Data\Default\Local Storage

I did just use a restore point to bring it back to pre infected state, perhaps the easiest way for the layman PC user.

As i said, ive phucked chrome off now and i havent had it happen again, seems like a weakness in chrome.
I remember the good old days, when 90+ year olds in nursing homes lived forever. Darn this pesky virus.

1365 = 1

1.1365 = 1,283,305,580,313,352
Only registered members can reply. Create an Account to join the discussion.

DNS Unlocker ad popup malware and Google Chrome 13 Sep 2015 04:51 #5

  • Mario
  • Mario's Avatar
  • Offline
  • Mushroom Kingdom
  • You have the Right NOT to Vote! = for EVIL!
  • Posts: 4648
  • Likes received: 1516
novum wrote:
Yep what you said makes sense mario, another way to backup your stuff before it gets molested. :hahano: and get it back quickly.

I dont use opera chrome and havent used it, ive only used google chrome.

With firefox the infection doesnt seem to happen.... it seems like the malware goes in the chrome cookies when browsing certain sites that have google ads with chrome.... and its stored here C:\Users\YOUR_USERNAME\AppData\Local\Google\Chrome\User Data\Default\Local Storage

I did just use a restore point to bring it back to pre infected state, perhaps the easiest way for the layman PC user.

As i said, ive phucked chrome off now and i havent had it happen again, seems like a weakness in chrome.
If you a Google Chrome user already you should have a go with Opera Chrome 95% the same thing.

Very very similar but not so heavy on memory ........

One major thing for me is if you close Google Chrome & I think Fox Chrome does the same thing.
All your opened tabs are closed on your last session once you shut down. :thdown:

Not so with Opera Chrome it will give you all the tab links back on your next go!
More then just convenience! ...... Its nice & should be this way.

Nothing lost 2 to 5 min download just for a try run ........ if its not good just uninstall it!

I'm on Opera for what 10 Years now & when they came out with the new Opera a year ago I was thinking it was Google Chrome but a much smaller install size!

That's one more thing with Google before 350 MB just to install it .........
What the hell have they integrated within there Browser was my question?

Opera Chrome now is 30 to 40MB install size & I would say gives you the same thing as Google Chrome.
So what was the 300MB used for on Google?

Anyway only a try run will give answers!

Now they got Tonnes of extensions after a year for Opera Chrome & it even can use most Google Chrome extensions as if it was Google!
Which it is anyway now .........
Opera sold out to Google but they kept some of there original functionality alive so they not losing all there Opera users!
So far so good they working on it to bring back Opera as it was before giving us the tools back from the original Opera!

Auto Spell-checker & Reading out text function for me (TTS) is a must have ...... that's why I never changed from Opera to anywhere!

@ oiram @
Last Edit: 13 Sep 2015 04:56 by Mario.
Only registered members can reply. Create an Account to join the discussion.

DNS Unlocker ad popup malware and Google Chrome 13 Sep 2015 05:03 #6

  • Mario
  • Mario's Avatar
  • Offline
  • Mushroom Kingdom
  • You have the Right NOT to Vote! = for EVIL!
  • Posts: 4648
  • Likes received: 1516
By the way they having this to get rid of your specific problem.....
But you most likely found this already ...

How to remove DNS Unlocker virus

Option 1: Automatically remove DNS Unlocker virus with Malwarebytes
Option 2: Manually remove DNS Unlocker
http://botcrawl.com/dns-unlocker-virus-removal/#option1


Most of these things are creation by themselves anyhow! ...... Its all just a game to keep people busy with sh@t!

@ oiram @
Last Edit: 13 Sep 2015 05:09 by Mario.
Only registered members can reply. Create an Account to join the discussion.

DNS Unlocker ad popup malware and Google Chrome 22 Sep 2015 18:55 #7

I use Firebox, Opera as second choice, or sometimes Pale Moon. There's also a number of other decent and not so well know browsers. Pale Moon is developed and forked off from Firefox, that focuses more on speed and security btw.

Nov I'm not a fan of Norton AV. Norton is a very intrusive and aggressive anti-virus program, where the anti-virus can run amok and start acting like a virus. Think of big Government and their ''security'' measures. :hahano: In my opinion you're best just sticking with something like Microsoft security essentials alongside Malwarebytes as your ant malware. I use Hitman pro if I ever get any serious malware issues, which is very rare anyhow. :hahano:
The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane. – Marcus Aurelius
Last Edit: 22 Sep 2015 19:23 by Return of Zorro.
Only registered members can reply. Create an Account to join the discussion.

DNS Unlocker ad popup malware and Google Chrome 22 Sep 2015 23:03 #8

  • novum
  • novum's Avatar
  • Offline
  • Platinum Member
  • Posts: 18914
  • Likes received: 8920
Cheers for the replies everyone. :thumbup:

I have malwarebytes and hitman pro now, seems norton cant stop DNS unlocker getting in thru the chrome browser.

I still have norton for now, i know alot of people dislike it, it seems ok on more powerful machines, i know its a bit big brothery.

DNS unlocker doesnt seem to be a problem with internet explorer, its immune to it.

Mind you its only a couple of sites that do this, and they must be infected in their code.

Adblock can also block things as mario mentioned, you can add elements to be blocked once you track down whats causing the fuss.

One of them is a cookie with 'bestpriceninja' in its name re. DNS Unlocker.
I remember the good old days, when 90+ year olds in nursing homes lived forever. Darn this pesky virus.

1365 = 1

1.1365 = 1,283,305,580,313,352
Last Edit: 22 Sep 2015 23:06 by novum.
Only registered members can reply. Create an Account to join the discussion.
User(s) who Liked this post: PFIZIPFEI

DNS Unlocker ad popup malware and Google Chrome 15 Oct 2015 10:30 #9

  • novum
  • novum's Avatar
  • Offline
  • Platinum Member
  • Posts: 18914
  • Likes received: 8920
Ghostery is another good browser extension that can block ads, as well as social media plug in trackers.

Adblock and ghostery combined can save you bandwidth also, for those who have data allowance.

www.ghostery.com/

adblockplus.org/
I remember the good old days, when 90+ year olds in nursing homes lived forever. Darn this pesky virus.

1365 = 1

1.1365 = 1,283,305,580,313,352
Only registered members can reply. Create an Account to join the discussion.
User(s) who Liked this post: Mario
Moderators: novum, rodin, Flare
Powered by Kunena Forum

Annual Server Target

Whether its 50 cents or five dollars, your donations are appreciated and help keep this community site running so we can all continue to enjoy using it.
This target is to meet our server cost for one year, June 2020 - May 2021, in USD.
$ 340 - Target
( £ 250 GBP )
donation thermometer
donation thermometer
$ 192 - Raised
( £ 140 GBP )
donation thermometer
56%
Most Recent Donation $122 USD
4th January 2021
Bitcoin Address: bc1q0kazqya0nurfxtunxv807vm0m8852nnrrk8mj8
 
Ethereum Address: 0xe69915c80dd75df19f438d556267e04f932f057d
 
More Info: Donation options for TZ
 

No one is obliged to donate, please only donate what you can afford. Even the smallest amount helps. Being an active member is a positive contribution. Thank You.