WHY WON'T IT DIE?

Discussion in 'Computer Software and Operating Systems' started by Drak0rex, Sep 2, 2015.

  1. Drak0rex
    OP

    Drak0rex GBAtemp Advanced Maniac

    Member
    1,908
    698
    Oct 12, 2014
    United States
    I've just been infected by DNS Unlocker. I've tried removing it from my programs, an adware removal tool, removing it from my plugins and extensions, and multiple system restores, but it's still there. HELP!
     


  2. endoverend

    endoverend AKA zooksman

    pip Contributor
    GBAtemp Patron
    endoverend is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    2,844
    3,549
    Jun 6, 2013
    United States
  3. Drak0rex
    OP

    Drak0rex GBAtemp Advanced Maniac

    Member
    1,908
    698
    Oct 12, 2014
    United States
  4. endoverend

    endoverend AKA zooksman

    pip Contributor
    GBAtemp Patron
    endoverend is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    2,844
    3,549
    Jun 6, 2013
    United States
    Continue through the rest of the guide. The virus can exist in other parts of the system.
     
  5. cornerpath
    This message by cornerpath has been removed from public view by Minox, Sep 3, 2015, Reason: Incredibly rude.
    Sep 2, 2015
  6. Drak0rex
    OP

    Drak0rex GBAtemp Advanced Maniac

    Member
    1,908
    698
    Oct 12, 2014
    United States
    Screw off.
    I went further, went to programs and features, but “Ads by DNS Unlocker” isn't shown. There's nothing else shown that shouldn't be there.
    Did the notepad thing, I haven't been hacked.
     
  7. endoverend

    endoverend AKA zooksman

    pip Contributor
    GBAtemp Patron
    endoverend is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    2,844
    3,549
    Jun 6, 2013
    United States
    Doesn't matter. Go through the entire guide, looking for viruses in every area it wants you to check. Just because there's nothing in one particular area doesn't mean you're not following the guide right. Never would every part of the guide contain the virus.
     
  8. cornerpath

    cornerpath GBAtemp Fan

    Member
    477
    233
    Dec 15, 2014
    United States
    Jackson, Ms
    Why not just factory restore if its that bad? once you do that all viruses is gone


    I had this laptop for 2 years everytime I gotten badly infected I just restore to out of box consition
     
  9. Drak0rex
    OP

    Drak0rex GBAtemp Advanced Maniac

    Member
    1,908
    698
    Oct 12, 2014
    United States
    Here's my task manager

    — Posts automatically merged - Please don't double post! —

    Now I'm to the regedit part. it says to type the virus's name. HOW DO I KNOW THIS?

    — Posts automatically merged - Please don't double post! —

    Sorry, but some parts of the guide I just don't comprehend.
     

    Attached Files:

  10. q9p

    q9p GBAtemp Regular

    Member
    145
    74
    Aug 14, 2015
    United States
    Pensacola, FL
    In my free time, I assist with malware removal. This is something that is not recommended. If it is installed on your system, then there is always a way to remove it. If you have nothing to provide in this thread, then don't post at all.

    I'm willing to help you out, but please follow these instructions. It really will make my assistance difficult you do not.

    Download Wipe and install the software to your machine. Please make sure the following settings are ticked. If they are not, tick them.

    [​IMG]

    After that, please download System Ninja and scan for junk. If it finds anything, please delete the files that are found.

    [​IMG]

    Now go install CCleaner.

    [​IMG]

    Now that you have cleaned up some temp files, lets disable everything besides your antivirus. Click on Tools and then Startup. Then select each item to disable.

    [​IMG]

    Now lets go back into the settings of CCleaner. We will make it where CCleaner is going to run at boot. Follow the instructions below:
    • Hit options.
    • Settings.
    • Place a tick to run Ccleaner when the computer starts.
    [​IMG]

    Now go into the Advanced tab and then select "Close program after cleaning"

    [​IMG]

    =========

    Please restart your computer now. After that, you are going to want to follow this guide on how to disable your antivirus temporarily. After that is done, we are going to want to download and install MWAV. Click here to get MWAV. After you have downloaded the file, run it as administrator by right clicking on the icon wherever you saved the file.

    Once MWAV is running, you are going to want to click on the Update tab. You want to do this before proceeding to the instructions below.

    Make sure your settings appear like this. It would helpful if you posted the log that it gives after the process is done.

    [​IMG]

    Now lets move on to Zemana Antimalware. You can download it here and then install it. Once it is installed, make sure that you select Deep Scan. Remove any infections that are found and click on the icon where it looks like a bar graph. This is where you will find a log, which will also be useful if you post it. Now reboot your computer.

    Now download JRT (Junkware Removal Tool) and save it to your desktop. Please follow the instructions below:
    • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log is saved to your desktop and will automatically open.
    • Please post the JRT log.
    After that is done, please download ADWCleaner. Then follow the instructions below:
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
    ========

    Please make separate pastes for separate logs. I reduced most of my canned responses in this reply. This guide should be able to assist you easily. If you have any confusion, then let me know.
     
  11. cornerpath

    cornerpath GBAtemp Fan

    Member
    477
    233
    Dec 15, 2014
    United States
    Jackson, Ms
    Wait I thought he wanted to removed some program or virus? From his post that what he saying
     
  12. jonthedit

    jonthedit GBAtemp Advanced Maniac

    Member
    1,691
    438
    May 30, 2011
    Bangladesh
    Yeah... I don't think the above is necessary for a DNS Unlocker. The linked guide should suffice.
     
  13. Riley

    Riley GBAtemp Maniac

    Member
    1,123
    3
    Mar 9, 2009
    Canada
    BC Canada
    Save all your important files to dropbox or w.e and wipe your drive / reinstall windows. IMO it just seems easier, faster and more efficient. all my important files are already in the cloud / saved to a separate hard drive.
     
    Deboog and VinsCool like this.
  14. VinsCool

    VinsCool Delusional

    Member
    GBAtemp Patron
    VinsCool is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    11,712
    27,759
    Jan 7, 2014
    Canada
    Another World
    This, is what happens when someone installs something without questioning.
     
  15. cornerpath

    cornerpath GBAtemp Fan

    Member
    477
    233
    Dec 15, 2014
    United States
    Jackson, Ms
    Exactly what I was telling him, just factory reset

     
  16. gudenau

    gudenau Never a unique idea

    Member
    3,257
    1,225
    Jul 7, 2010
    United States
    /dev/random
    TL;DR

    Use Linux to remove the bug?
     
  17. Minox

    Minox Spytech Employee

    Supervisor
    6,022
    2,603
    Aug 27, 2007
    Factory reset isn't always a solution. Depending on the infection in question the system restore image could potentially be infected as well.
     
    cornerpath likes this.
  18. VinsCool

    VinsCool Delusional

    Member
    GBAtemp Patron
    VinsCool is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    11,712
    27,759
    Jan 7, 2014
    Canada
    Another World
    Or just a low level format then? XD
     
  19. loco365

    loco365 GBAtemp Guru

    Member
    5,458
    2,674
    Sep 1, 2010
    Doing a wipe is probably the most invasive way to remove a virus in my opinion. I'd probably follow the guide detailed above, but to add onto it, if none of that solves the issue, you could last resort to ComboFix. It will scan and delete anything that is detected as malicious, however, it will do it to absolutely anything, even critical Windows files that may be infected, so be sure to have a startup disc handy in case it breaks Windows.
     
  20. q9p

    q9p GBAtemp Regular

    Member
    145
    74
    Aug 14, 2015
    United States
    Pensacola, FL
    He wanted to remove "DNS Unlocker" and seems to not understand how to follow a guide. Which is why it would be reasonable to assist him with doing a GUI based setup.

    It should be sufficient enough, but, OP doesn't seem to know how to follow a guide on how to do manually remove it. That is why I posted GUI based instructions. I could always write him a script as well to do this, but i would need to know where this is actually lingering at.

    I would not suggest someone running ComboFix without knowing their background of understanding. I have seen people on the malware removal forum that i have been on that screwed up their computer operations. Least i can say is: If you cannot follow a guide that is written on a site that provides screenshots, then it is likely that OP cannot follow how to use ComboFix.

    It would be useful if he would provide a log using DDS, but that would be unnecessary at this point.
     
  21. loco365

    loco365 GBAtemp Guru

    Member
    5,458
    2,674
    Sep 1, 2010
    Yeah, hence why I decided to mention that it can cripple the OS under the right circumstances. But yeah, I don't know if he made it through your highly illustrated guide, if he can't, he'd probably be better off handing it into a store and paying a fee to have it fixed.
     
    q9p likes this.