OT: Removing DNSUnlocker

musicvid10 wrote on 4/8/2016, 7:18 PM
It's a "foistware" that puts impassable popups, often with audio, on your browser -- Chrome, Firefox, IE.
It's been happening a lot lately, even though I've been so careful about not clicking things.

Finally, it took over my browsers completely. My usual procedure (browser reset, add/remove programs, followed by system restore no longer worked. In fact, none of my previous restore points would work.

Popups could include everything from calling a toll-free number to remove the "virus" on your computer, to vacation resort ads to kid stuff.

With some online help, I may have licked it.
1. Remove DNSUnlocker and any other suspect names from Add/Remove Programs.
2. Run Adwcleaner (Beware! Download from https://toolslib.net/downloads/viewdownload/1-adwcleaner/
3. After it runs, let it remove everything it found and your computer will restart.
4. Open and reset / refresh to system defaults every browser on your computer.

So far, so good. I'll report back if it looks like DNSUnlocker managed to reinstall itself.


VMP wrote on 4/8/2016, 7:31 PM
Thanks for the heads up Musicvid.

Would you suggest running adwcleaner ocassionally as maintnance too?

I could add this to the list of cleaning software.

Usually I run the following during maintanance:

- Spybot.
- CC Cleaner.
And the antivirus software.

Any more additions that may be helpful is welcome.

musicvid10 wrote on 4/8/2016, 7:36 PM
Well, sofar I would say "Yes" without having much experience with it.

I did have Ad-Aware from Lavasoft installed, but it was creating its own popups to get me to purchase.
Spybot was really good too when I had it installed. My big objection to fulltime antivirus is it slows things down.

VMP wrote on 4/8/2016, 7:46 PM
Ok I will give it a try.

I use Eest as full time antivirus and firewall, it is super light, I don't notice it using any of my PC's power.
Even on the under powered systems it runs lightly.

I have used Norton and McAfee in the past especially Norton really slowed thing down.


musicvid10 wrote on 4/8/2016, 7:49 PM
Thanks for the feedback. I will try Eset as soon as I'm sure this state is relatively stable.

PeterDuke wrote on 4/8/2016, 8:23 PM
Another good one to run yourself from time to time is Malwarebytes Anti-Malware free edition.
musicvid10 wrote on 4/8/2016, 9:16 PM
Yes, I've heard good things about that one too. Just downloaded Spybot for a try.
fldave wrote on 4/8/2016, 10:24 PM
I run standard Avast antivirus.

I mainly use Chrome, with the AdBlockPlus and Ghostery plugins. They halt most all of the pathways these types of hacks use.

I rarely have problems with surfing.
JohnnyRoy wrote on 4/9/2016, 9:56 AM
> "It's been happening a lot lately, even though I've been so careful about not clicking things."

I would highly recommend that everyone download and install the browser plug-in known as:

Web of Trust (WOT)

They make an extension for almost any browser (Safari, Chrome, Firefiox, IE, etc.) and it will warn of you links that lead to untrusted web sites. It even ranks links in Google searches for you. It has saved me several times from clicking on a link that was harmful and allowing me to back out before the pages loaded.

Don't surf the net without it!!!

VMP wrote on 4/9/2016, 11:04 AM

Thanks for the tip.
But how would one know if such an extension is not spying or tracking everything one types?

musicvid10 wrote on 4/9/2016, 4:38 PM
WOT is good at detecting sinister sites, but there got to be lots of false positives.
Seemed to be fairly politicized after a while, so I don't use it currently.

JackW wrote on 4/9/2016, 7:20 PM
I've been using Malwarebytes for the past three months following an infestation of pop-up ads and a thorough expunging by our PC repair company. It has worked very well so far.

ushere wrote on 4/9/2016, 11:43 PM
i have always disliked running av's because of their intrusiveness (this based on experiences from many years ago with nortons, etc.,), things might have changed but....

for the last 8+ years i have simply used m$'s home grown varieties along with regular scans with malwarebytes. i try to keep abreast of known problems and so avoid having them - such as flash, etc.,

i use chrome with ad / script blockers and probably go where i shouldn't go on the net. i have never had any problems. of course i NEVER open email attachments with first finding where / who they're from and even then scanning them before opening.

of course nothing is guaranteed, so after a scan i regularly back up (using reflect) to external hd's. my nle is only connected to the net when i know there's a need to download an update to a program, and after any windows update has been out long enough to know it's safe.
Kit wrote on 4/10/2016, 12:53 AM
If that happened for me I would immediately use a full system backup image - I make one daily. I use the free version of Macrium reflect. It only takes around five minutes to do a full system restore. Much safer than messing around trying to uninstall malware. How can one ever be certain the system is 100% clean? I do have Malwarebytes running and for what it is worth Microsoft Security Essentials but I think frequent backups stored on drives completely physically disconnected is the best kind of defence.
Chienworks wrote on 4/11/2016, 6:40 PM
"- CC Cleaner."

I'm very wary of running anything that claims to clean or fix the registry. The truth of it is that not one of these programs can possibly know what your registry is supposed to contain. Yes, i'm sure there's a few major entries that are well known to be affected by a few common infections, but they can't know when some other valid program has made proper changes that it may mistake for bad ones. And outside it's table of the few things it does know, it has no way of knowing if any of the other hundreds of thousands of registry entries are correct or been changed.
VMP wrote on 4/16/2016, 2:42 AM
Indeed Chienworks,

There is an option to select which keys to fix.
Usually I only fix residues of uninstalled programs or extensions.
Before the clean CC also backs up the registry so a restore point is made to go back if needed.

Another good thing is that it removes the temp files that are not deleted via the internet browsers.