Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Resolving Host in Google Chrome ? Help


  • This topic is locked This topic is locked
3 replies to this topic

#1 Garfielduk

Garfielduk

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 05 October 2014 - 09:15 AM

Hi, I hope someone can help me.
Yesterday I started getting an issue in Chrome when trying to access certain websites e.g. Ebay and Amazon ---> message "Resolving Host" and got so bad that pages wouldn't load, other sites were fine.
So I did the following:
Removed Adblock that I had installed a few days ago thinking that may be an issue
Changed my automatic DNS from my ISP to Google DNS
Used adw cleaner which found some things and deleted some items - seemed to get better after this but then reverted back to the same issue

I have a log file after running MBAM which found and quarantined 8 items, also have a log file from running RogueKiller.exe as already did that previously; also tried running the DDS but even after disabling antivirus would not run saying something about compatibility mode so haven't got a log for that.

Can you help ?

Here's some logs from MBAM and Roguekiller

 

Here's my logs I have:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 05/10/2014
Scan Time: 12:51:57
Logfile: MBAM1.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.05.03
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Gary

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 325835
Time Elapsed: 17 min, 47 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.SearchApp.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, Quarantined, [0c0b2ce5b0cc62d4233f1af606fd3cc4], 
PUP.Optional.SearchApp.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, Quarantined, [b95e997892eae650d48e4ec20bf80ff1], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 6
PUP.Optional.InstallCore, C:\Users\Gary\Downloads\ZipOpenerSetup (1).exe, Quarantined, [2aed5ab73646c76f119924fcc53c46ba], 
PUP.Optional.InstallCore, C:\Users\Gary\Downloads\ZipOpenerSetup.exe, Quarantined, [2fe871a094e851e52c7e77a938c9a55b], 
PUP.Optional.ClientConnect, C:\Users\Gary\Downloads\Skype_TSA24JLPM.exe, Quarantined, [d3443cd5c8b4f244798aefc36f92c838], 
PUP.Optional.ClientConnect, C:\Users\Gary\Downloads\Skype_TSA24JLPN.exe, Quarantined, [d93eed241e5e290d51b25260c0410af6], 
PUP.Optional.Ibryte, C:\Users\Gary\Downloads\MineCraft (1).exe, Quarantined, [ae6968a97903191dcc8e69b2837e20e0], 
PUP.Optional.SoftM8.A, C:\Users\Gary\Downloads\minecraft (3).exe, Quarantined, [997e5ab7512be84ea5b9ff2d7a867a86], 

Physical Sectors: 0
(No malicious items detected)

(end)
RogueKiller V9.2.13.0 [Sep 25 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Gary [Admin rights]
Mode : Remove -- Date : 10/05/2014 12:37:45

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CD3A72F0-EB78-48B8-AA5C-89866E118FCF} | DhcpNameServer : 172.168.123.2 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{CD3A72F0-EB78-48B8-AA5C-89866E118FCF} | DhcpNameServer : 172.168.123.2 -> NOT SELECTED
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3112461142-523150650-1466571993-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3112461142-523150650-1466571993-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NOT SELECTED
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3112461142-523150650-1466571993-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3112461142-523150650-1466571993-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

¤¤¤ Scheduled tasks : 1 ¤¤¤
[Suspicious.Path] \\OFFICE2010ACT -- C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs -> DELETED

¤¤¤ Files : 1 ¤¤¤
[Suspicious.Startup][File] ZooskMessenger.lnk -- C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk -> DELETED

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: NOT LOADED [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPVT-24HXZT3 +++++
--- User ---
[MBR] 4ba5d115037a08d97e54ef61563a185a
[BSP] dfedc6a484bceca2da0a0b3c1257b78c : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Multiple Card Reader +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


============================================
RKreport_SCN_10052014_123528.log

Thanks
Gary



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,770 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:32 AM

Posted 09 October 2014 - 09:25 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Wait for further instructions.

#3 Garfielduk

Garfielduk
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 11 October 2014 - 03:29 AM

Thanks for your reply but I think I have solved it and Chrome is working fine now.

Gary



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,770 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:32 AM

Posted 11 October 2014 - 07:28 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users