test content
Logo
What is the Arc Client?
Install Arc
Options
[PC] A malware that is affecting only Neverwinter.
klangeddin
Member, NW M9 Playtest Posts: 882 Arc User
Greetings everyone,
The malware I'm talking about is DNS unlocker, I'm sure many have heard it before. This malware pops up random advertising pages at-will and generally infects browsers.
Now here's the issue I'm having.
I don't know when I catched this malware (or how) the first time, anyways, I managed to remove it a few weeks ago with uninstall and Malwarebytes and my browsers did not have any more issues.
To my surprise this malware also infected the Neverwinter Launcher, there are mainly two things I notice it does:
1) The word version of "Launcher version" is underscored with a strange icon next to it and has a link attached (I didn't click it of course). This happens only if Firefox is the default browser, with Chrome this does not happen, but the problems described below persist.
2) When I click the play button, my browser starts, and opens up a single web page full of adds.
3) Sometimes (but this does not happen often), I have a random crash error with launcher. After a restart it does a file verification (that does not really fix anything) and the game runs normally.
At first I thought this was simply a "leftover" of the damage done by the malware so I uninstalled and reinstalled Neverwinter, and it fixed the issue. So I thought everything was concluded.
To my surprise, today (after the ARC maintentance) I launch Neverwinter and I see that DNS unlocker is again back on my computer. This after a month I didn't have it, and I haven't installed or downloaded anything in this computer today.
I repeated the malwarebytes scan again to fix it, but this time I found nothing.
I tried even with Roguekiller and nothing.
I uninstalled DNS unlocker (again) and my browsers or any other programs are not showing any sign of infection, but Neverwinter has started showing the symptons described above once again.
Now, this by itself would be no big problem and it doesn't seem to affect my gameplay that much (unless it's causing part of the in-game lag issues I'm having), however I'm afraid that the longer this goes, the more compromised my security will be. So I'd like to find a definitive solution for this.
P.S. I notice that ARC has in its folder an old version of Shockwave Flash plugin that is causing conflicts in Mozilla Firefox (it's showing both versions), I wonder if this could be part of the issue as Flash is known for its security vulnerabilities.
The malware I'm talking about is DNS unlocker, I'm sure many have heard it before. This malware pops up random advertising pages at-will and generally infects browsers.
Now here's the issue I'm having.
I don't know when I catched this malware (or how) the first time, anyways, I managed to remove it a few weeks ago with uninstall and Malwarebytes and my browsers did not have any more issues.
To my surprise this malware also infected the Neverwinter Launcher, there are mainly two things I notice it does:
1) The word version of "Launcher version" is underscored with a strange icon next to it and has a link attached (I didn't click it of course). This happens only if Firefox is the default browser, with Chrome this does not happen, but the problems described below persist.
2) When I click the play button, my browser starts, and opens up a single web page full of adds.
3) Sometimes (but this does not happen often), I have a random crash error with launcher. After a restart it does a file verification (that does not really fix anything) and the game runs normally.
At first I thought this was simply a "leftover" of the damage done by the malware so I uninstalled and reinstalled Neverwinter, and it fixed the issue. So I thought everything was concluded.
To my surprise, today (after the ARC maintentance) I launch Neverwinter and I see that DNS unlocker is again back on my computer. This after a month I didn't have it, and I haven't installed or downloaded anything in this computer today.
I repeated the malwarebytes scan again to fix it, but this time I found nothing.
I tried even with Roguekiller and nothing.
I uninstalled DNS unlocker (again) and my browsers or any other programs are not showing any sign of infection, but Neverwinter has started showing the symptons described above once again.
Now, this by itself would be no big problem and it doesn't seem to affect my gameplay that much (unless it's causing part of the in-game lag issues I'm having), however I'm afraid that the longer this goes, the more compromised my security will be. So I'd like to find a definitive solution for this.
P.S. I notice that ARC has in its folder an old version of Shockwave Flash plugin that is causing conflicts in Mozilla Firefox (it's showing both versions), I wonder if this could be part of the issue as Flash is known for its security vulnerabilities.
Post edited by klangeddin on
0
Comments
http://www.eset.com/us/free-trial/
https://www.avast.com/index
https://www.safer-networking.org/private/
http://www.combofix.org/
My DNS setting in router and windows were 8.8.8.8 and 8.8.8.4, the Google DNS servers and there is no change in the local hosts files of the browsers. (has the Rhino and Acme on default examples and local hosts 127.ecc)
I changed the DNS to Norton security servers and the problem persists.
Unless you can be more specific to point me to what else could be the issue I see nothing wrong with browser and router DNS settings.
I have run Avast and it detects nothing with quick scan, folder scan and full system scan. It also does not give any warning messages when I launch Neverwinter (and have the usual problem) with the "shields" turned on.
Now that's the third piece of software I use to track down the malware that gives no results, I'm truly baffled at what could be the problem.
I suppose uninstalling Neverwinter and re-installing would fix the problem temporarily like the last time I did, but still, I'd like to find a permanent solution.