Jump to content



Photo

Zedo Ad (Injection?) stumping me


  • Please log in to reply
5 replies to this topic

#1 Boifido

Boifido

    Neowinian

  • Joined: 13-January 07
  • Location: Edmonton, Alberta, Canada

Posted 12 August 2014 - 23:24

Hi,

I'm completely stumped. In the last couple days I've been noticing pop up ads, and also legitimate website ads being replaced. They all seem to come from the Zedo Network. I have run multiple virus scans on my computer/Cleaned browser cache. I'm a pretty experienced computer user, and have no problem finding and removing any virus I've encountered on friends computers.

I recently switched to a new internet provider and have both internet connections for another week. All of the computers in my household are still on the old connection. When I visited the same websites on one of them, everything was fine. I then switched it over to the new connection, and it started having ads replaced too. Either it seems that my PC has something incredibly nasty that was able to infect the other computer over the network, or that the new ISP is injecting ad code.

I would appreciate help diagnosing the problem, and narrowing down if it is something like the ISP injecting it. I hope I'm just tired and overlooking something simple.

 




#2 francescob

francescob

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 04-November 08

Posted 12 August 2014 - 23:35

Have you checked the DNS settings on the computers and the router/modem? Including, if the DNS settings are set to auto, checking with ipconfig what dns servers are currently detected?



#3 OP Boifido

Boifido

    Neowinian

  • Joined: 13-January 07
  • Location: Edmonton, Alberta, Canada

Posted 13 August 2014 - 00:19

I have moved my primary computer back to the previous network and re entered DNS into the router to be safe. After clearing cache I am seeing google ads instead of the hijacked ones so far. 

Once I run for a little bit more, I am going to switch to the new network again and see if I start getting replaced ads again. I'll have to see about manually setting dns on the router/modem combo to something like open dns for trial purposes.



#4 OP Boifido

Boifido

    Neowinian

  • Joined: 13-January 07
  • Location: Edmonton, Alberta, Canada

Posted 13 August 2014 - 02:15

Update: I just plugged into the new connection again and opened up a browser. Immediately a new window opened for "binary trading systems". I have just set the DNS on the new modemrouter to Open DNS too.

 

Can anyone help me determine if it is the ISP injecting the ads. Because if it is I am going to tear them a new one.

 

Edit: after restarting and clearing cache a couple more time after manually setting the new modem to opendns, everything seems to be working so far. I guess it was the DNS after all. Those cookies seem impossible to get rid of, the ads are even replaced in incognito mode.



#5 +goretsky

goretsky

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 12-March 04
  • Location: Southern California

Posted 13 August 2014 - 06:47

Hello,

 

You may wish to make sure the router on the new Internet connection has the latest firmware and a secure, non-default passwword.

 

Regards,

 

Aryeh Goretsky



#6 +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 17 August 2014 - 19:34

I would recommend booting a Ubuntu Live CD and go on the internet and see if the issue repeats That will rule your Windows install out of the equation.

 

Oh glad to see you got it fixed.

 

as far as dns not sure which cache you cleared but for dns

 

ipconfig /flushdns.