Browsers infiltrated by adware! Cant remove.


Recommended Posts

Hello guys!

 

I need help...

Somehow my browsers - chrome and firefox - got infiltrated by some silly adware/malware...as soon as I start browser and start surfing...pages get redirected to silly junk, silly websites...like porn, etc...it just switches to them while I am on normal websites...Also, on normal websites sometimes page links get unclickable, then on second click it opens new  tab with those spam websites..strange.

 

I tried Kaspersky, Spybot, AVG..Adaware...nothing works! even Kasperksy Internet Security didn't find it!
 

this issue persists on browsers only..no other irregularities happen in PC (Toshiba Satellite). No fishy add-ons, plugins installed as well. I deleted cookies cache too..no help.

I hardly use browser only on Private window mode...then it works better for some time though.

 

how to get rid of it??

Link to comment
Share on other sites

I've been having problems with youradexchange.com popping up here and there.  Once I uninstalled the extension java for web (chrome canary x64), the problem disappeared.  Nothing else seemed to work.

Link to comment
Share on other sites

it keeps bringing up site > www:// adultube .info / community but on websites like facebook, linkedin...they fail though..strange...and private browsing works fine too.

 

i disabled Java toolkit and java plugin on firefox..still annoys!

Link to comment
Share on other sites

alright...

spybot..why bother

avg...is that still a thing?

adaware..a step under spybot

at least you tried kaspersky...

 

Try this:  hitmanpro, malwarebytes, superantispyware

  • Like 3
Link to comment
Share on other sites

Hello guys!

 

I need help...

Somehow my browsers - chrome and firefox - got infiltrated by some silly adware/malware...as soon as I start browser and start surfing...pages get redirected to silly junk, silly websites...like porn, etc...it just switches to them while I am on normal websites...Also, on normal websites sometimes page links get unclickable, then on second click it opens new  tab with those spam websites..strange.

 

I tried Kaspersky, Spybot, AVG..Adaware...nothing works! even Kasperksy Internet Security didn't find it!

 

this issue persists on browsers only..no other irregularities happen in PC (Toshiba Satellite). No fishy add-ons, plugins installed as well. I deleted cookies cache too..no help.

I hardly use browser only on Private window mode...then it works better for some time though.

 

how to get rid of it??

When did you start getting these issue?

 

Try uninstall / reinstall both browser and see if the issue is gone.

 

If not than I recommend reinstall the OS as a last resort.

Link to comment
Share on other sites

this issue persists on browsers only..no other irregularities happen in PC (Toshiba Satellite). No fishy add-ons, plugins installed as well. I deleted cookies cache too..no help.

I hardly use browser only on Private window mode...then it works better for some time though.

 

Even though it happens only in the browser, there is usually a random exe file running on the system injecting those ads into the browsers.

 

Try the following Below.

 

1st Go into the Programs and features program list and arrange everything by date. Then scroll through the latest dates and look for something you didn't install. If you want to check before deleting it post it here or Google it. A lot of this adware crap can normally be uninstalled. If you find nothing, and even if you do find something and get rid of it, proceed below.

 

Run Adwcleaner

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Reboot

 

Then run CCleaner

http://www.piriform.com/ccleaner

 

Then Malwarebytes. (Full scan)

http://www.malwarebytes.org

 

Reboot

 

Then when you are all done run

 

Patchmypc to check for any out of date 3rd party applications

http://www.patchmypc.net

Link to comment
Share on other sites

If you value your identity and credit score the only way to be proper is a full erase and re-image. Some of it can never be removed or after removal the damage and other backdoors remain on. Once compromised it is game over.

 

Go google if you have an SSD secureErase and use a bootcd with parted and do a complete wipe and re-install.

Link to comment
Share on other sites

Hello,

 

If the problem is occurring in all browsers and no malware is showing up on the computer, it may be that your router's DNS settings have been compromised.

 

Regards,

 

Aryeh Goretsky

Link to comment
Share on other sites

Check you don't have a proxy setup in Internet Settings and also that your DNS addresses point at something legitimate, use 8.8.8.8 or 8.8.4.4 if in doubt.

Link to comment
Share on other sites

Hello,

 

If the problem is occurring in all browsers and no malware is showing up on the computer, it may be that your router's DNS settings have been compromised.

 

Regards,

 

Aryeh Goretsky

 

 

Check you don't have a proxy setup in Internet Settings and also that your DNS addresses point at something legitimate, use 8.8.8.8 or 8.8.4.4 if in doubt.

guys...so how do I do it? explain in steps..

 

meanwhil, while trying to clean registry iwith CCLeaner I deleted some system file now gotta restore system ((

 

Link to comment
Share on other sites

Hello,

If you are not sure what your router's DNS settings should be, the easiest thing to do would be to call your Internet Service Provider's technical support department and ask them to verify the settings with you to make sure they are correct.

 

Regards,

 

Aryeh Goretsky

Link to comment
Share on other sites

Malwarebytes Anti-Rootkit is also another tool you can try :) Run it, update it, then disconnect your internet and run a scan, stop anything phoning home and redownloading itself. Good luck :)


Hello,

If you are not sure what your router's DNS settings should be, the easiest thing to do would be to call your Internet Service Provider's technical support department and ask them to verify the settings with you to make sure they are correct.

 

Regards,

 

Aryeh Goretsky

Or even better, just do a hard factory reset on it, usually done by holding a RESET button down for more than 10 seconds. I hate calling tech support, they're often clueless, and the whole reason I became an IT engineer, I was smarter than them and their scripts!

Link to comment
Share on other sites

Don't forget to reset your browser settings as well when running the scans, often times they install themselves as add-ons too in the browser and change a lot of settings such as start page etc. This is particularly true with Chrome.

Link to comment
Share on other sites

meanwhil, while trying to clean registry iwith CCLeaner I deleted some system file now gotta restore system ((

 

 I was going to say just use the temp file remover not the reg cleaner. Though it was assumed. Sorry.

Link to comment
Share on other sites

I changed DNS to 8888 on wireless properties of Internet Protocole Version 4. this basically stops their activity..but I donnow how smart is keeping it on 8888 (some google thing?)....what it means having it as DNS?

 

it's ridicicoous I reinstalled W7 (by formatting)....and installed browsers from scratch..after some surfing on normal site..these spammy ads/linsk again emerged! unbeleivable!

 

only DNS stops them for now...

 

malwarebytes did clean some stuff although I donnow if they were related to them

Link to comment
Share on other sites

I changed DNS to 8888 on wireless properties of Internet Protocole Version 4. this basically stops their activity..but I donnow how smart is keeping it on 8888 (some google thing?)....what it means having it as DNS?

 

it's ridicicoous I reinstalled W7 (by formatting)....and installed browsers from scratch..after some surfing on normal site..these spammy ads/linsk again emerged! unbeleivable!

 

only DNS stops them for now...

 

malwarebytes did clean some stuff although I donnow if they were related to them

 

Check the DNS numbers in your router. Sounds to me like they got changed in the router. That would explain all.

 

http://192.168.1.1

 

or

 

http://192.168.0.1

 

Most routers. (if your routers username and password are default, that might be how the bad stuff got in.)

 

username admin

password admin

 

Netgear

 

username admin

password password

Link to comment
Share on other sites

I changed DNS to 8888 on wireless properties of Internet Protocole Version 4. this basically stops their activity..but I donnow how smart is keeping it on 8888 (some google thing?)....what it means having it as DNS?

 

it's ridicicoous I reinstalled W7 (by formatting)....and installed browsers from scratch..after some surfing on normal site..these spammy ads/linsk again emerged! unbeleivable!

 

only DNS stops them for now...

 

malwarebytes did clean some stuff although I donnow if they were related to them

First off, the DNS should be 8.8.8.8, not 8888. Think of DNS as an address book. Computers don't recognise web addresses (https://www.neowin.net, for example) and instead recognise IP addresses. The DNS takes your address that you type in, and looks for the appropriate IP address for that site.

Secondly, how can the issue have possibly reappeared if you formatted the machine? I think someone earlier mentioned checking the DNS settings on your router, and if after a format the error is still occurring I would look to your router for the source of the issue, not the computer.

Does this error happen with any other machines in the house?

Link to comment
Share on other sites

I changed DNS to 8888 on wireless properties of Internet Protocole Version 4. this basically stops their activity..but I donnow how smart is keeping it on 8888 (some google thing?)....what it means having it as DNS?

 

it's ridicicoous I reinstalled W7 (by formatting)....and installed browsers from scratch..after some surfing on normal site..these spammy ads/linsk again emerged! unbeleivable!

 

only DNS stops them for now...

 

malwarebytes did clean some stuff although I donnow if they were related to them

 

 

Dns does nothing to really stop them...DNS is bascially the internets phone book associating a friendly name to an ip address.  By changing your ipv4 dns, all you did was tell your computer to query 8.8.8.8 for name resolution.  You can see this by running a nslookup at a command prompt.  The command line would be:

 

nslookup www.msn.com  here is the result:

 

 

C:\users\username>nslookup www.msn.com

Server:  google-public-dns-a.google.com

Address:  8.8.8.8

Non-authoritative answer:

Name:    a-0003.dc-msedge.net

Address:  131.253.33.203

Aliases:  www.msn.com

          www-msn-com.a-0003.a-msedge.net

 

the nslookup command runs a query on the dns servers that are configured in your ipv4 properties.

Link to comment
Share on other sites

First off, the DNS should be 8.8.8.8, not 8888. Think of DNS as an address book. Computers don't recognise web addresses (https://www.neowin.net, for example) and instead recognise IP addresses. The DNS takes your address that you type in, and looks for the appropriate IP address for that site.

Secondly, how can the issue have possibly reappeared if you formatted the machine? I think someone earlier mentioned checking the DNS settings on your router, and if after a format the error is still occurring I would look to your router for the source of the issue, not the computer.

Does this error happen with any other machines in the house?

 

actually yes..in one other laptop it occurs as well.

 

so when I ented router adminstration..where do I go to? Should I just do systemrestart with factory setting to setup again OR change sth in DNS? it's TPLink router and I see only DDNS thing..not DNS

Link to comment
Share on other sites

DNS will be part of DHCP on the WAN side...this is normally located in the status area where it shows you your external ip address.

 

On the LAN side, it may have DNS servers listed there for DHCP.

 

If you would like I can poke around and make sure everything is setup properly and possibly even troubleshoot your issues, shoot me over a teamviewer id and password (go to teamviewer.com and install).

Link to comment
Share on other sites

actually yes..in one other laptop it occurs as well.

 

so when I ented router adminstration..where do I go to? Should I just do systemrestart with factory setting to setup again OR change sth in DNS? it's TPLink router and I see only DDNS thing..not DNS

I don't think I've used a TPLink router before, so I can't be sure of the settings. But since I'm assuming you haven't set the router up in any special way, I'd probably suggest doing a factory reset on it.
Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.