2ral Posted April 13, 2015 Share Posted April 13, 2015 Hello guys! I need help... Somehow my browsers - chrome and firefox - got infiltrated by some silly adware/malware...as soon as I start browser and start surfing...pages get redirected to silly junk, silly websites...like porn, etc...it just switches to them while I am on normal websites...Also, on normal websites sometimes page links get unclickable, then on second click it opens new tab with those spam websites..strange. I tried Kaspersky, Spybot, AVG..Adaware...nothing works! even Kasperksy Internet Security didn't find it! this issue persists on browsers only..no other irregularities happen in PC (Toshiba Satellite). No fishy add-ons, plugins installed as well. I deleted cookies cache too..no help. I hardly use browser only on Private window mode...then it works better for some time though. how to get rid of it?? Link to comment Share on other sites More sharing options...
naap51stang Posted April 13, 2015 Share Posted April 13, 2015 I've been having problems with youradexchange.com popping up here and there. Once I uninstalled the extension java for web (chrome canary x64), the problem disappeared. Nothing else seemed to work. Link to comment Share on other sites More sharing options...
2ral Posted April 13, 2015 Author Share Posted April 13, 2015 it keeps bringing up site > www:// adultube .info / community but on websites like facebook, linkedin...they fail though..strange...and private browsing works fine too. i disabled Java toolkit and java plugin on firefox..still annoys! Link to comment Share on other sites More sharing options...
sc302 Veteran Posted April 13, 2015 Veteran Share Posted April 13, 2015 alright... spybot..why bother avg...is that still a thing? adaware..a step under spybot at least you tried kaspersky... Try this: hitmanpro, malwarebytes, superantispyware CrashG, HoochieMamma and Dashel 3 Share Link to comment Share on other sites More sharing options...
Blaze_Zewi Posted April 13, 2015 Share Posted April 13, 2015 Hello guys! I need help... Somehow my browsers - chrome and firefox - got infiltrated by some silly adware/malware...as soon as I start browser and start surfing...pages get redirected to silly junk, silly websites...like porn, etc...it just switches to them while I am on normal websites...Also, on normal websites sometimes page links get unclickable, then on second click it opens new tab with those spam websites..strange. I tried Kaspersky, Spybot, AVG..Adaware...nothing works! even Kasperksy Internet Security didn't find it! this issue persists on browsers only..no other irregularities happen in PC (Toshiba Satellite). No fishy add-ons, plugins installed as well. I deleted cookies cache too..no help. I hardly use browser only on Private window mode...then it works better for some time though. how to get rid of it?? When did you start getting these issue? Try uninstall / reinstall both browser and see if the issue is gone. If not than I recommend reinstall the OS as a last resort. Link to comment Share on other sites More sharing options...
+Zagadka Subscriber² Posted April 13, 2015 Subscriber² Share Posted April 13, 2015 Tried ADW? Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted April 14, 2015 MVC Share Posted April 14, 2015 this issue persists on browsers only..no other irregularities happen in PC (Toshiba Satellite). No fishy add-ons, plugins installed as well. I deleted cookies cache too..no help. I hardly use browser only on Private window mode...then it works better for some time though. Even though it happens only in the browser, there is usually a random exe file running on the system injecting those ads into the browsers. Try the following Below. 1st Go into the Programs and features program list and arrange everything by date. Then scroll through the latest dates and look for something you didn't install. If you want to check before deleting it post it here or Google it. A lot of this adware crap can normally be uninstalled. If you find nothing, and even if you do find something and get rid of it, proceed below. Run Adwcleaner https://toolslib.net/downloads/viewdownload/1-adwcleaner/ Reboot Then run CCleaner http://www.piriform.com/ccleaner Then Malwarebytes. (Full scan) http://www.malwarebytes.org Reboot Then when you are all done run Patchmypc to check for any out of date 3rd party applications http://www.patchmypc.net Link to comment Share on other sites More sharing options...
Anibal P Posted April 14, 2015 Share Posted April 14, 2015 Check your hosts file, if something doesn't look right google it on another system goretsky 1 Share Link to comment Share on other sites More sharing options...
raid0 Posted April 14, 2015 Share Posted April 14, 2015 I clean many pc infested by malware and I mostly use Malwarebytes then HitmanPro (use both). Link to comment Share on other sites More sharing options...
sinetheo Posted April 14, 2015 Share Posted April 14, 2015 If you value your identity and credit score the only way to be proper is a full erase and re-image. Some of it can never be removed or after removal the damage and other backdoors remain on. Once compromised it is game over. Go google if you have an SSD secureErase and use a bootcd with parted and do a complete wipe and re-install. Link to comment Share on other sites More sharing options...
goretsky Supervisor Posted April 14, 2015 Supervisor Share Posted April 14, 2015 Hello, If the problem is occurring in all browsers and no malware is showing up on the computer, it may be that your router's DNS settings have been compromised. Regards, Aryeh Goretsky Link to comment Share on other sites More sharing options...
Tomo Posted April 14, 2015 Share Posted April 14, 2015 Check you don't have a proxy setup in Internet Settings and also that your DNS addresses point at something legitimate, use 8.8.8.8 or 8.8.4.4 if in doubt. goretsky 1 Share Link to comment Share on other sites More sharing options...
2ral Posted April 14, 2015 Author Share Posted April 14, 2015 Hello, If the problem is occurring in all browsers and no malware is showing up on the computer, it may be that your router's DNS settings have been compromised. Regards, Aryeh Goretsky Check you don't have a proxy setup in Internet Settings and also that your DNS addresses point at something legitimate, use 8.8.8.8 or 8.8.4.4 if in doubt. guys...so how do I do it? explain in steps.. meanwhil, while trying to clean registry iwith CCLeaner I deleted some system file now gotta restore system (( Link to comment Share on other sites More sharing options...
goretsky Supervisor Posted April 14, 2015 Supervisor Share Posted April 14, 2015 Hello, If you are not sure what your router's DNS settings should be, the easiest thing to do would be to call your Internet Service Provider's technical support department and ask them to verify the settings with you to make sure they are correct. Regards, Aryeh Goretsky Link to comment Share on other sites More sharing options...
Tidosho Posted April 14, 2015 Share Posted April 14, 2015 Malwarebytes Anti-Rootkit is also another tool you can try Run it, update it, then disconnect your internet and run a scan, stop anything phoning home and redownloading itself. Good luck Hello, If you are not sure what your router's DNS settings should be, the easiest thing to do would be to call your Internet Service Provider's technical support department and ask them to verify the settings with you to make sure they are correct. Regards, Aryeh Goretsky Or even better, just do a hard factory reset on it, usually done by holding a RESET button down for more than 10 seconds. I hate calling tech support, they're often clueless, and the whole reason I became an IT engineer, I was smarter than them and their scripts! goretsky 1 Share Link to comment Share on other sites More sharing options...
iogbrideau Posted April 15, 2015 Share Posted April 15, 2015 Don't forget to reset your browser settings as well when running the scans, often times they install themselves as add-ons too in the browser and change a lot of settings such as start page etc. This is particularly true with Chrome. Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted April 15, 2015 MVC Share Posted April 15, 2015 meanwhil, while trying to clean registry iwith CCLeaner I deleted some system file now gotta restore system (( I was going to say just use the temp file remover not the reg cleaner. Though it was assumed. Sorry. Link to comment Share on other sites More sharing options...
2ral Posted April 15, 2015 Author Share Posted April 15, 2015 I changed DNS to 8888 on wireless properties of Internet Protocole Version 4. this basically stops their activity..but I donnow how smart is keeping it on 8888 (some google thing?)....what it means having it as DNS? it's ridicicoous I reinstalled W7 (by formatting)....and installed browsers from scratch..after some surfing on normal site..these spammy ads/linsk again emerged! unbeleivable! only DNS stops them for now... malwarebytes did clean some stuff although I donnow if they were related to them goretsky 1 Share Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted April 15, 2015 MVC Share Posted April 15, 2015 I changed DNS to 8888 on wireless properties of Internet Protocole Version 4. this basically stops their activity..but I donnow how smart is keeping it on 8888 (some google thing?)....what it means having it as DNS? it's ridicicoous I reinstalled W7 (by formatting)....and installed browsers from scratch..after some surfing on normal site..these spammy ads/linsk again emerged! unbeleivable! only DNS stops them for now... malwarebytes did clean some stuff although I donnow if they were related to them Check the DNS numbers in your router. Sounds to me like they got changed in the router. That would explain all. http://192.168.1.1 or http://192.168.0.1 Most routers. (if your routers username and password are default, that might be how the bad stuff got in.) username admin password admin Netgear username admin password password Link to comment Share on other sites More sharing options...
Nick H. Supervisor Posted April 15, 2015 Supervisor Share Posted April 15, 2015 I changed DNS to 8888 on wireless properties of Internet Protocole Version 4. this basically stops their activity..but I donnow how smart is keeping it on 8888 (some google thing?)....what it means having it as DNS? it's ridicicoous I reinstalled W7 (by formatting)....and installed browsers from scratch..after some surfing on normal site..these spammy ads/linsk again emerged! unbeleivable! only DNS stops them for now... malwarebytes did clean some stuff although I donnow if they were related to them First off, the DNS should be 8.8.8.8, not 8888. Think of DNS as an address book. Computers don't recognise web addresses (https://www.neowin.net, for example) and instead recognise IP addresses. The DNS takes your address that you type in, and looks for the appropriate IP address for that site. Secondly, how can the issue have possibly reappeared if you formatted the machine? I think someone earlier mentioned checking the DNS settings on your router, and if after a format the error is still occurring I would look to your router for the source of the issue, not the computer. Does this error happen with any other machines in the house? Link to comment Share on other sites More sharing options...
sc302 Veteran Posted April 15, 2015 Veteran Share Posted April 15, 2015 I changed DNS to 8888 on wireless properties of Internet Protocole Version 4. this basically stops their activity..but I donnow how smart is keeping it on 8888 (some google thing?)....what it means having it as DNS? it's ridicicoous I reinstalled W7 (by formatting)....and installed browsers from scratch..after some surfing on normal site..these spammy ads/linsk again emerged! unbeleivable! only DNS stops them for now... malwarebytes did clean some stuff although I donnow if they were related to them Dns does nothing to really stop them...DNS is bascially the internets phone book associating a friendly name to an ip address. By changing your ipv4 dns, all you did was tell your computer to query 8.8.8.8 for name resolution. You can see this by running a nslookup at a command prompt. The command line would be: nslookup www.msn.com here is the result: C:\users\username>nslookup www.msn.com Server: google-public-dns-a.google.com Address: 8.8.8.8 Non-authoritative answer: Name: a-0003.dc-msedge.net Address: 131.253.33.203 Aliases: www.msn.com www-msn-com.a-0003.a-msedge.net the nslookup command runs a query on the dns servers that are configured in your ipv4 properties. Link to comment Share on other sites More sharing options...
2ral Posted April 15, 2015 Author Share Posted April 15, 2015 First off, the DNS should be 8.8.8.8, not 8888. Think of DNS as an address book. Computers don't recognise web addresses (https://www.neowin.net, for example) and instead recognise IP addresses. The DNS takes your address that you type in, and looks for the appropriate IP address for that site. Secondly, how can the issue have possibly reappeared if you formatted the machine? I think someone earlier mentioned checking the DNS settings on your router, and if after a format the error is still occurring I would look to your router for the source of the issue, not the computer. Does this error happen with any other machines in the house? actually yes..in one other laptop it occurs as well. so when I ented router adminstration..where do I go to? Should I just do systemrestart with factory setting to setup again OR change sth in DNS? it's TPLink router and I see only DDNS thing..not DNS Link to comment Share on other sites More sharing options...
sc302 Veteran Posted April 15, 2015 Veteran Share Posted April 15, 2015 DNS will be part of DHCP on the WAN side...this is normally located in the status area where it shows you your external ip address. On the LAN side, it may have DNS servers listed there for DHCP. If you would like I can poke around and make sure everything is setup properly and possibly even troubleshoot your issues, shoot me over a teamviewer id and password (go to teamviewer.com and install). Link to comment Share on other sites More sharing options...
Nick H. Supervisor Posted April 15, 2015 Supervisor Share Posted April 15, 2015 actually yes..in one other laptop it occurs as well. so when I ented router adminstration..where do I go to? Should I just do systemrestart with factory setting to setup again OR change sth in DNS? it's TPLink router and I see only DDNS thing..not DNS I don't think I've used a TPLink router before, so I can't be sure of the settings. But since I'm assuming you haven't set the router up in any special way, I'd probably suggest doing a factory reset on it. Link to comment Share on other sites More sharing options...
2ral Posted April 15, 2015 Author Share Posted April 15, 2015 I just did router Factory Settings...and withdrew that DNS 8.8.8.8...now surfing to see how is it going..so far, its silent I mostly use Firefox.. goretsky 1 Share Link to comment Share on other sites More sharing options...
Recommended Posts