Can't get rid of this adware even after reinstallation of my OS 3 times

[Sumit Das]

Ok, So it started back in 27 of April this year and I thought it was some common adware so I will get rid of it after I finish my project by reinstalling my OS. So I reinstalled my OS on 1st of April and everything was fine I didn't get any of the adware thing after that at all. But today that is 9th of April it started again. I click something and it opens up some adult website. So I thought it might be some adware again that I might have un intentionally activated so I reinstalled my OS but nothing changed I was still getting it. after 3 re-installs today I got fed up and thought of asking from some experts. So I fired up Tom's Hardware but It was way to hard for me to open the website as the adware was messing with me all the time.I really want some help. It is quite depressing for me. I think that clicking fires up the adware IMO not sure though.
Antivirus I was using : Avira free version
I changed it to Bitdefender free version yet nothing changed.
Please help I have my siblings at my home who are young to watch all those sites and usually use my PC.

PS. These are the websites which I usually get redirected to. bonjovi-fc.info go.trafficshop,com adultlube.info and then these to redirect me to some adult site

I need a cure.

 

[eatmypie]

Do you have a cell phone provider that has a mobile hotspot? If you just use email etc that may be an option.

 

[swapnilba]

Hi,

I have faced the same problem and never seemed to have found the solution until I ran into the forum site bleepingcomputer.com. I asked there for help, followed all their steps and it seemed to work for me. Here is the link to the thread that I had posted. May be you will get a fix too.

http/www.bleepingcomputer.com/forums/t/573703/adultubeinfo-popup-in-chrome-and-ie/

 

[Sumit Das]

Hi,

I have faced the same problem and never seemed to have found the solution until I ran into the forum site bleepingcomputer.com. I asked there for help, followed all their steps and it seemed to work for me. Here is the link to the thread that I had posted. May be you will get a fix too.

http/www.bleepingcomputer.com/forums/t/573703/adultubeinfo-popup-in-chrome-and-ie/

Did you reinstall your OS. Mine didn't fix even after a number of OS reinstalls. So I am thought of changing my ISP but today this airtel guy calls me and tells me that he cannot setup a connection for some lame wiring difficulties. Though I will try the Solution you gave and see if it helps me.

 

[Sumit Das]

I think I am in another problem. Here the other ISPs dont want to give a connection to me because it will cost them too much. They tell me the gap is too big from the connection point to my house. It has a high risk that wires might get broken or destroyed due the gap it has to travel. Is there anything else I can do like a friend told me about flash reset I guess (I remember he said something FLASH) my modem I didn't actually understand it and he wasn't able to describe it to me too. For my problem, It was gone for 2 and a half days that is today and yesterday and the day before so I did the scan yesterday as "eatmypie" told me and it ran fine but suddenly it came back again some minutes ago. Can any one teach me flash resetting the modem. And I will really appreciate any other Solutions.

 

[eatmypie]

Unless you have a user interface or some kind of terminal service that lets you log into your modem which is very unlikely users can't flash or upgrade the firmware in modems. This is for security reasons from the ISP and manufactures, so only the ISP can issue updates,and these updates happen seamlessly without the user knowing. It could be your ISP just having extremely poor security, so something might be getting through on their end, and fixing this on a user end without expensive hardware is extremely difficult for the average user and even tech savvy people who don't fully understand security on a professional level. I would first contact them and describe your issue, don't frame them for anything, just simply start by asking them if they have had other complaints. You could also ask for them to change your IP address, and then from there if you still can't solve your issue you could buy something like a $50-70 hardware firewall solution which may or may not block whatever is going on. For the average user I usually would say the windows firewall or an AV firewall is enough, but in your case I think it might be different. Bitdefender comes with a really nice built in firewall and I.P.S and I.D.S, try out the total security free trial before you buy anything, see if their firewall is enough to fight off whatever is coming from your ISP's side.

 

[Sumit Das]

I was using avira free version before anything happened. After all these events I switched to BitDefender Total security trial version just to check if it can stop the adware but it didn't. And one more thing recently that is before all these started I started getting advertisement pop-ups of the same Internet service I was using. The friend told me it might be the thing that lead to the security issues I am facing (If I am writing it correctly). And Eatmypie, I really appreciate that you are still replying and trying to help me on this even after a month. I will ask my ISP if they can change my IP address and I doubt they will but I will still try and see.

 

[mbarnes86]

Hi

Upgrading broadband modem routers is usually not blocked but there is a risk of turning it into a brick if you get the wrong file
A modem router may be sold by a PC retailer or supplied by a ISP with a special version of the update which only works for that ISP

Then there are hardware version numbers for the modem router
With different requirements

Usually you logon to admin page and find a update page where you browse to update file and then start the process

Do not do this without advice of your ISP and a set of printed instructions and the ISP supplied settings for your device and correct update file

I suggested before reading up on how to reset a modem to defaults,

Then change user account name, password
And ssid name so it does not use maker of modem router in the name
( which makes it easy to guess default setting for your device)

Turn off remote admin access to router modem
All this makes it harder to hack your modem router

Most ISp supply a IP address which changes regularly and charge extra for a fixed IP account

There was a resent report of thousands of router modems being hacked so it can occur

There is also a report of a means of hacking a hard drive to hide software on the hidden areas of disk which can be loaded before the operating system loads

This is very rare and only likely to be used by security services ( eg NSA) to spy on people not install spyware .

Again formatting a hard drive is not enough to remove mbr virus which loads before the operating system
The mbr or first sector or first cylinder of the hard drive must be erased to clear this sort of malware .

Mbr wizard by firesage can do this for you
latest version costs Money older versions are free

Regards
Mike Barnes

 

[Greyfalcon]

Unless you have a user interface or some kind of terminal service that lets you log into your modem which is very unlikely users can't flash or upgrade the firmware in modems. This is for security reasons from the ISP and manufactures, so only the ISP can issue updates,and these updates happen seamlessly without the user knowing. It could be your ISP just having extremely poor security, so something might be getting through on their end, and fixing this on a user end without expensive hardware is extremely difficult for the average user and even tech savvy people who don't fully understand security on a professional level. I would first contact them and describe your issue, don't frame them for anything, just simply start by asking them if they have had other complaints. You could also ask for them to change your IP address, and then from there if you still can't solve your issue you could buy something like a $50-70 hardware firewall solution which may or may not block whatever is going on. For the average user I usually would say the windows firewall or an AV firewall is enough, but in your case I think it might be different. Bitdefender comes with a really nice built in firewall and I.P.S and I.D.S, try out the total security free trial before you buy anything, see if their firewall is enough to fight off whatever is coming from your ISP's side.

I re-installed my OS too but the problem still comes back. I had installed nothing except Firefox. It happens sometimes when I open a website and click anywhere on the whole page. It's like the whole page is masked with some invisible ad. So when I click anywhere on the whole page, a new tab opens and I get redirected to different sites. Just like it would happen with normal adverts which open a new tab and redirect you to sites when you click on them. So after the fresh install, when the problem reoccurred, the first website which opened in the new tab was onclickads.net and then i was redirected to some other porn sites. I've read that onclickads.net installs adware which messes up with the DNS and all and gives popups and redirects to different sites. But there seem to be nothing installed on the hard drive itself as nothing is detected by any AV or other numerous programs that I have used.
Maybe this redirecting problem can be avoided by installing website blocking extensions and other blockers etc. But what I want to know is whether this virus/adware will infect any pendrive or external storage I will connect to my computer. Because I don't want to infect my other devices (laptop, cell) with this thing too. And If somebody else uses their external hard drive on my computer will that person get the virus too? Cause that would be a really terrible thing. My innocent GF would be in a pickle if she is using her laptop/PC in front of her mother or someone else and these porn sites pop up. She wouldn't even know what the hell is happening!!!!
So my main question is that there seems to be nothing malicious on my hard drive, and if the problem is in the ISP, will it find its way to other computers through external hard drives etc?

 

[eatmypie]

The chances that something coming from the ISP side infecting your external media drives are fairly unlikely. That is because it isn't infecting the actual computer itself its doing something on the ISP side. It is possible to have the media infected if you get a redirect to a website that does something like a drive by download which in most cases for ad networks generally they need some type of user interaction to install themselves and are generally don't carry any type of malware or viruses. That's because they still need to treat it like a business,if they start redirecting people to websites that do stuff like drive by downloads then that would mess with their reputation and then when they ask some other company if they can add their ad software for a price they most likely will get turned down if they have a bad history with other companies that do the same thing. But as I posted before call the ISP, talk to them, and if they won't do anything about it try something like the bitdefender AV firewall. If you would be willing to learn something about security try installing and configuring a I.D.S onto your system and look at the logs etc...

 

[Skylyne]

I haven't read everything here, so I might have missed something; but there is a lot to read here lol.

Seems like MTNL has a history with this sort of problem... Have you contacted your ISP directly, and talked to someone about the problems you've been having?

From the things I've read, it seems like it's the ISP injecting this crap into your internet connection, but I could very well be wrong. If you can, you can test for "spreading" the "infection" by using a flash drive on your problematic computer, and see if anything happens when you are using a computer without this problem. One way you can see if it's directly related to the internet connection is to disconnect your computer from the modem after loading a few webpages, click around on the pages, and see if you start getting redirected that way. If you only have the pop ups/ads/etc. come up when you're connected, then it's all due to your internet connection (or possibly the modem); regardless, that will tell you if it's localised on your computer. If nothing happens when you're disconnected from the modem, and it only occurs when you're connected, then that tells me the problem is most likely not on your computer.

Have you tried any of this, and come up with some results?

 

[unnis]

I have the exact same problem and I too tries reinstalling the OS, but it didn't work. I have put adblockplus add-on and it seems to be working. But it is not a permanent solution as the pages will open and close without you knowing it.

 

[Sumit Das]

Hello Unnis. I think the only way to fix this is buying a new modem. Or getting a new Connection from another ISP and before connecting to the new connection do Reinstall your OS. I wasn't able to do none of the above because My ISP is from stone age they don't know much and doesn't want to change my Modem neither they let me change it myself and for other ISP they say it will cost them a lot on wiring so it will not be possible to get a new connection from other ISP. I have checked though my machine works fine on my Friend's Internet connection.

 

[DasAVictim]

Hi,
I am also having exact same problem since the last two / three months. I have OEM Windows 8 on Lenovo. At home using BSNL Broadband ISP and at work we have Beam Tele/Excel Media. I see this redirect both at home and work. I am not very sure if the problem is with just BSNL. While I tend to get this more frequently on BSNL compared to other at work. I am blocking most of the redirects but as some one said in earlier posts it only means that we are blocking it not getting rid of it completely. By the way, I have latest live updating Norton AV on my system right from day one. One thing I have observed is that after clearing browing history, cookies, temporary files, this redirect is dormant for some time, like a day or so. Another thing I get 'Page not found' a lot of times when using good trusted sites. After multiple reloads the page comes up and works as if nothing had failed to work. I suspect some input data is captured. I am really scared with that thought.

Any solution would be very helpful. I am sure there are more facing this issue.

Thank you,

 

[unnis1]

Hi Sumit, so have you changed your broadband and if so, is the adware gone? Please reply so that I may do the same. Thanks

 

[Skylyne]

Definitely would love to hear a follow up, but not counting on it. Many people join forums to ask a question, get the answer (if at all), and rarely come back. It's common.

 

[Sumit Das]

@Skylyne I stated above the only way is to change your ISP which I cannot do just because other ISPs other than mine don't want to setup a new route of connection as it will cost them a lot for a single connection.

BTW I spoke with MTNL the did something with my IP and I haven't seen the problem for a month now