Badly affected by "youradexchange" adware/malware

[vishalrao]

It's possible the routers (like my TPLink) have TR-069 "remote management" enabled by default and are getting hacked by malicious folks scanning the internet for such backdoors. See https://en.wikipedia.org/wiki/TR-069 so try disabling that feature. I still face the occasional redirects on BSNL even though I've disabled this and tried other stuff like using other open DNS servers.

 

[Striker10]

Yea happens every time I go to my cousins place. They have bsnl..

 

[GPMlore]

Install spyhunter and scan and remove.
Restart.
Spyhunter is available for free or you can try once for kickass torrents

Caution: I do not promote piracy but for rather such situations it's not wise to buy a program.

After you finish removing adware delete the program or support developer by buying it.

For a more longterm solution you can buy Malwarebytes.

What is the guarantee that softwares downloaded from K*T isnt rigged with malware/virus? Downloading a virus/malware packed crack/kgn might actually compound his problem instead of solving.

@moshel you might need to remove the software which installed the malware on your PC, go to Programs and Features in Control Panel and see if any suspicious software has been installed.

After that run Hijackthis, see if any entry exists there which points towards the websites you mentioned. You need to deleted those entries.

See if any toolbar has been installed on your browser, you need to disable it.

You need to run a full scan in Malware Bytes Antimalware, make sure update it first. It will remove unwanted malware and adware.

Tip: Avoid downloading softwares from suspicious sites (ex: softonic.com, brothersoft.com). Try using Private Browsing feature of Firefox/create a virtual machine and then browse websites in that. Your PC would be more safe that way.

 

[edge111hussain]

The problem for me not only persists via the mtnl modem connected to the desktop with a lan cable but across wifi too.
My setup is a mtnl modem which is connected to a wifi router. A lan cable runs from the router to the desktop and another cable to the wifi router which connects the laptops and cell phones.
This problem persists on all devices and i have tried everything mentioned here, but it just wont go.

Any way i can block this problem off the mtnl modem itself?

 

[triumph]

Hey, guys, I dug out some additional information on that point.

So, you can do an automatic check of your device's connection to the DNS server with the free router checker provided by F-Secure and make sure it is connecting to an authorized DNS server.

Or you can do a manual check for existing malware on your router. First you need to understand the default IP address and password of your router. You can do this following these two methods and then try to remove it on your own.

1. Check the back of the router for its model. There you should find the needed information.

If you don't find it there then follow the other method:

2.Check trough connected PC

- Press and hold Windows key + R

- Type “cmd”

- Type the command “ipconfig” and press Enter

- The IP address of your Router is displayed after “Default Gateway”

- Type the discovered IP address into your web browser. Then type the admin username and password.

- If they are changed you need to reset your router.

 

[triumph]

These days I have come across an important info what else should be done after the reset of the router. It concerns the SSID (Service Set Identifier). After the reset, you need to configure it and change the password because they will not be secured.

The techniques used to compromise a router are dictionary attack and brute force attack. And some major differences between them are summarized here.

 

[moshel]

One must also change the default password (usually this is factory default to admin) that is used to access the router settings.