Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect virus?


  • Please log in to reply
9 replies to this topic

#1 TheJokerz

TheJokerz

  • Members
  • 286 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:09:07 PM

Posted 13 August 2015 - 07:11 AM

Hello,

 

I have a lg g3, and when I am surfing the net on it will redirect me to a random app to download.  This only happens when I am in a internet browser, I used chrome and and the default browser that comes with android phones and it does this in both browsers.  This will happen at random times and is pretty annoying.  I have a paid version of lookout mobile security and have scanned with that and it comes up with nothing.  

 

Thanks in advance,

 

Stephen


utl8q0-5.png


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:07 PM

Posted 13 August 2015 - 10:26 AM

Hello, I moved this to the Am I Infected forum.

First look in your Browsers plug ins/extentions for items you do not recognize and disable them.. Or if needed go onoe by one and see if you find the culprit.

How To Disable Individual Plug-ins in Google Chrome


Or we need to run these.
..

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
51a46ae42d560-malwarebytes_anti_malware.Malwarebytes Anti-Malware
  • Download MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 TheJokerz

TheJokerz
  • Topic Starter

  • Members
  • 286 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:09:07 PM

Posted 13 August 2015 - 10:35 AM

This is on a phone do they have the mobile version for all of those programs? Sorry I guess I should have been a little more clear when I posted this. That is why I posted in the android section. Please let me know how to proceed.

Thanks

utl8q0-5.png


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:07 PM

Posted 13 August 2015 - 10:51 AM

No problem

MBAM
https://play.google.com/store/apps/details?id=org.malwarebytes.antimalware&hl=en

Sophos
https://play.google.com/store/apps/details?id=com.sophos.smsec&feature=search_result&hl=en

Edited by boopme, 13 August 2015 - 10:54 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 TheJokerz

TheJokerz
  • Topic Starter

  • Members
  • 286 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:09:07 PM

Posted 13 August 2015 - 02:08 PM

Scan with both and came up with nothing.  MBAM did come up with some crash reports to send to the devs.

 

Kind of odd...


utl8q0-5.png


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:07 PM

Posted 13 August 2015 - 03:11 PM

You also reset your Browsers?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 TheJokerz

TheJokerz
  • Topic Starter

  • Members
  • 286 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:09:07 PM

Posted 13 August 2015 - 03:15 PM

I did, I have even gone as far as uninstalling apps that I installed after this started happening.  It has not done it today yet but I have also not had a lot of time to try and replicate the problem.


utl8q0-5.png


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:07 PM

Posted 13 August 2015 - 03:22 PM

What is the OS win 7 or 8?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 TheJokerz

TheJokerz
  • Topic Starter

  • Members
  • 286 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:09:07 PM

Posted 13 August 2015 - 03:29 PM

This is on a phone do they have the mobile version for all of those programs? Sorry I guess I should have been a little more clear when I posted this. That is why I posted in the android section. Please let me know how to proceed.

Thanks

 

 

See above message,  this is running ANDROID!! :hysterical:

 

5.0.1 to be exact


Edited by TheJokerz, 13 August 2015 - 03:29 PM.

utl8q0-5.png


#10 Farside_77

Farside_77

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 14 August 2015 - 11:30 PM

im haveing this same problem fyi, no fix yet.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users