Loke

Members
  • Content Count

    5
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Loke

  • Rank
    Newbie
  1. No wonder you haven't read that. I'm not going to explain in details what I or others could do with those files. But let's take Thanu's logfiles as an example; containing loads of information which he just might want to keep for himself. Let's take Addition.txt where his real name is listed, and so is everything that he has downloaded (i.e. Requiem.for.a.Dream.DIRECTORS.CUT.2000), and all programs that he have installed - among them; what OS (incl. user-accounts), which browsers and security-programs (antivirus, anti-malware, firewall etc.) he uses and if any are out-of-date/updated. Hackers can then pick'n'choose from a complete list of programs - some with known exploits. All a hacker now needs is his IP-address, which could be obtained from him if he were to send an e-mail (which he in fact did to me after a PM), and which I'm sure is available to every board he uploads those logs to. I find it very strange, that you don't seem to get the problem is with our ISP (ToT, Thailand), and it is completely out of our hands to remedy this. All you are suggesting is re-flash our routers (a risky affair), remove this and that software (which have nothing to do with this problem), and even re-install our computers <sigh>. Then you go on to postulate that we can make your computer "really secure afterwards"... That's really laughable. Everything points to, that this particular problem is with our ISP, and all those quite time-consuming efforts you're suggesting would be to no avail. As ToT are using Google's public DNS-servers, and as I really doubt they are infected, then the problem is somewhere else in the network-layers. As I wrote, then all I'm offering here is a temporary solution. One, that will fix those popups and re-directions right NOW for those who'd be interested in that. In my case, then I wont have to watch different porn-cartoons popup, or have tabs with porn-sites continuous load in my browser, and so wont my three sons (8, 8 and 11yo). Jesus!
  2. Changed my router and this problem still persists. My humble opinion: 1. ToT has been hacked - there's no doubt about it. 2. Use the free Adblock Plus (ABP https://adblockplus.org/) 3. Add Malware Domain to the ABP Filter List under options: "Please choose a filter subscription from the list:" Choose "Add a different subscription..." "Subscription title:" Write "Disable Malware" "Filter list location:" Write "https://easylist-downloads.adblockplus.org/malwaredomains_full.txt" 4. Edit your hosts file (%WINDIR%\System32\drivers\etc\hosts) as administrator, and add these at the bottom of the file: 127.0.0.1 gamblespot.ru 127.0.0.1 www.sexgangsters.com 127.0.0.1 downloadpcapps.com 127.0.0.1 megafilecloud.ru 127.0.0.1 kudrafa.ru 127.0.0.1 vktarget.ru 127.0.0.1 stock-traffic.info 127.0.0.1 counter.yadro.ru 127.0.0.1 wizard-traffstock.com 127.0.0.1 contactsin.com 127.0.0.1 wizard-help.com 127.0.0.1 not-only.info 127.0.0.1 omgdomain.info 127.0.0.1 yandex.ru 127.0.0.1 greenlea.ru 127.0.0.1 akamaihd.net 127.0.0.1 ektezis.ru 127.0.0.1 dbterrrznvh.people-are-thought.info 127.0.0.1 zinzimo.info 127.0.0.1 waveview.info 127.0.0.1 doubleclick.net 127.0.0.1 traffic.outbrain.com Now you'll have no more popups yet occasionally have your browser open a vktarget.ru tab, but your computer will not connect to vktarget.ru or any of the above. 5. Wait for ToT to get their s*** together, or if possible; find another ISP asap. 6. Be wary of uploading all those logs (i.e. FRST.txt and Addition.txt)! Those files exposes your system, thus makes you and your system vulnerable as they easily could be harvested and misused by hackers. Just my two cents! - Sharing is caring!! Loke (semi-retired computer-engineer)
  3. If you click on ABP and then choose "Block element" then you click on the pop-up, and ABP will start blocking it.
  4. I have a winter-residence on Koh Chang, and unfortunately here we are all stucked with ToT, while eagerly waiting for AirNet rolling their fiber out village by village. In Khon Kaen, where I do reside in the summer-months, there I'm using 3BB as well. Why not many have complained; well, not many foreigners are using ToT in Thailand - of reasons that are obvious (throttling international traffic being not the only but the main reason). This problem is quite new (14+ days), and last but not least; I guess most people have become somewhat used to having pop-ups interfere with their browsing, and the Adblock plus plug-in can get rid of many pop-ups, also vktarget.ru (if point'n'clicking on those manually).
  5. Hi Thanu and all the wizards here, First, let me ask you, Thanu; are you using ToT as your ISP? I'm a retired computer-engineer living in Thailand, and I've recently experienced the exact same trouble with vktarget.ru. Using all my skills to crack this Russian nut, I couldn't and still can't escape this, and are still in the same frustrating situation as you are in (even my smartphone are affected). But, it is my opinion, that it is the ISP (ToT) that has been infected, and here's how I came to that conclusion: 1. Scanning with Ad-Aware and Spybot didn't come up with anything. 2. Adding vktarget.ru (and all the redirections) to my hosts file, pointing them to local-host (127.0.0.1) did fix most of the redirections, but of cause not the ones with random subdomains (as hosts doesn't support wildcards). 3. My DSL-router had my main DNS altered from the usual ToT (8.8.8.8) to a German GHOSTnet DNS-server (94.249.192.184). I suspected the router to be hacked, but I could change it back to 8.8.8.8, yet the problem persisted, which was the main tip pointing to ToT being infected. Then also noticed that vktarget.ru was gone if I used a VPN on the PC, or used my mobile ISP (TrueMove H) instead of WiFi on my smartphone, hence my conclusion. My skills are rusty, and I might be wrong - and I'd appreciate to be corrected by any of the wizards here. /Loke