Widows 8.1 Random site opens periodically

Discussion in 'Windows 8' started by tijybba, Jul 19, 2014.

  1. tijybba

    tijybba MDL Novice

    Apr 6, 2012
    9
    2
    0
    Hi guys,
    Recently installed Windows 8.1 64 bit , (thanks to Murphy & CODYQX4 and all awesome helpful posts here:D ) Only thing bugging is Random Site visits from my machine .
    IE being default browser , periodically opens as per screenshot sites in New Window or New Tabs.
    + Some Justin B* , Miley C* pages etc etc.
    Ran malware bytes , Windows defender but found nothing.
    Found similar issue for Firefox , but no resolution.
    Thought some of us here with new installation might have faced this too.:biggrin:
    Any suggestion would be appreciated
    1.JPG
     
  2. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    5,726
    3,744
    180
    Check hosts file, definitely sounds like you have some redirect / malware going on

    Where did you download Win 8.1 from ?
     
  3. tijybba

    tijybba MDL Novice

    Apr 6, 2012
    9
    2
    0
    #3 tijybba, Jul 19, 2014
    Last edited by a moderator: Apr 20, 2017
    (OP)
    Thanks MrMagic,

    Checked the file (C:\Windows\System32\drivers\etc\hosts) , but found nothing suspicious.

    Code:
    # Copyright (c) 1993-2009 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    #      102.54.94.97     rhino.acme.com          # source server
    #       38.25.63.10     x.acme.com              # x client host
    # localhost name resolution is handled within DNS itself.
    # 127.0.0.1       localhost
    # ::1             localhost
    
    
    Downloaded from MDL Forums ,I guess older post by murphy (I may be wrong , cause I no longer find it). HASH check was right.

    en_windows_8_1_enterprise_x64_dvd_2971902.iso
     
  4. Shenj

    Shenj MDL Expert

    Aug 12, 2010
    1,557
    652
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Wazoo

    Wazoo MDL Senior Member

    Nov 5, 2013
    479
    237
    10
    #6 Wazoo, Jul 19, 2014
    Last edited: Jul 19, 2014
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    5,726
    3,744
    180
    #7 MrMagic, Jul 19, 2014
    Last edited by a moderator: Apr 20, 2017
    If it's a genuine ISO, then that won't be the cause, how did you activate it ?

    MTK is the preferred method, if you used a different 3rd party hacktivator, that could have infected you
     
  7. tijybba

    tijybba MDL Novice

    Apr 6, 2012
    9
    2
    0
    Thanks All,

    Did Malwarebytes scan and removed the infected files. It was a unwanted software which installed itself, did registry cleaning using ccleaner. :D:worthy::worthy: