| Page 1 of 1 |
_SiN_
Megatron
Posts: 12108
Location: Cybertron
|
 Posted: Wed, 7th Oct 2015 18:16 Post subject: Adware in Steam |
|
 |
So I started getting ad popups in Steam today, which I haven't seen before.. When I click anywhere on the start page it pops up a random ad in the Steam browser.
I've ran AdwCleaner and Malwarebytes. Adw found a couple of suspicious things at first, but now all scans are clean, still no change though. I've made sure I have no sketchy extensions in Chrome either.
Anyone can give me any tips? Any GOOD free antivirus out there? Been ages since I used any other AV other than the Windows one, which I've used since W7.. Which doesn't find any viruses either.
In no other places am I getting popups or ads, only Steam..
Watercooled 5950X | AORUS Master X570 | Asus RTX 3090 TUF Gaming OC | 64Gb RAM | 1Tb 970 Evo Plus + 2Tb 660p | etc etc
|
|
| Back to top |
|
|
_SiN_
Megatron
Posts: 12108
Location: Cybertron
|
| Posted: Wed, 7th Oct 2015 18:49 Post subject: |
|
|
Ok, so it seems to be a DNS redirect-type of malware/virus, since using Google DNS cures the problem.. now what..
Watercooled 5950X | AORUS Master X570 | Asus RTX 3090 TUF Gaming OC | 64Gb RAM | 1Tb 970 Evo Plus + 2Tb 660p | etc etc
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 7th Oct 2015 18:53 Post subject: |
|
|
if you still wanna scan just fetch the kaspersky rescue disc and boot that.
such things could happen with dns redirection through a faulty dns from your provider or sth that hooked up in the internet explorer api (think steam still uses that to show their sites etc) or host file
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 7th Oct 2015 19:36 Post subject: |
|
|
Scan your PC with these scanners (probably/if not the best ones)
http://www.surfright.nl/en/hitmanpro (BitDefender & Kaspersky engines)
Malwarebytes Anti-Malware FREE
https://toolslib.net/downloads/viewdownload/1-adwcleaner/ <- probably the best crap cleaner for Windows (cleans crap which is not an actual malware)
Ryzen 9800X3D CO ~-26/+200 | Freezer III 360 A-RGB & 3x Phanteks T30 | Strix X670E-F WiFi | MSI GeForce RTX 5090 Ventus OC | Fury Beast 64GB (2x 32GB) DDR5 5600MHz C40 @ 6000MHz C28 | 970 EVO Plus 2 TB | 38GN950-B | S.M.S.L RAW-MDA1 & HiFiMAN Arya Organic | Lancool III Snow White + 4x be quiet! Silent Wings Pro 4 140mm | RM1000x (2021) Gold | G Pro X SUPERLIGHT 2 & POWERPLAY | Win 11 Pro | Logitech MX MECHANICAL
Sometimes I publish YouTube videos: https://www.youtube.com/@RandomTechChannel
|
|
| Back to top |
|
|
_SiN_
Megatron
Posts: 12108
Location: Cybertron
|
| Posted: Wed, 7th Oct 2015 19:37 Post subject: |
|
|
| Janz wrote: | if you still wanna scan just fetch the kaspersky rescue disc and boot that.
such things could happen with dns redirection through a faulty dns from your provider or sth that hooked up in the internet explorer api (think steam still uses that to show their sites etc) or host file |
Updated to the latest FW on my router (using a custom one for my Asus N56U) and did a factory reset on it - that worked. No popups anymore.
Watercooled 5950X | AORUS Master X570 | Asus RTX 3090 TUF Gaming OC | 64Gb RAM | 1Tb 970 Evo Plus + 2Tb 660p | etc etc
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 7th Oct 2015 19:42 Post subject: |
|
|
That's weird, dude. It may have been something you did earlier but the DNS cache was not cleared or Windows wasn't restarted so you didn't see the effect immediately.
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 7th Oct 2015 20:11 Post subject: |
|
|
router shouldnt be the problem. maybe isp's dns got infected or your system. think the asus routers arent known to be vulnerable
but as said -> very weird
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 7th Oct 2015 20:38 Post subject: |
|
|
| _SiN_ wrote: | | Janz wrote: | if you still wanna scan just fetch the kaspersky rescue disc and boot that.
such things could happen with dns redirection through a faulty dns from your provider or sth that hooked up in the internet explorer api (think steam still uses that to show their sites etc) or host file |
Updated to the latest FW on my router (using a custom one for my Asus N56U) and did a factory reset on it - that worked. No popups anymore. |
I suggest to scan your PC (or all of them if you have some others in the same network) then check your DNS settings on the PC & the router. Make sure those IPs are not rogue.
Ryzen 9800X3D CO ~-26/+200 | Freezer III 360 A-RGB & 3x Phanteks T30 | Strix X670E-F WiFi | MSI GeForce RTX 5090 Ventus OC | Fury Beast 64GB (2x 32GB) DDR5 5600MHz C40 @ 6000MHz C28 | 970 EVO Plus 2 TB | 38GN950-B | S.M.S.L RAW-MDA1 & HiFiMAN Arya Organic | Lancool III Snow White + 4x be quiet! Silent Wings Pro 4 140mm | RM1000x (2021) Gold | G Pro X SUPERLIGHT 2 & POWERPLAY | Win 11 Pro | Logitech MX MECHANICAL
Sometimes I publish YouTube videos: https://www.youtube.com/@RandomTechChannel |
|
| Back to top |
|
|
_SiN_
Megatron
Posts: 12108
Location: Cybertron
|
| Posted: Wed, 7th Oct 2015 22:04 Post subject: |
|
|
| VGAdeadcafe wrote: | | That's weird, dude. It may have been something you did earlier but the DNS cache was not cleared or Windows wasn't restarted so you didn't see the effect immediately. |
Believe me, Windows was restarted a shitload of times. Actually, replicating the issue was very simple - I could switch from the Google DNS to automatic and it would bring the popups back. Reverting the DNS to 8.8.8.8, they would be gone. This also happened on my GF's PC, which is now also fixed by the router reset. Have restarted Windows multiuple times since this fix and started Steam, no sign of the popups still..
Watercooled 5950X | AORUS Master X570 | Asus RTX 3090 TUF Gaming OC | 64Gb RAM | 1Tb 970 Evo Plus + 2Tb 660p | etc etc
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 7th Oct 2015 22:28 Post subject: |
|
|
With the automatic setting, doesn't the router get the DNS server's IP address from the ISP? Weird.
Since you are using custom DNS now, you could try the OpenDNS ones, too. That's what I've been using for years.
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 7th Oct 2015 22:41 Post subject: |
|
|
yep ofc the dns from the router and if the router isnt modified (or its settings) its the provider dns server. you should write a mail to your provider, most of them have an abuse@isp.com adress where you can report and may get further information from them if its their fault or a known problem or whatever
|
|
| Back to top |
|
|
| Page 1 of 1 |
All times are GMT + 1 Hour |
