Tuesday, January 22, 2013

Ib.adnxs Browser Pop up Removal

Bump with Ib.adnxs.com Popup  



ib.adnxs pop up come up all of a sudden on the intended sites from nowhere, either with blank windows or gambling advertisement or lucky chance kinds of things. Tee Support agents 24/7 online were even asked if there was an update for the virus as some got threat message that Ib.adnxs.com was trying to redirect users to its own site. An update version will do to some extent, but to be specific, redirect problem is included into its payload that can only be read when those components in charge of preparation work are in place if you live with it after some time.


Ib.adnxs Browser Malware Acting up



Though Ib.adnxs belongs to browser malware, it does some modifications to the target system:
  • Injects its service value into registry section;
  • Places tons of files in both temp and other folders;
  • Tempers with Host files;
  • Consumes Large CPU;
  • Causes freezes during surfing and working session.
Therefore, you will meet up with random freezes, some dysfunctions out of nowhere. What’s worse, it may cause information security problem should there be any loophole found by hackers or other ‘stealers’.


Causes of Ib.adnxs Adware?
 


Most of people get attacked by Ib.adnxs.com after they accidentally downloaded some add-ons, some media programs and other thingies like that. So to take precautions after remove Ib.adnxs pop up and redirect problem, you may take the tips hereinafter:

  1. Be cautious when clicking links. It can point your browser to download threats or visit malicious web site.
  2. Don’t download unkown "free" software.
  3. Avoid opening unknown e-mail attachments.
  4. Keep updating patches if there is any after you run a scan. 
Now please follow steps hereinafter; should you have any trouble, you are welcome to start a live chat to get professional assistance here.

Detailed Steps to Get Rid of Ib.adnxs Browser Pop up

1.  Disable any suspicious startup items.
For Windows XP:

step: Click Start menu -> click Run -> type: msconfig in the search bar -> open System Configuration Utility -> Disable all possible startup items.



2. Remove add-ons:

Internet Explorer:
1) Go to Tools -> ‘Manage Add-ons’;
2) Choose ‘Search Providers’ -> choose ‘Bing’ search engine or ‘Google’ search engine and make it default;
3) Select ‘Search Results’ and click ‘Remove’ to remove it;
4) Go to ‘Tools’ -> ‘Internet Options’; select ‘General tab’ and click website, e.g. Google.com. Click OK to save changes.

Google Chrome
1) Click on ‘Customize and control’ Google Chrome icon, select ‘Settings’;
2) Choose ‘Basic Options’;
3) Change Google Chrome’s homepage to google.com or any other and click the ‘Manage Search Engines…’ button;
4) Select ‘Google’ from the list and make it your default search engine;
5) Select ‘Search Result’ from the list to remove it by clicking the ‘X’ mark.    

Mozilla Firefox
1) Click on the magnifier’s icon and select ‘Manage Search Engine…’;
2) Choose ‘Search Results’ from the list and click ‘Remove’ and OK to save changes;
3) Go to ‘Tools’ -> “Options”. Reset the startup homepage or change it to google.com under ‘General tab;  


3. Disable proxy

  1. Click on Tools on the menu bar
  2. select Internet options
  3. go to Connections tab
  4. select LAN settings at the bottom of the dialog
  5. under the Proxy sever, untick 'use a proxy server for your LAN (These settings will not apply to dial-up or VPN connections).'
  6. Click OK 

4. Show hidden files  
step: a) open Control Panel from Start menu and search for Folder Options;

 

b) under View tab to tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended) and then click OK;

 


5. Open Windows Task Manager and close all running processes.
step: Use CTRL+ALT+DEL combination to open Task Manager  

Please stop all the following processes.
random.exe

6. Delete all related files and registry values in your local hard disk C.
step: Hold down the Windows key on your keyboard and press the "R" button. Type in "regedit" and hit "Enter" to gain access to the Registry Editor.


                         

Registry:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[RANDOM]”
HKCU\Software\Microsoft\Internet Explorer\ib.adnxs Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\random
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run\random
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5ATIUYW62OUOMNBX256 “(Default)”=”1?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\“UninstallString” = “‘%AppData%\[RANDOM]\[RANDOM].exe” -u
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\“ShortcutPath” = “‘C:\Documents and Settings\All Users\Application Data\5ATIUYW62OUOMNBX256.exe” -u’”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “5ATIUYW62OUOMNBX256” = “‘C:\Documents and Settings\All Users\Application Data\5ATIUYW62OUOMNBX256.exe’


step: Click on the “Start” menu and then click on the “Search programs and files” box, Search for and delete these files

C:\WINDOWS\assembly\KYH_64\Desktop.ini
C:\Windows\assembly\KYH_32\Desktop.ini
C:\WINDOWS\system32\giner.exe
%AppData%\Local\[random].exe


Video Sample Guide on How to Remove Ib.adnxs Browser Pop up

 

Kind Reminder: There's a lot of work need to do after you have resorted to security utilities. And what you need to do is to get into the kernel part of the affected system to kill related  files and registries. Be careful when you do that, since any slight mistake would result in none-access to Windows again. Should you fail to kill ib.adnxs browser pop up and the mess of your browser, you are welcome to contact Tee Support experts 24/7 online for real-time help.

No comments:

Post a Comment

Post a Comment