Solved Invalid URL displaying malware window

fordtman

New Member
Messages
5
I am running Internet Explorer 11 (latest version) on Windows 8.1 and whenever I enter an invalid URL into IE by mistake I get the attached image instead of the normal "This page can't be displayed". I have defender loaded and have run a full scan as well as a full scan with the latest version of Malwarebytes. All other malware and viruses have been removed except for this one. Has anyone seen this before? How can I remove it? It only happens one computer and I have scanned numerous forums and tried many suggestion to no avail. An image of the offending page and images of the programs loaded are attached. Any help appreciated as it is driving me nuts.
 

Attachments

  • this page can't be displayed.PNG
    this page can't be displayed.PNG
    18 KB · Views: 68
  • programs1.PNG
    programs1.PNG
    22.6 KB · Views: 65
  • programs2.PNG
    programs2.PNG
    18.2 KB · Views: 65
  • programs3.PNG
    programs3.PNG
    15.9 KB · Views: 60

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    PC/Desktop
    CPU
    Intel Core i5 3570K
    Motherboard
    ASUS
    Memory
    16GB
    Browser
    Internet Explorer 11
    Antivirus
    Windows Defender
It looks like a browser hi-jack. Windows defender sucks to be honest. Get a good paid anti-virus. The protection is better. Like Vipre for example. I know some computer repair shop owners and they either recommend Vipre Internet Security or Norton Internet Suite. Vipre has more options though and a high catch rate.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Inspiron M731R (5735, Late 2013)
    CPU
    1.70 GHz AMD A8 5545M Elite Quad Core
    Motherboard
    No idea
    Memory
    8GB DDR3
    Graphics Card(s)
    AMD 8510G Radeon(tm) HD Graphics
    Sound Card
    Realtek
    Monitor(s) Displays
    17.3" Inch Display
    Screen Resolution
    1600 x 900
    Hard Drives
    500GB 6GB/s Crucial BX100 SSD
    Case
    Blue Aluminum Finish
    Cooling
    Laptop Fan (Currently Unknown Name)
    Keyboard
    Came with it
    Mouse
    Utech Smart Optical Gaming Mouse US-D4000-GM
    Browser
    Google Chrome / Safari (On my iPod and iPad)
    Antivirus
    Vipre InternetSecurity2015/MalwareBytes Anti-Malware PREMIUM

My Computer

System One

  • OS
    Windows 8.1 Update Pro in Hyper-V/Windows 10 Pro 64 bit
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Cliff's Black & Blue Wonder
    CPU
    Intel Core i9-9900K
    Motherboard
    ASUS ROG Maximus X Hero
    Memory
    32 GB Quad Kit, G.Skill Trident Z RGB Series schwarz, DDR4-3866, 18-19-19-39-2T
    Graphics Card(s)
    ASUS GeForce RTX 3090 ROG Strix O24G, 24576 MB GDDR6X
    Sound Card
    (1) HD Webcam C270 (2) NVIDIA High Definition Audio (3) Realtek High Definition Audio
    Monitor(s) Displays
    BenQ BL2711U(4K) and a hp 27vx(1080p)
    Screen Resolution
    1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
    Hard Drives
    C: Samsung 960 EVO NVMe M.2 SSD
    E: & O: Libraries & OneDrive-> Samsung 850 EVO 1TB
    D: Hyper-V VM's -> Samsung PM951 Client M.2 512Gb SSD
    G: System Images -> HDD Seagate Barracuda 2TB
    PSU
    Corsair HX1000i High Performance ATX Power Supply 80+ Platinum
    Case
    hanteks Enthoo Pro TG
    Cooling
    Thermaltake Floe Riing RGB TT Premium-Edition 360mm and 3 Corsair blue LED fans
    Keyboard
    Trust GTX THURA
    Mouse
    Trust GTX 148
    Internet Speed
    25+/5+ (+usually faster)
    Browser
    Edge; Chrome; IE11
    Antivirus
    Windows Defender of course & Malwarebytes Anti-Exploit as a
    Other Info
    Router: FRITZ!Box 7590 AX V2
    Sound system: SHARP HT-SBW460 Dolby Atmos Soundbar
    Webcam: Logitech BRIO ULTRA HD PRO WEBCAM 4K webcam with HDR
Go to your settings and add-ons and make sure nothing is suspicious.
 

My Computer

System One

  • OS
    Windows 10 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Custom build
    CPU
    i5-6500 @3.20GHz
    Motherboard
    Gigabyte B150-HD3P-CF
    Memory
    16GB DDR4 2133 Crucial Ballistix Sport LT
    Graphics Card(s)
    MSI GeForce GTX 1060 GAMING X 6G
    Sound Card
    Built-in
    Monitor(s) Displays
    Liyama ProLite XB2483HSU-B2
    Screen Resolution
    1920 x 1080
    Hard Drives
    Crucial MX200 500GB & Toshiba DT01ACA300 3TB
    PSU
    Corsair RM550x
    Case
    Fractal Design Define S
    Cooling
    Cooler Master TX3 i
    Keyboard
    Func KB-460 (MX Red)
    Mouse
    Corsair Gaming M65 RGB
    Browser
    Google Chrome
    Antivirus
    Bitdefender Total Security 2017 + MBAM Pro + MBAE Pro
    Other Info
    Creative Sound Blaster Tactic3D Rage V2 headset
Check your DNS settings in your PCs and/or router. If that's been hijacked then you don't know where you'll wind up!
 

My Computer

System One

  • OS
    Windows 8.1 consumer 64 bit
    Computer type
    Laptop
    System Manufacturer/Model
    Acer Aspire M5 481PT-6644
    CPU
    Intel Core I5
    Memory
    6 GB
    Hard Drives
    Spinning/SSD hybrid 500GB/20GB
    Mouse
    ELAN Trackpad
    Internet Speed
    18mbs/5mbs
    Browser
    Chrome
    Antivirus
    Windows Defender
If you're router has been hi-jacked then you may want to check all of your devices for malware! (Malware could jump onto your connections when receiving data from your router.)
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Inspiron M731R (5735, Late 2013)
    CPU
    1.70 GHz AMD A8 5545M Elite Quad Core
    Motherboard
    No idea
    Memory
    8GB DDR3
    Graphics Card(s)
    AMD 8510G Radeon(tm) HD Graphics
    Sound Card
    Realtek
    Monitor(s) Displays
    17.3" Inch Display
    Screen Resolution
    1600 x 900
    Hard Drives
    500GB 6GB/s Crucial BX100 SSD
    Case
    Blue Aluminum Finish
    Cooling
    Laptop Fan (Currently Unknown Name)
    Keyboard
    Came with it
    Mouse
    Utech Smart Optical Gaming Mouse US-D4000-GM
    Browser
    Google Chrome / Safari (On my iPod and iPad)
    Antivirus
    Vipre InternetSecurity2015/MalwareBytes Anti-Malware PREMIUM
Thanks everyone for your helpful suggestions. I have tried everything and the offending page is still there when I enter an invalid URL. I have tried Viper, Malwarebytes Anti-Malware, Windows Defender, full scan on all and in normal mode, administrator mode, and safe mode, none of them worked. I have checked the DNS settings and add-ons and everything is OK. If I can find out how this type of hi-jack works I might have a better understanding on what I can do to fix it. The next step is to replace my router (which I was planning to do as I have a newer spare). From the HTML code associated with the page it looks like it came from China. I'll keep you posted.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    PC/Desktop
    CPU
    Intel Core i5 3570K
    Motherboard
    ASUS
    Memory
    16GB
    Browser
    Internet Explorer 11
    Antivirus
    Windows Defender
It's called Vipre and you paid for it?

Have you tried to delete the temp file? That may have something to do with it.

Press the windows key and R and type in %TEMP% and press enter

Delete every single file in the window that opens.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Inspiron M731R (5735, Late 2013)
    CPU
    1.70 GHz AMD A8 5545M Elite Quad Core
    Motherboard
    No idea
    Memory
    8GB DDR3
    Graphics Card(s)
    AMD 8510G Radeon(tm) HD Graphics
    Sound Card
    Realtek
    Monitor(s) Displays
    17.3" Inch Display
    Screen Resolution
    1600 x 900
    Hard Drives
    500GB 6GB/s Crucial BX100 SSD
    Case
    Blue Aluminum Finish
    Cooling
    Laptop Fan (Currently Unknown Name)
    Keyboard
    Came with it
    Mouse
    Utech Smart Optical Gaming Mouse US-D4000-GM
    Browser
    Google Chrome / Safari (On my iPod and iPad)
    Antivirus
    Vipre InternetSecurity2015/MalwareBytes Anti-Malware PREMIUM

My Computer

System One

  • OS
    Windows 10 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Custom build
    CPU
    i5-6500 @3.20GHz
    Motherboard
    Gigabyte B150-HD3P-CF
    Memory
    16GB DDR4 2133 Crucial Ballistix Sport LT
    Graphics Card(s)
    MSI GeForce GTX 1060 GAMING X 6G
    Sound Card
    Built-in
    Monitor(s) Displays
    Liyama ProLite XB2483HSU-B2
    Screen Resolution
    1920 x 1080
    Hard Drives
    Crucial MX200 500GB & Toshiba DT01ACA300 3TB
    PSU
    Corsair RM550x
    Case
    Fractal Design Define S
    Cooling
    Cooler Master TX3 i
    Keyboard
    Func KB-460 (MX Red)
    Mouse
    Corsair Gaming M65 RGB
    Browser
    Google Chrome
    Antivirus
    Bitdefender Total Security 2017 + MBAM Pro + MBAE Pro
    Other Info
    Creative Sound Blaster Tactic3D Rage V2 headset
Check your IE's default SEARCH ENGINE, default homepage and add-ons. The "search" button looks like a bing copycat.

You can also try scanning your computer with Trend Micro Internet Security or the latest version of Malwarebytes.
 

My Computer

System One

  • OS
    Windows 7
Check your IE's default SEARCH ENGINE, default homepage and add-ons. The "search" button looks like a bing copycat.

You can also try scanning your computer with Trend Micro Internet Security or the latest version of Malwarebytes.

The latest version of MBAM gave no result and the settings are already checked.

Fordtman, try online scanners if you haven't already when you're seeing that page.
 

My Computer

System One

  • OS
    Windows 10 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Custom build
    CPU
    i5-6500 @3.20GHz
    Motherboard
    Gigabyte B150-HD3P-CF
    Memory
    16GB DDR4 2133 Crucial Ballistix Sport LT
    Graphics Card(s)
    MSI GeForce GTX 1060 GAMING X 6G
    Sound Card
    Built-in
    Monitor(s) Displays
    Liyama ProLite XB2483HSU-B2
    Screen Resolution
    1920 x 1080
    Hard Drives
    Crucial MX200 500GB & Toshiba DT01ACA300 3TB
    PSU
    Corsair RM550x
    Case
    Fractal Design Define S
    Cooling
    Cooler Master TX3 i
    Keyboard
    Func KB-460 (MX Red)
    Mouse
    Corsair Gaming M65 RGB
    Browser
    Google Chrome
    Antivirus
    Bitdefender Total Security 2017 + MBAM Pro + MBAE Pro
    Other Info
    Creative Sound Blaster Tactic3D Rage V2 headset
My apologies for the delayed reply, I have been running some diagnostic and fixes suggested by Malware but no luck so far.
MCPlayer, thanks for the reply. Sorry it was a typo, I did run Vipre and deleted the temp files as you suggested but no result though.
Axe0: the offending page seemed to have something to do with the malware cdn.adsrvmedia.net so I ran Adwcleaner earlier but it did not remove the malware. I also ran a few other cleaners suggested by Malware (Farbar, JRT, DrWeb). I installed Chrome and found that the malware does not occur on Chrome, only on IE. When I set Chrome as my default browser a new malware message appeared informing me that IE was not my default browser so IE has definitely been hacked. Removing IE and reinstalling may cured the problem but are far as I am aware all you can do is turn IE off in Windows 8.1, that stops the malware appearing but doesn't remove it.
The malware appears to come from an advertising website shown in the attached file.
I think I am going to have to blow Windows 8.1 away and re-install.
 

Attachments

  • full_page.txt
    1.8 KB · Views: 64

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    PC/Desktop
    CPU
    Intel Core i5 3570K
    Motherboard
    ASUS
    Memory
    16GB
    Browser
    Internet Explorer 11
    Antivirus
    Windows Defender
Try adware removal tool.
(no link via mobile)
It terminates almost every process and removes all the adware it knows. Be aware that it may remove too much if you haven't terminated enough before using it.
 

My Computer

System One

  • OS
    Windows 10 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Custom build
    CPU
    i5-6500 @3.20GHz
    Motherboard
    Gigabyte B150-HD3P-CF
    Memory
    16GB DDR4 2133 Crucial Ballistix Sport LT
    Graphics Card(s)
    MSI GeForce GTX 1060 GAMING X 6G
    Sound Card
    Built-in
    Monitor(s) Displays
    Liyama ProLite XB2483HSU-B2
    Screen Resolution
    1920 x 1080
    Hard Drives
    Crucial MX200 500GB & Toshiba DT01ACA300 3TB
    PSU
    Corsair RM550x
    Case
    Fractal Design Define S
    Cooling
    Cooler Master TX3 i
    Keyboard
    Func KB-460 (MX Red)
    Mouse
    Corsair Gaming M65 RGB
    Browser
    Google Chrome
    Antivirus
    Bitdefender Total Security 2017 + MBAM Pro + MBAE Pro
    Other Info
    Creative Sound Blaster Tactic3D Rage V2 headset
Axe0 thanks for the pointer to Adware Removal Tool, unfortunately they are updating their software and it won't be available for another week. This malware is really embedded into IE and as I am running Windows 8.1 I can't delete IE completely and re-install it from scratch I can only turn it off and when I turn IE back on after a reboot etc the malware reappears (this is a Microsoft "feature"). I could run Chrome and just leave IE turned off but because application access to IE at a low level is still available who knows what is going on behind the scenes. I am going to re-install Widows 8.1 from scratch as it seems to be the only way to get rid of the malware.

Anyway thanks everyone for your help, it was much appreciated.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    PC/Desktop
    CPU
    Intel Core i5 3570K
    Motherboard
    ASUS
    Memory
    16GB
    Browser
    Internet Explorer 11
    Antivirus
    Windows Defender
Had to resort to a re-install of Windows 8.1 to remove IE hack. My computer is now clean. Thanks All.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    PC/Desktop
    CPU
    Intel Core i5 3570K
    Motherboard
    ASUS
    Memory
    16GB
    Browser
    Internet Explorer 11
    Antivirus
    Windows Defender
Back
Top