5
This is so weird and random that I have a problem explaining it fully. Since yesterday, those behaviors started:
Some pages in Chrome are be always redirected to:
If I open the same page right now in another browser, or even private browsing in Chrome, it works.
Some websites, after some time, just stop being reachable. Even with ping
.
For example, Facebook.
I had it open and using ten minutes ago, and now a tracert
says
Unable to resolve target system name www.facebook.com
On Firefox it starts a search on Yahoo with the website as subject.
I have right now a stream going and it doesn't have any problem, unless I refresh the page. Disabling and re-enabling the connection seems to solve the issue for some time, on some websites.
I tried changing the DNS to Google DNS to no avail. I have the firewall on, and Avast running all time.
Let's take the example of twitch.tv, which is a website I can never reach on normal Chrome, but I can reach on private browsing Chrome and Firefox.
If I ping it, I get a timeout.
If I do a tracert
this is what I get:
1 <1 ms <1 ms <1 ms 192.168.2.1
2 <1 ms <1 ms <1 ms 192.168.1.2
3 20 ms 19 ms 19 ms 2-234-97-1.ip222.fastwebnet.it [2.234.97.1]
4 19 ms 18 ms 18 ms 10.6.105.66
5 * * * Request timed out.
6 * * * Request timed out.
By pure chance, I disabled the Avast! Shield, and what I got was a redirection to a page that permitted me to identify the virus as a ransomware. A variation of Trojan.Ransomlock
The page shows a fake "police" page:
Apparently Avast was intercepting and blocking the redirect, so what I got was "Error 324 NO DATA RECEIVED" from Chrome. Still can't explain the kind of behaviour.
I'm on Windows 7.
well, now when it redirects me, it's redirecting to http://law-enforcement-jjc.s1.lv/js which makes me think more of a virus. Still, can't find any info and my av is drawing blanks....
– Duralumin – 2014-07-18T19:41:16.863and back to http://system-check-zagcqrhq.in/
– Duralumin – 2014-07-18T20:05:15.303Do you get the same issues when using a different browser? – and31415 – 2014-07-19T09:47:37.723
@Arjan it's in the system for sure, but it's quite hard to eradicate. Going to reinstall today.No, chrome doesn't give any warning, just a 324, but I'm sure it's because of the antivirus. The problem with finding it out was because of the erratic behavior. – Duralumin – 2014-07-21T12:20:13.457
@Arjan Ah, sorry for the misunderstanding. I was sure it was a ransomware because the page i got redirected to was a fake police (Carabinieri, actually) page asking me to pay a fine. (screenshot not mine) : http://i61.tinypic.com/k4gvtk.jpg
– Duralumin – 2014-07-21T12:35:17.083Any chance Firefox is not doing the redirect to Yahoo! when Avast is disabled? (Maybe Firefox defaults to a search when it doesn't get a response, and if so: the problem might still be with some extension ONLY in Chrome, not system wide, which then might also explain why incognito browsing is fine.) What about Internet Explorer? – Arjan – 2014-07-21T12:52:09.093
See also http://malwarefixes.com/remove-system-check-cabhpfuv/ (I don't know if that site can be trusted.)
– Arjan – 2014-07-21T12:57:22.910@Arjan Yes, I thought the same about firefox.IE, at least with twitch, was ok.First thing I did was remove all the extensions and reinstall chrome. – Duralumin – 2014-07-21T13:02:02.767
"I thought the same about firefox" -- but did you try? (Also, please respond to gronostaj's answer.) – Arjan – 2014-07-21T13:50:53.547
No, I didn't try, but as I said, with firefox the behavior is even more erratic, so it's more difficult to test. Should we move this to chat? – Duralumin – 2014-07-21T14:11:03.017
"as I said, with firefox the behavior is even more erratic" -- all I read in the question is that it redirects to a Yahoo! search, probably only if your virusscanner blocks access. If I were you, I'd want to know if it's just Chrome, or if a full system reinstall is needed... – Arjan – 2014-07-21T16:46:53.740
Even if it was only Chrome, having fully uninstalled it with Revo Uninstaller, and reinstalled it, I would say that a windows reinstall was still the best thing. I didn't try explicitly without the Avast Block, but still, firefox is not working, chrome is not working, ping is not working, tracert is not working. Other PCs don't have problems. I would say that it's not a Chrome only problem, without needing more evidence. – Duralumin – 2014-07-22T07:01:46.197