Home > General > Getting rid of ad.xtendmedia and other annoying malware popups

Getting rid of ad.xtendmedia and other annoying malware popups

A week back I started noticing weird popups on the bottom left-hand side of my browser windows. They came up with IE, Firefox and Chrome. They were annoying and actually very easy to click by mistake.  Mousing over these popups showed some links at either ad.xtendmedia.com or ad.yeildmanager.com or fhserve.com.  

In order to get rid of these, as usual I Google-d the above and found a lot of suggestions. Apparently this is quite a well known problem and was considered a virus, since it could actually ‘grow’ and then capture and send cookie information to spam sites! Not good.

I followed the suggestions and solutions offered from different sites including bleepingcomputer.com.  I went ahead and downloaded and ran every single anti-rootkit, anti-malware, anti-spyware mentioned, including TDSKiller, AdwCleaner, MalwareBytes anti-malware and so on and so forth. None of these could even find the virus (if it was indeed that).  I did find one trojan with AVG free edition, but deleting that didn’t exactly help. 

I was honestly contemplating rebuilding my laptop, when I came across this link 


 And that is what helped me resolve the issue!  

If you ever encounter this problem, do this first! Open up your .hosts file. (On Windows 7, this is under Windows\System32\Drivers\etc folder and will need Administrator rights to update.) Check the host file for suspicious entries.  I had the usual redirects for at the top, followed by a whole lot of empty space just as mentioned in the blog above. Scrolling to the bottom and right at the very end of the file were some nasty redirects. If you find such entries in your hosts file, delete all of them and save your changes.  

And ta-da, you are now home-free. No more annoying popups. Whew! 

  1. Michael G.
    May 23, 2013 at 10:08 pm

    Please specify in better detail “Windows\System32\Drivers\etc folder”. Im running windows 8, and when I check into those folders I get to “\drivers” and am unsure where to direct next. If “etc.” is meant as a literal folder name, I don’t see one. What I do see is a boatload of files, alphabetized.

    • June 6, 2013 at 6:50 am

      Hi Michael, Unfortunately I am not on Windows 8 and do not have access to one either.
      I did mean the etc folder as a literal name. Can you ensure that you have the correct privileges to view folder/contents first? How about logging in as admin and doing a search for the host file? Does that bring up anything?

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: