# No facebook, youtube video's won't load, nor Google



## a_ump (Feb 17, 2014)

My water lines busted and I went away for about a week with my woman to her in-laws. We come back and we're having this issue in the title. I can't access facebook, it leads me to a chrome download page which then my Avast(free) reports malicious software. I was trying to watch some gameplay vids of x3 TC, but they won't load. Installed the newest version of adobe flash and still didn't make a difference. I can see the pictures of the video but when I press play "error loading video" comes up. I also can't access google.

Yahoo, bing, any other website works, just not google, facebook, and youtube videos.

I've tried running avast full system scan, nothing. ran malwarebytes and in safe mode and it came up with 4 or so infections (.pup) which I had it rid of my pc. The thing is though its not just my computer, its any device connected to my internet(kindle fire HDX, smartphone, laptop). They all share the same problem above.

I also have tried fully resetting my DSL2+ router/modem and it hasn't solved anything.

Any help would be greatly appreciated.


----------



## FX-GMC (Feb 17, 2014)

Which browser are you using?

If you are being redirected from facebook to a download page then you need to scan for malware.
Malwarebytes free is good for this: https://www.malwarebytes.org/free/
I've also had good results with their AntiRootkit: https://www.malwarebytes.org/antirootkit/


----------



## a_ump (Feb 17, 2014)

I am using chrome. However same issues are present in IE, safari browsers. And as I stated I did run an avast full scan(nothing), avast boot time scan(1 infection), malwarebytes safe mode full scan(4 suspicious), and am currently omw back home to see results of my second malwarebytes scan. I always pick delete when it comes to malicious files. Should I try quarantine? Still doesn't explain why my phone and wife's kindle have the same issue


----------



## DRDNA (Feb 17, 2014)

I go with delete as well. Kindle and phone may be infected as well. Do you remember what Malwarebytes found?


----------



## a_ump (Feb 17, 2014)

well I just got back, the safe mode malware bytes scan came back with no infections found, so whatever it did find before either hid itself better or was removed. Here's the kicker, if we go to her parents(they live down the road and like so see their grandbaby) her kindle aswell as my Moto X phone work just fine. So I'm pretty confident it has to be in my home network. So I feel its either a modem/router bug or infection; however I've never dealt with a network infection, just a computer infection. As I've stated this is everything I've tried so far and their results.

Avast(normal boot) full scan : nothing
Avast boot-time scan            : 1 infection, chose delete
Reset modem/router DSL2+ : turned off, unplugged power cord, internet. Waited reconnected internet then power cord, turned on
MB safe mode full scan         : 4 infections, chose delete
Reset modem/router DSL2+ :turned off, unplugged power cord, internet. Waited reconnected internet then power cord, turned on: 
MB safe mode quick scan     : no infections
MB safe mode full scan         : no infections

So far nothing has helped.

EDIT: Also forgot to mention I heard maybe it could be a nasty virus/Trojan called vundo so I ran VundoFix by atribune in safe mode and normal windows and it found nothing aswell. 

@DRDNA 
here are the results from the one MB scan



> Malwarebytes Anti-Malware (Trial) 1.75.0.1300
> www.malwarebytes.org
> Database version: v2014.02.16.04
> Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
> ...


----------



## _JP_ (Feb 17, 2014)

What is your router's brand+model and have you checked your hosts file?


----------



## a_ump (Feb 17, 2014)

just went to work. Zyxel P663HN, that's my modem/router. Hosts file eh? never heard of it but i'll be sure to dig into it once i get home. What information does it provide?


----------



## _JP_ (Feb 17, 2014)

There have been reports that claim some cheaper routers have an active backdoor that can be used to mess with its settings remotely, thus gaining access to the internal network.
I'm not sure if yours fits in this category, but I'll check. (if I manage to find a list, that is)
The hosts file is where your computer goes to check for address-to-IP translation, before resorting to a name server. This file could be affected by malware and changed to make your connections go where they shouldn't.
The hosts file is located in C:\Windows\System32\drivers\etc (it's only editable outside this folder) and a clean one looks like this:


----------



## DRDNA (Feb 17, 2014)

How to reset Host file back to default.   http://support.microsoft.com/kb/972034

they even have a scripted auto fix available.

Here they show how to edit host file on android to not go to facebook.  http://www.howtogeek.com/140576/how-to-edit-the-hosts-file-on-android-and-block-web-sites/


----------



## remixedcat (Feb 17, 2014)

Some routers made by Sercomm (OEM brand to several manufacturers) have a vulnerability that gets more complex when I hear more about it. Yours could have an issue like that, however I can't locate the technical details on that router pertaining to the OEM on wikidevi. I would need to research that.

Or it could be a new issue entirely. Would'nt suprise me


BTW is your router ISP supplied? Most Zyxels are.


----------



## a_ump (Feb 18, 2014)

DRDNA said:


> How to reset Host file back to default.   http://support.microsoft.com/kb/972034
> 
> they even have a scripted auto fix available.
> 
> Here they show how to edit host file on android to not go to facebook.  http://www.howtogeek.com/140576/how-to-edit-the-hosts-file-on-android-and-block-web-sites/



well here's the other funny quirk. Only my desktop goes to the google chrome download page. android(kindle+Moto X) just say "no data received" or something along those lines. My laptop, which I rarely bring home also had a Trojan and a sh** ton of "pup.optional.X.X" stuff. I'm talking 154 infections according to my malware bytes, however that was due to me trying to find Gmax download, which I got from turbosquid, and turned out to be a nasty infection. I wonder if when I brought it home and it connected it somehow affected the network. The timing would be quite close for it to be the cause.

@jp
going to try the Microsoft Host file fixes and get back to you all. thanks for the help.


----------



## a_ump (Feb 18, 2014)

Well i reset the router to default settings, and then called Frontier(my ISP) and had to re-install the correct settings and walla problem solved. I definitely believe it was the Router/Modem. appreciate all the help guys. As always TPU rocks for tech support, even if its not the right answer, the support is still great.


----------

