Related
Hey guys, I'm currently using a HTC sensation with the default browser.
The other day a website I was on redirected me to an untrustworthy site which then (via javascript) started an automatic download (virus) I quickly killed my connection and deleted the partial download.
So on my PC I run Google chrome with a "click to play" plugin to avoid rogue javascripts, I am looking for something similar for my phone.
I know chrome is available for my phone however it does not support flash player which is a requirement, I am aware my current browser has a "on demand" option for plugins but I have tested it and it doesn't work.
I tried opera today and couldn't get along with it.
Could anyone tell me the best way to control what gets downloaded from websites on my phone.
Thankyou in advance for any helpful replies. D
I mean, maybe I have been amiss, but I was under the longstanding impression that hijacks, viruses, and all such malware really didn't effect Linux systems. Like, at all.
Well I don't know much about these operating systems but an executable that downloads itself is not something I want on my phone, regardless of its capabilities.
It was an android application package I do not know if its able to extract itself or if it relies on the user to click on it in the download section, don't know what it installs but I'd rather not find out.
Hello,
I once considered asking XDA for suggestions about this, and so I'm doing now, as maybe you can share a few ideas on how that can be acheivable, if possible at all;
This is a serious request, while I believe that I'm no addict or anything - I have self control, but emh, trying to quit;
Thing is I'm doing this for myself as a matter of self-control - First I would like to mention rooting my device was really useful (Rooted Android devices since 2011), as it allowed me to modify my hosts file and block a few common websites first, which did worked really well, especially the first few days/weeks. Once a site is blocked in the hosts file, there's no going back, I never removed any site from it. (If I was doing this, I'm not not helping myself anyway. So that's why I never change it back. I mean, everytime you'd want to fire up your browser, you would just remember, sorry man, that site is blocked now. That work.
But obviously, hosts file has it's flaws, since I couldn't filter https websites from it, and I even wonder if it's possible doing this. Also made me really wish it could support wildcards, or ANYTHING can be used to block sites using wildcards, to block as many as possible. like, blocking http:..*porn* , or anything else (I know what keyword to filter to make that work best).
Or alternatively, I would have attempted something else long ago (Did this on PC using Leachblock, but on a different purpose/topic, focussing to study stuff), blocking this URL with wildcard: google.ca/*porn*
By blocking the search engine using wildcards and a few common keywords I usually use, I would imagine that CAN be done. But just not sure how to do it, especially with wildcards, which is probably essential.
Alternatively: block the whole Opera browser from, 22PM to 8PM (Only browser I have installed)? How? (I've thought of Tasker, or planified Titanium Backup task... Freezing Opera?) Of course this wouldn't prevent me from installing a different browser, but like I've mentionned, by installing a different browser, you choose to give up on all this effort. I don't do that, like I don't modify my hosts file back. Of course it would be so easy using root to delete or JUST rename the hosts file to disable it for a while, but I don't think that really matter, it's effort related, like I've mentionned. I was thinking of setting a password asking for deletion or anything.. Only way I thought was to input a random PIN I did not know to SuperSU, but now that prevent me from allowing every root apps.
Even by installing APKs, they can be uninstalled... Even if they ask for admin rights, even if removing admin rights requires a password (Cerberus is the only one I know who does this).. The APK could just be removed from the partition heh;
Of course, flashing ROMs to bypass this is out of the question - I could do that, but as usual you're not helping yourself, and I'm not such a freak XD Waiting 10 minutes to restore a different ROM / Nandroid backup, I mean, usually the urge would fade anyway. Well.
Aware that there would be no bulletproof way to prevent accessing such sites for sure, but maybe you are open to share some ideas, Android related huh; I believe that the more stuff I put to prevent access, the more that help, and the less you are tempted of doing the effort to bypass. Still, modifying the hosts files was a HUGE first step (I don't think I could have started without doing this).
Thank you for maybe sharing your thoughts
sonic110 said:
Even by installing APKs, they can be uninstalled... Even if they ask for admin rights, even if removing admin rights requires a password (Cerberus is the only one I know who does this).. The APK could just be removed from the partition heh;
Click to expand...
Click to collapse
Qustodio and Netspark and netnanny and tones of other apps require a password when removing admin...
Netspark will also make sure that you won't be able to uncheck device admin in safe mode...
Have someone else setup password on your device on site blocking software.
Hey there ,
my office computer got infected with some sort of adware evil thing ,
Once or twice a day , when browsing to a website (no matter which) I get an iFrame with an overlay saying : "sponsored by [url I'm browsing to] and then it redirects me to some kind of an full page ad for some sort of naughty online gaming (I forgot the name but next time it happens I'll update here).
Anyway , this is the iframe html :
HTML:
<div class="asgds_content"><div class="asgds_header"><button class="asgds_close">x</button><h4 class="asgds_title">Sponsored by google.com </h4></div><div class="asgds_body"><iframe src="https://extsgo.com/view/teasers?id=191753" style="height: 873px; width: 100%;"></iframe></div><div class="asgds_footer"><button class="asgds_close_text">Close</button></div></div>
searching google for extsgo.com/view/teasers gives me nothing...
using chrome 53.0.2785.143 m on Windows 8.1
Who can help me with removing this stupid thing?
Thanks a lot.
Full Screen Flash might be the culprit?
I've had the same problem. I noticed when I uninstalled Full Screen Flash that it redirected me to extsgo.com as well... given some of the reviews intermittently complaining of advertising redirects, I think it's a distinctly possible culprit. Do you have that extension installed?
For what it's worth, this happened on both my home and work machines and Chrome is the only thing really shared between them. Home has MalwareBytes and McAfee, work has Trend Micro. No malware hits on either end, so I'm quite certain that some Chrome extension or another is responsible.
i had full screen flash shut it off and it solved the problem
well ,
it must be something else , since I never heard about this chrome extension...
Would appreciate more ideas about this issue.
Thanks
Hey ,
I think I got the name of this adware , it's called adnow , any reliable removal tool / guide?
Thanks
Me too
I have managed to end up with this thing too. I've seen it injected into both a site I'm hosting locally and sites across the web (both in Chrome; not seeing it injected when I'm in Firefox). I did not notice it until recently, as I typically use EFF's Privacy Badger, which blocks the actual injection script from loading. I've seen it block requests to extsgo.com and st.adxxx.com, neither of which is related to the local build of the project I'm working on where I see it injected.
It's definitely something (presumably an extension) that is getting synced via Chrome sync as I've noticed it in a Windows 10 installation on one machine and within a Linux VM inside a Windows 7 host OS on a different machine. All software fully up to date.
I see nothing I'm not expecting in terms of extensions and I do not have the "Full screen Flash" extension. Windows Defender has not found anything on the Win 10 install, nor on the Windows 7 one.
Is it perhaps another extension that got hijacked? I know sometimes developers sell extensions and malware makers acquire them for the instantly-installed userbase. Everything in the Chrome Web Store is supposedly scanned, of course, so who knows.
Anyone have any other ideas?
Thanks!
~tw
---------- Post added at 02:13 PM ---------- Previous post was at 01:19 PM ----------
Insert jQuery (not including link; you'll know if you have it) appears to have been the culprit extension. The behaviour I was seeing is consistent with this description: gist.github.com/jimbo1qaz/bc73a2491f0c39b7f206359f089dd79c complete with the redirection to a shady fake magazine URL when I uninstalled Insert jQuery, the issues went away. So this is consistent with a rash of extensions getting updated with updates that include new malware. I originally intended to install that extension....several years ago. I've been using it occasionally ever since.
(My) case closed.
This just happened to me as well. Exactly once on my work computer, then once on my home computer a few hours later, different sites. Both chrome, but different accounts and mostly different extensions. I'll compare extension lists and post the common ones when I get back to my work computer tomorrow. But I don't have either of the mentioned extensions installed.
This thread was the only google result for the url.
Edit: googling the id of the modal div, "asgds_modal", leads to a reddit thread with a few people complaining. They pointed out two new extensions, "http headers" and "w3schools hider". I'm guessing my culprit is the http headers one, as it is on both my computers.
I figured it out.
Live HTTP Headers extension is the culprit. A couple of days ago I checked that it was giving a 404 error for the JS script it was requesting from an AWS server. I thought some one would buy it. And the same thing happened I guess. The chrome web store page is not working for that extension. Most probably because it is removed. But, you people should uninstall that from your chrome browsers.
ant96 said:
Live HTTP Headers extension is the culprit. A couple of days ago I checked that it was giving a 404 error for the JS script it was requesting from an AWS server. I thought some one would buy it. And the same thing happened I guess. The chrome web store page is not working for that extension. Most probably because it is removed. But, you people should uninstall that from your chrome browsers.
Click to expand...
Click to collapse
Thank you man, you're my hero.
Hi guys!
I really need your help here please
I seem to have encountered a similar problem as you but i don't have the header http extension you all talked about
it's happen to me only on chrome in different sites, i get this "sponsored by adnow" ads
and i'm not sure what to do, it's on the exact same place where outbrain or taboola show their ads, and its cover it.
i think but not sure that the div id is sc_tblock_319318 and from what i understand it's block the original ad(by outbrain in this case and then it recreate a new one
Is there anyone here who could help me please? really i tried almost every thing...
sorry if my english is not perfect
and thanks in advance!
Is there a way to go past the website's UA checks and always load their desktop versions instead of mobile? Asking because I already set in the preferences of all my phone browsers to always load the full desktop version and still, many websites somehow know I'm using a mobile device and force the mobile version.
Anyone found solution for Dolphin or Boat browsers? I've read about "about:debug" and "about:useragent" showing extra UA menu elements which in my case does nothing (android 6). I was also unable to find an user agent switching app that could always force Desktop parameters to the websites.
Even if there's no immefiate solution, I would like to know the principle websites choose which version to load irrespective to browser settings. Is it network/data/service provider settings, or specific browser/resolution signature? Thanks a lot for any ideas.
Menergy said:
Is there a way to go past the website's UA checks and always load their desktop versions instead of mobile? Asking because I already set in the preferences of all my phone browsers to always load the full desktop version and still, many websites somehow know I'm using a mobile device and force the mobile version.
Anyone found solution for Dolphin or Boat browsers? I've read about "about:debug" and "about:useragent" showing extra UA menu elements which in my case does nothing (android 6). I was also unable to find an user agent switching app that could always force Desktop parameters to the websites.
Even if there's no immefiate solution, I would like to know the principle websites choose which version to load irrespective to browser settings. Is it network/data/service provider settings, or specific browser/resolution signature? Thanks a lot for any ideas.
Click to expand...
Click to collapse
If the problem is website's UA check, often you can choose an AdWay or something similar, on my phone i'm surprised to see as "auto check" some pop up, check and box.
But for what never stop working, that's need update every day...
There isn't much you can do in this case.
Sometimes in some browsers you've an option with whitelist or other but I do believe they can be related to the mobile display or desktop of a particular site.
Maybe there is an add-on xposed or plugin that I don't know
My problem is that some websites force the mobile version no matter what, as well as lack on services that I need in there, and you couldn't circumvent that in any way.
Yesterday I had to verify an email address and tried with all the browsers I have on my phone (like 5 different). They were all set to display the desktop version and all were forced into the mobile. But on the mobile you couldn't verify the link, probably on purpose (security if on mobile device), and I would not have access to laptop/desktop browser by the evening. The same is with many other features/missing services on forced mobile websites so I want to find a way to have full functionality when on the go.
Does AdWay have options for influencing data the browser notifies to the websites? Anything similar to Mozilla-code based Random Agent Spoofer browser add-on where you can basically force the browser to inject any incorrect data and prevent other data leaking while browsing? Any special cookie mechanisms inherent to mobile browsers only?
Alternatively, can I access browser settings with something like about:config/debug or else? Dolphin, Boat, others? I am sure the browser notifies the correct desktop user agent, there's something else, probably very simple, that tells websites the connection is from a portable device...
Menergy said:
My problem is that some websites force the mobile version no matter what, as well as lack on services that I need in there, and you couldn't circumvent that in any way.
Yesterday I had to verify an email address and tried with all the browsers I have on my phone (like 5 different). They were all set to display the desktop version and all were forced into the mobile. But on the mobile you couldn't verify the link, probably on purpose (security if on mobile device), and I would not have access to laptop/desktop browser by the evening. The same is with many other features/missing services on forced mobile websites so I want to find a way to have full functionality when on the go.
Does AdWay have options for influencing data the browser notifies to the websites? Anything similar to Mozilla-code based Random Agent Spoofer browser add-on where you can basically force the browser to inject any incorrect data and prevent other data leaking while browsing? Any special cookie mechanisms inherent to mobile browsers only?
Alternatively, can I access browser settings with something like about:config/debug or else? Dolphin, Boat, others? I am sure the browser notifies the correct desktop user agent, there's something else, probably very simple, that tells websites the connection is from a portable device...
Click to expand...
Click to collapse
I use "user agent switcher" for chrome and it always works. It requires root though.
Can you provide an example of a website that refuses to show the desktop version?
And additionally, your build.prop contains your device's information. The browser might be transmitting that information to the website.
Thank you, the build.prop info was very helpful. I am not rooted yet as I've got my new phone just less than a month ago so still exploring, but can't really find the file, even among the hidden files on the internal memory. I will explore more and see how it goes.
I am in the UK so for example one of the websites that always loads the limited mobile instead of desktop version is the one of my service provider, EE, ee. co. uk (apologies for the intervals, I'm otherwise not allowed to post it). This mobile version is too basic and 60% of what you could do on a desktop version is cut. I've been on Three Mobile and sometimes I could get their full website working, sometimes not. Other websites are let's say bbc. co. uk and other media/news/bank websites that know, no matter browser settings, you are accessing them from a portable device.
Unfortunately I do not trust Google and any of their products so avoid voluntarily and (un)intentionally handing any personal data over to them. I would have used Mozilla for Android if it was close to the functionality Boat and Dolphin browsers provide. I even contacted the Dolphin team having previously assisted them but have got no feedback whatsoever. There must be a way for editing these unusual browser settings, but as pointed out above, I suspect it has something to do will submitting device ID info from within system folders. Thus probably only browser developers could tell us how the problem could be circumvented (and hopefully at least for now, with no root).
Or the developers of addons such as the Random Agent Spoofer or the user agent switchers.
Menergy said:
Thank you, the build.prop info was very helpful. I am not rooted yet as I've got my new phone just less than a month ago so still exploring, but can't really find the file, even among the hidden files on the internal memory. I will explore more and see how it goes.
I am in the UK so for example one of the websites that always loads the limited mobile instead of desktop version is the one of my service provider, EE, ee. co. uk (apologies for the intervals, I'm otherwise not allowed to post it). This mobile version is too basic and 60% of what you could do on a desktop version is cut. I've been on Three Mobile and sometimes I could get their full website working, sometimes not. Other websites are let's say bbc. co. uk and other media/news/bank websites that know, no matter browser settings, you are accessing them from a portable device.
Unfortunately I do not trust Google and any of their products so avoid voluntarily and (un)intentionally handing any personal data over to them. I would have used Mozilla for Android if it was close to the functionality Boat and Dolphin browsers provide. I even contacted the Dolphin team having previously assisted them but have got no feedback whatsoever. There must be a way for editing these unusual browser settings, but as pointed out above, I suspect it has something to do will submitting device ID info from within system folders. Thus probably only browser developers could tell us how the problem could be circumvented (and hopefully at least for now, with no root).
Or the developers of addons such as the Random Agent Spoofer or the user agent switchers.
Click to expand...
Click to collapse
The build.prop is a text file which should be located in system/ folder. And you usually can't view the contents of that folder without root, so that's why you haven't been able to find it.
I visited ee.co.uk using chrome, and I was able to switch between the mobile and desktop version of the site without any issues, even without using the UA changing app. All I did was select "request desktop site" from the side menu.
I tried using CM's stock browser though, and just like you experienced, the same website refused to load in desktop mode. I even went as far as changing the UA in its settings menu and even that didn't work.
So all that you wrote in the last two paragraphs have been confirmed.
Right now, it's either chrome or root until the devs fix/properly implement their UA changing feature.
I was testing other browsers the whole morning here and finally reluctantly tried Firefox. Somehow its Android version never impressed me or was too buggy for me when tested before. Probably because just before going for it I tried Pale Moon and have seen that I can readily edit just about everything via about:config. The Pale Moon's UI settings menu was however completely missing (probably a bug), along with no other controls, so I had to skip it.
So I am glad to report that using Firefox's "Request desktop website" option I finally was able to load desktop versions of websites that were forcing me to always have their mobile one instead. This means that Firefix for now becomes my main browser. As suggested by you, I tried first with Chrome but with no success (using its internal user agent options). There were a few Chrome user agent switchers in the market but although some of them did not explicitly require root, upon starting them they did so I had to uninstall them.
My question yet remains, what exactly tells websites not to load full version, even if browser's user agent reports the correct values. I will leave this to me as I go deeper into this. Glad to have got what I wanted
Thanks a lot for all your help.
Just to add for all having my problem and using Firefox for Android.
By default Firefox will always load the mobile website version and every time you will need to tick "Request desktop site" if you dislike it. As I do, there is an addon called "Desktop by Default" that will always keep the tick on for you. You may instead try creating a new string called "general.useragent.override" adding a desktop OS signature but it won't work (tested by me) for exactly the same websites I had issues with above, so do use the addon instead. It will however work for all other websites that don't have issues with Desktop mode on other browsers.
There is another string that I disabled also called general.useragent.site_specific_overrides.
Tweaking with the Chrome for Android settings seems to require root so Firefox in my case is a God bless. I hope this is helpful to all others with my issue...
I am unable to remove annoying pop coming from any web browser I tried to install and use on my new Xperia Premium XZ including Chrome and Firefox. It looks like my phone gets DNS hijacked and randomly few times a day it pops this message - see attached screenshots.
I tried to Google solution, none I found worked including clearing data and cache of these apps, completely reinstalling them.
I tried premium Adware Malwarebytes and it does not detect anything wrong with the phone.
I also activated premium version of AVG but full scan has not discovered any issues.
At this point I ran out of options.
I can't believe there is no clear explanation anywhere about this so called Four Virus neither reference about it with respect to Oreo 8.0.0.
Am I the only Oreo user which has this issue?
Reseting my phone to factory defaults is last thing I would want but could do. Just trying to see other options before executing such drastic solution.
Any ideas are very appreciated.
Hi there
You caught a simple flu, but u probably need Safe Mode to remove it. Follow instructions here => https://forums.androidcentral.com/a...30081-guide-malware-adware-popup-removal.html
Good luck, and keep us posted,
Van
This is well-known problem, widely described on the Net. There's nothing wrong with your phone. There's no malware on the phone itself, which is why the anti-malware tools do not find anything.
What you see is a result of a server-side problem. Either the web page you were trying to visit got hijacked, or an ad provider that displays ads on that page got hijacked, or some DNS entry got hijacked. They used some kind of server-side exploit to redirect your browser to the above fake page. It is ordinary scareware, trying to scare you into purchasing a piece of software you don't really need (and it is useless crap anyway). If you were visiting a legitimate web site at the time this popup appeared, the site owners are most likely already aware of the problem. They will fix it shortly and the problem will go away.
At this time, just to make sure noting is cached on our phone after they fix the issue, a good idea might be to find your browser app in the app list and as Android to clear app data.