How can I remove tradeadexchange malware?

Carnationlilyrose wrote:

I'll keep on surfing on Chrome for a while to see if it comes back, then if it does, I'll try Safari.

Sounds like a good plan. I'd definitely like to hear what your results are. I'll keep an eye on this topic, but if you ever want to get hold of me personally with questions, feel free to e-mail me at thomas at thesafemac dot com. (I'm spelling it out so spambots don't harvest the address and send me a bunch of spam!)

I'm still running Sophos, and it has picked something up, so I will report back when the scan is finished.

Once Sophos is done, don't remove anything yet. Report back here with what it found, including both the name that it calls whatever was detected and the path to the file that it thinks is malicious. If you toggle the little triangle next to Threat Details below the list of detections, that will give you more information about whatever was detected.

Once we know what was detected, we can tell you the proper means for disposing of it.

Shall I delete Sophos now?

Yes.

I don't suppose there is any point in keeping it, is there?

There was no point in installing it, so there's no point in keeping it, either.

Carnationlilyrose wrote:

Shall I delete Sophos now? I don't suppose there is any point in keeping it, is there?

You should be fine to uninstall it, yes.

WZZZ your fine remarks needed in this thread:

Scammer gained remote access to macbook

Lex

Feel free to copy and paste.

Already said it in my way. Last days reprimands certainly already helped a bit.

Dude!!

You are a star.

Hi ,

I have tried all of this and did not work. I goggled and found this could be due wifi router / modem being infected.

This worked for me. Here is what i did:

1) Hard Reset my Wifi Router

2) Changed its password.

3) I cleaned the Safari browser cache as explained above on my device (iphone / ipad)

4) Forced restart the device.

5) Repeated the same for all by other devices ( issue with connected world / connected devices) 😉.

6) I had some android devices as well using the same router . Did the same for each device

Let me know if the above solved ur issue.

Regards,

Robin

Recently got infected with this tradeadexchange.com advt virus. All my devices (iPad, 2 android phones) using the wifi connection were getting auto routed to random advt urL. So this can't be device specific problem, must be something common like router or modem. Tried clearing cache, history, etc. will work temporarily only, won't resolve.

Read that it's got to do with router/modem. Opened the respective devices setup url like 192.168.1.1. Look at the Dns servers specified in the settings (under advanced). on my modem device, both primary and secondary dns server were specified as something like 33.*.*.* which lookup showed as UK servers. Change to auto select and make sure in the status page same is updated. For wifi router do the same changes, some will allow to manulily specify if yes you may use google public dns server like 8.8.8.8 and 8.8.4.4. Exact steps may differ by device. Reboot the devices to update. Also clean up the browser cache, reset browser settings to mare sure no trace are left.

also recommend to change the default admin password so that settings can't be changed easily. Not sure how devices got infected but it's possible someone can use default admin username and password.

hope it helps, it's working so far for me, no more irritating re-routing.

ps: had tried using anti malware bytes, it won't detect, reports no malware found cause device directly is not infected.

If you are using Safari browser try the method mentioned in this video and it will probably solve the problem.

https://www.youtube.com/watch?v=ZsSpuIwSSbY

It worked flawlessly for me.