Can't connect to loads of websites + CoinHive Trojan

[=assassin=]

Hi, I've tried on both the Windows 7 PC's I have, and neither can connect to places like google, bing, yahoo, reddit and probably others. In Firefox I get "Did Not Connect: Potential Security Issue" and in Internet Explorer I get "There is a problem with this website's security certificate"

I also appear to have a trojan called coinhive.a or something, and it keeps coming back :/

Any help much appreciated.

[peterb]

Can you connect to any sites using the iP address?

Coinhive is a server side crypto currency miner (uses your OC to mine on behalf of the site owner!). It’s not something I’m familiar with, a quick search indicates that it can be a problem - if you can get to Google, there is lots of info available.

[AGTDenton]

A couple of basic things you can do:

Perform ipconfig /all in command prompt and see what your DNS settings are.
Also perform a tracert in command prompt to google.com and look up those IP addresses.

Sounds like the DNS servers might be or your hosts file are pointing you to nasty sites...

[=assassin=]

Cheers for the replies guys, had a nightmare with it - eventually discovered that it had changed my routers DNS Servers to some chinese ones or something. I further discovered that my other PC which my Dad uses had the Kovter Trojan, and he admitted that he saw a Firefox Update popup that he clicked on, which was probably fake, and it must have started from there. I've ran multiple checks on my own PC, and sicne changing the DNS Servers back to the ones I had before, it seems *touches wood* fine. But I will have to triple check my Dads PC as Kovter sounds particularly nasty....

[AGTDenton]

Cheers for the replies guys, had a nightmare with it - eventually discovered that it had changed my routers DNS Servers to some chinese ones or something. I further discovered that my other PC which my Dad uses had the Kovter Trojan, and he admitted that he saw a Firefox Update popup that he clicked on, which was probably fake, and it must have started from there. I've ran multiple checks on my own PC, and sicne changing the DNS Servers back to the ones I had before, it seems *touches wood* fine. But I will have to triple check my Dads PC as Kovter sounds particularly nasty....

Probably worth considering disabling uPNP, something I've done since it's inception.
You just have to be prepared for NAT issues on gaming (if you game)

[Zak33]

Use this for a double check -

https://www.trendmicro.com/en_gb/for...housecall.html

download the right one (32bit/64bit) and run it.
I keep the icon on my PC and use it to scan regularly.

[badass]

Cheers for the replies guys, had a nightmare with it - eventually discovered that it had changed my routers DNS Servers to some chinese ones or something. I

The source of infection could well be your routers shocking security https://www.helpnetsecurity.com/2019...s-iot-devices/

Check for updated firmware. Look up the model in google with the search term "vulnerabilities"

This has been a known problem in the industry for a couple of decades. Still the consumer router manufacturers create insecure junk.