Tweaking.com Support Forums
Main Forum => General Computer Support => Topic started by: Rick on April 24, 2018, 08:59:07 am
-
Clicking on links does this;
http://www.reimageplus.com/lp/teg/index.php?tracking=XML&banner=Feed1_Open1_CN_0.1_TEFNMS2_EMPTY&adgroup=www.genome.jp&ads_name=KEGG%20BRITE%20Anatomical%20Therapeutic%20Chemical%20ATC%20Classification&keyword=direct&xml_uuid=A3BE1507-7242-421D-89E4-5052287622B6&nms=2&lpx=tef
Curious how to get rid of this?
-
I have no intention of clicking on that link.
Can you post a screen shot ?
-
Clicking on any web page anywhere brings me to other websites...
-
It sounds like you've picked up adware.
There are two programs you can use to clean up - AdwCleaner and the free version of MBAM, but I suggest you use IE and reset it to defaults before downloading those two programs.
Resetting it to defaults will get rid of any unwanted add-ons that could belong to adware.
https://www.malwarebytes.com/adwcleaner/
https://www.malwarebytes.com/mwb-download/
-
Yes,
Will have a try; have a question;
Whats differences between https://toolslib.net/downloads/viewdownload/83-unhackme and "MWB"
"Seems to be hidden in Firefox"
Using Ublock origins, will remove this program to see the effect! "no effect".
Its extremely dangerous as it could capture the password file in firefox!
https://greatis.com/blog/how-to/cut-off-netutils2016-exe-virus.htm
Seems has a new name and can not delete registry values too...
{"ext":"http://jackhopes.com/ext/zl.sild.js","black_list":["google.com","facebook.com","jackhopes.com","ww-searchings.com"],"include_process_list":["spark.exe","chrome.exe","iexplore.exe","MicrosoftEdgeCP.exe","MicrosoftEdgeCP.ex","MicrosoftEdgeCP.e","MicrosoftEdgeCP.","MicrosoftEdgeCP","MicrosoftEdgeC","MicrosoftEdge","firefox.exe","citrio.exe","launcher.exe","crossbrowse.exe","torch.exe","opera.exe","bobrowser.exe","maxthon.exe","browser.exe","ucbrowser.exe","safari.exe","avant.exe","360se.exe","360chrome.exe"],"log":{"inj":false},"locker":{"enable":false,"url":"http://ww-searchings.com/?r=[UID]","target":{"spark.exe":"","chrome.exe":"","iexplore.exe":"","launchwinapp.exe":"","360se.exe":"","MicrosoftEdgeCP.exe":""}},"hosts":{"match":["v9.com","*.v9.com"],"target":"47.89.13.118"},"redirect":{"match":["www-searching.com/*"],"sig":"dir","target":"http://ww-searchings.com/?sig=dir&r=[UID]&f=[URL]"}}
"Note Zip file .reg keys"
Deleted it using "sysinternals" returned the file too;
Can send to MWB or offer solution
TIA
-
I've never heard of Unhackme but MBAM is usually pretty good but if an infection remains then I would suggest that you register on the www.sysnative.com forum and open a thread in the relevant antimalware section where experts can disinfect your machine.
What is that netutils.zip you have attached - is that the infection that could be passed on to others ?
-
Everyone knows ad companies looking for ways to avoid being blocked...
They tried with the best, they will fail with the rest!
FYI, .reg files needed to help companies enable clean fixes, including my favorite tweaking site!
Nice day
-
Did you try those two programs I'd linked ?
-
Yes,
MWB caught the infection in administrator mode;
BEta testing it for several days to make sure it don't come back
I provide the THE .REG files as some of the sites said to remove the program through normal channels, yet it didn't appear their and .REG keys were locked, could not delete them in ADM mode...
It's time to start the AI reduction act next;
-
I noticed in the URL you posted in your opening post has Reimage in it.
I don't recommend so called tune up programs like these as they find a lot of stuff wrong with your machine and then ask you to pay for the repairs to be completed.
I inadvertently installed Reimage once and it was a sod to get rid of, although I didn't get any adware bundled with it.