tommo020788
Thread Starter
- Joined
- Oct 20, 2008
- Messages
- 322
Hello,
I have used adfly for a long time, with a website I designed, but recently when I try to go to the main page adf.ly it redirects to "http://adf.ly/pcQDu" (adfly interstitial advertisement).
I have searched through about:config, I've run a malwarebytes full "threat" scan, found a few "non malicious" things and removed them successfully, but this redirect issue is still ongoing.
Some assistance removing this hijack would be appreciated.
Please see the malwarebytes scan log below:
I have used adfly for a long time, with a website I designed, but recently when I try to go to the main page adf.ly it redirects to "http://adf.ly/pcQDu" (adfly interstitial advertisement).
I have searched through about:config, I've run a malwarebytes full "threat" scan, found a few "non malicious" things and removed them successfully, but this redirect issue is still ongoing.
Some assistance removing this hijack would be appreciated.
Please see the malwarebytes scan log below:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 3/18/2015
Scan Time: 11:11:24 AM
Logfile:
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2015.03.17.08
Rootkit Database: v2015.02.25.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled
OS: Windows 7
CPU: x64
File System: NTFS
User: Boss
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 439639
Time Elapsed: 13 min, 49 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 5
PUP.Optional.Iminent.A, HKU\S-1-5-21-3571148422-2369536656-2276568017-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, Quarantined, [5356f42eabdf0630f4939c125fa407f9],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3571148422-2369536656-2276568017-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, Quarantined, [f8b144de3d4d24126a1e3a74bd46738d],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3571148422-2369536656-2276568017-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, Quarantined, [d4d5f92925650234e0a9c7e741c2af51],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3571148422-2369536656-2276568017-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, Quarantined, [5950ab77fa90be785931733bfe05cf31],
PUP.Optional.Wajam.A, HKU\S-1-5-21-3571148422-2369536656-2276568017-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, Quarantined, [36733ee4a8e254e208839d11ad56f907],
Registry Values: 0
(No malicious items detected)
Registry Data: 1
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds&ts=1411093558&from=smt&uid=WDCXWD10EARX-00PASB0_WD-WCAZA906906969069&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds&ts=1411093558&from=smt&uid=WDCXWD10EARX-00PASB0_WD-WCAZA906906969069&q={searchTerms}),Replaced,[b3f6061c5139eb4be763ebf537ceed13]
Folders: 0
(No malicious items detected)
Files: 3
PUP.Optional.Unizeto, C:\ProgramData\{5c798d0e-bab0-a6ae-5c79-98d0ebab343a}\Gta 5 Keygen.exe, Quarantined, [bfeabb67aedcd95d064430ffc73b10f0],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\UniiDealsa\UniiDealsa.exe, Quarantined, [bfeae43ea9e15adccfb3c36b867cce32],
PUP.Optional.Unizeto, C:\$RECYCLE.BIN\S-1-5-21-3571148422-2369536656-2276568017-1000\$R3208G7.exe, Quarantined, [00a9e33fec9e3df973d70f20c83a3ac6],
Physical Sectors: 0
(No malicious items detected)
(end)