URL redirection Hijack

tommo020788 · Mar 17, 2015

Hello,
I have used adfly for a long time, with a website I designed, but recently when I try to go to the main page adf.ly it redirects to "http://adf.ly/pcQDu" (adfly interstitial advertisement).

I have searched through about:config, I've run a malwarebytes full "threat" scan, found a few "non malicious" things and removed them successfully, but this redirect issue is still ongoing.
Some assistance removing this hijack would be appreciated.

Please see the malwarebytes scan log below:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/18/2015
Scan Time: 11:11:24 AM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2015.03.17.08
Rootkit Database: v2015.02.25.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 7
CPU: x64
File System: NTFS
User: Boss

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 439639
Time Elapsed: 13 min, 49 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.Iminent.A, HKU\S-1-5-21-3571148422-2369536656-2276568017-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, Quarantined, [5356f42eabdf0630f4939c125fa407f9],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3571148422-2369536656-2276568017-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, Quarantined, [f8b144de3d4d24126a1e3a74bd46738d],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3571148422-2369536656-2276568017-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, Quarantined, [d4d5f92925650234e0a9c7e741c2af51],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3571148422-2369536656-2276568017-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, Quarantined, [5950ab77fa90be785931733bfe05cf31],
PUP.Optional.Wajam.A, HKU\S-1-5-21-3571148422-2369536656-2276568017-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, Quarantined, [36733ee4a8e254e208839d11ad56f907],

Registry Values: 0
(No malicious items detected)

Registry Data: 1
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds&ts=1411093558&from=smt&uid=WDCXWD10EARX-00PASB0_WD-WCAZA906906969069&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds&ts=1411093558&from=smt&uid=WDCXWD10EARX-00PASB0_WD-WCAZA906906969069&q={searchTerms}),Replaced,[b3f6061c5139eb4be763ebf537ceed13]

Folders: 0
(No malicious items detected)

Files: 3
PUP.Optional.Unizeto, C:\ProgramData\{5c798d0e-bab0-a6ae-5c79-98d0ebab343a}\Gta 5 Keygen.exe, Quarantined, [bfeabb67aedcd95d064430ffc73b10f0],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\UniiDealsa\UniiDealsa.exe, Quarantined, [bfeae43ea9e15adccfb3c36b867cce32],
PUP.Optional.Unizeto, C:\$RECYCLE.BIN\S-1-5-21-3571148422-2369536656-2276568017-1000\$R3208G7.exe, Quarantined, [00a9e33fec9e3df973d70f20c83a3ac6],

Physical Sectors: 0
(No malicious items detected)

(end)

Click to expand...

Log in or Sign up

URL redirection Hijack

tommo020788 Thread Starter

Welcome to Tech Support Guy!

New Hijacked

New Laptop plagued by browser hijacker....help!

Log in or Sign up

URL redirection Hijack

tommo020788 Thread Starter

Welcome to Tech Support Guy!

New Hijacked

New Laptop plagued by browser hijacker....help!

Useful Searches