Author Topic: WARNING "CLASS ONE"... and GAME ON!  (Read 11389 times)

0 Members and 1 Guest are viewing this topic.


Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: WARNING "CLASS ONE"... and GAME ON!
« Reply #1 on: April 24, 2018, 12:47:43 pm »
I have no intention of clicking on that link.

Can you post a screen shot ?

Offline Rick

  • Hero Member
  • *****
  • Join Date: May 2013
  • Posts: 829
  • Karma: 2
    • View Profile
Re: WARNING "CLASS ONE"... and GAME ON!
« Reply #2 on: April 26, 2018, 12:39:11 pm »
Clicking on any web page anywhere brings me to other websites...




Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: WARNING "CLASS ONE"... and GAME ON!
« Reply #3 on: April 26, 2018, 01:25:41 pm »
It sounds like you've picked up adware.

There are two programs you can use to clean up - AdwCleaner and the free version of MBAM, but I suggest you use IE and reset it to defaults before downloading those two programs.

Resetting it to defaults will get rid of any unwanted add-ons that could belong to adware.

https://www.malwarebytes.com/adwcleaner/

https://www.malwarebytes.com/mwb-download/

Offline Rick

  • Hero Member
  • *****
  • Join Date: May 2013
  • Posts: 829
  • Karma: 2
    • View Profile
Re: WARNING "CLASS ONE"... and GAME ON!
« Reply #4 on: April 27, 2018, 05:43:01 am »
Yes,

Will have a try; have a question;

Whats differences between https://toolslib.net/downloads/viewdownload/83-unhackme and "MWB"

"Seems to be hidden in Firefox"
Using Ublock origins, will remove this program to see the effect! "no effect".
Its extremely dangerous as it could capture the password file in firefox!

https://greatis.com/blog/how-to/cut-off-netutils2016-exe-virus.htm
Seems has a new name and can not delete registry values too...

{"ext":"http://jackhopes.com/ext/zl.sild.js","black_list":["google.com","facebook.com","jackhopes.com","ww-searchings.com"],"include_process_list":["spark.exe","chrome.exe","iexplore.exe","MicrosoftEdgeCP.exe","MicrosoftEdgeCP.ex","MicrosoftEdgeCP.e","MicrosoftEdgeCP.","MicrosoftEdgeCP","MicrosoftEdgeC","MicrosoftEdge","firefox.exe","citrio.exe","launcher.exe","crossbrowse.exe","torch.exe","opera.exe","bobrowser.exe","maxthon.exe","browser.exe","ucbrowser.exe","safari.exe","avant.exe","360se.exe","360chrome.exe"],"log":{"inj":false},"locker":{"enable":false,"url":"http://ww-searchings.com/?r=[UID]","target":{"spark.exe":"","chrome.exe":"","iexplore.exe":"","launchwinapp.exe":"","360se.exe":"","MicrosoftEdgeCP.exe":""}},"hosts":{"match":["v9.com","*.v9.com"],"target":"47.89.13.118"},"redirect":{"match":["www-searching.com/*"],"sig":"dir","target":"http://ww-searchings.com/?sig=dir&r=[UID]&f=[URL]"}}

"Note Zip file .reg keys"

Deleted it using "sysinternals" returned the file too;

Can send to MWB or offer solution

TIA
« Last Edit: April 27, 2018, 06:45:54 am by Rick »

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: WARNING "CLASS ONE"... and GAME ON!
« Reply #5 on: April 27, 2018, 08:31:21 am »
I've never heard of Unhackme but MBAM is usually pretty good but if an infection remains then I would suggest that you register on the www.sysnative.com forum and open a thread in the relevant antimalware section where experts can disinfect your machine.

What is that netutils.zip you have attached - is that the infection that could be passed on to others ?

Offline Rick

  • Hero Member
  • *****
  • Join Date: May 2013
  • Posts: 829
  • Karma: 2
    • View Profile
Re: WARNING "CLASS ONE"... and GAME ON!
« Reply #6 on: April 27, 2018, 10:03:23 am »
Everyone knows ad companies looking for ways to avoid being blocked...

They tried with the best, they will fail with the rest!

FYI, .reg files needed to help companies enable clean fixes, including my favorite tweaking site!

Nice day

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: WARNING "CLASS ONE"... and GAME ON!
« Reply #7 on: April 27, 2018, 10:06:39 am »
Did you try those two programs I'd linked ?

Offline Rick

  • Hero Member
  • *****
  • Join Date: May 2013
  • Posts: 829
  • Karma: 2
    • View Profile
Re: WARNING "CLASS ONE"... and GAME ON!
« Reply #8 on: April 27, 2018, 10:58:22 pm »
Yes,

MWB caught the infection in administrator mode;
BEta testing it for several days to make sure it don't come back

I provide the THE .REG files as some of the sites said to remove the program through normal channels, yet it didn't appear their and .REG keys were locked, could not delete them in ADM mode...

It's time to start the AI reduction act next;

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: WARNING "CLASS ONE"... and GAME ON!
« Reply #9 on: April 28, 2018, 12:38:28 am »
I noticed in the URL you posted in your opening post has Reimage in it.

I don't recommend so called tune up programs like these as they find a lot of stuff wrong with your machine and then ask you to pay for the repairs to be completed.

I inadvertently installed Reimage once and it was a sod to get rid of, although I didn't get any adware bundled with it.