Unidentified Website


  1. rjordan393
    Posts : 76
    Windows 7 64 Bit
       New #1

    Unidentified Website


    Hello,
    There is a website on the history page that says I visited it. I did not visit this page on my own; so it must be attached to Internet Explorer or my local news station or to a firefighter forum. Here is what I see:

    s.yimg (s.yimg.com)............When I click on this, I see:
    overlayie-20150109.............When I click on that, I get a blank page. There is also the IE icon just before the word "overlayie".

    I suspect it may be spyware dispite the icon. I use Ccleaner and Norton Security if that helps.

    Does anyone know if this site is legitimate? I have IE 11.
      My Computer
    Quote Quote

  3. Tookeri
    Posts : 1,049
    Windows 7 Pro 32
       New #2

    I know s.ytimg.com is part of YouTube. yimg.com (without the t) is part of Yahoo.

    But there seem to be a browser hijack also with the name s.yimg.com so you could try a scan with:
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Tutorial: Malwarebytes Anti-Malware Free
      My Computer
    Quote Quote

  4. rjordan393
    Posts : 76
    Windows 7 64 Bit
    Thread Starter
       New #3

    Thanks,
    I'll download that program and run it. Then I'll log off and then on to see what happens; especially when I go to a local news site or other locations on the web. I just want to be cautious. I believe there is a national news story about China hacking personal information.
      My Computer
    Quote Quote

  6. ThrashZone
    Posts : 20,583
    Win-7-Pro64bit 7-H-Prem-64bit
       New #4

    Hi,
    You can also use Adwcleaner
    Review Jacee’s instructions to run Adwcleaner here post #7,
    Ignore the title of the thread,
    https://www.sevenforums.com/system-security/316404-instant-savings-app.html
    On the BleepingComputer site use the button that looks like this,

    Post the scan results for review,
    Cheers.
      My Computer
    Quote Quote

  7. rjordan393
    Posts : 76
    Windows 7 64 Bit
    Thread Starter
       New #5

    The program did not identify any malware. So I logged on to Internet Explorer and then checked the history link and s.yimg (s.yimg.com) page followed the Yahoo page. So that site must be linked to Yahoo.
    So my next step is to contact Yahoo and ask if that website is associated with Yahoo.
      My Computer
    Quote Quote

  8. ThrashZone
    Posts : 20,583
    Win-7-Pro64bit 7-H-Prem-64bit
       New #6

    Hi,
    In Internet explorer just add that site to your restricted sites list and see what happens,
    Gear symbol on the top right and Internet options/ Safety
    Click on the large Restricted site icon and then on the Sites button,
    Clear what ever is listed in the sites box and type in the url of the site in question
    Then click on the add button. save and exit.
    Close ie and re-open.

    If something goes weird you can go back and remove the site as easily as you added it.
      My Computer
    Quote Quote

  10. rjordan393
    Posts : 76
    Windows 7 64 Bit
    Thread Starter
       New #7

    I place "s.yimg.com on the restricted list and tested the operation of my computer. Most of everything worked fine except I found that I could not reply to messages until I remove it from the restricted list.

    Tookeri is right about "s.yimg.com being part of yahoo. Thanks also to Thrashzone for recommending adware cleaner. I will download that program.
      My Computer
    Quote Quote

  11. rjordan393
    Posts : 76
    Windows 7 64 Bit
    Thread Starter
       New #8

    Here is the first report of the log file using adwcleaner as requested: A second report will follow on my next post just to double check and re-affirm that there is no malware.

    # AdwCleaner v4.206 - Logfile created 06/06/2015 at 15:29:01
    # Updated 01/06/2015 by Xplode
    # Database : 2015-06-05.1 [Server]
    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)
    # Username : Robert - ROBERT-PC
    # Running from : C:\Users\Robert\Downloads\AdwCleaner.exe
    # Option : Cleaning
    ***** [ Services ] *****
    [x] Not Deleted : YahooAUService
    ***** [ Files / Folders ] *****
    Folder Deleted : C:\ProgramData\Yahoo! Companion
    Folder Deleted : C:\Users\Robert\AppData\LocalLow\Yahoo! Companion
    ***** [ Scheduled tasks ] *****

    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
    Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Deleted : HKCU\Software\CoinisRS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
    Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
    ***** [ Web browsers ] *****
    -\\ Internet Explorer v11.0.9600.17801

    -\\ Google Chrome v43.0.2357.81
    [C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
    [C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN10506&l=dis&prt=360&chn=S1122&geo=US&ver=21&locale=en_US&gct=sb&qsrc=2869
    *************************
    AdwCleaner[R0].txt - [4147 bytes] - [06/06/2015 14:38:52]
    AdwCleaner[R1].txt - [4138 bytes] - [06/06/2015 15:26:23]
      My Computer
    Quote Quote

  12. rjordan393
    Posts : 76
    Windows 7 64 Bit
    Thread Starter
       New #9

    Here is the second log file which is shorter then the first. If you see something that is not right, let me know.

    # AdwCleaner v4.206 - Logfile created 06/06/2015 at 15:41:41
    # Updated 01/06/2015 by Xplode
    # Database : 2015-06-05.1 [Server]
    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)
    # Username : Robert - ROBERT-PC
    # Running from : C:\Users\Robert\Downloads\AdwCleaner.exe
    # Option : Cleaning
    ***** [ Services ] *****
    [x] Not Deleted : YahooAUService
    ***** [ Files / Folders ] *****

    ***** [ Scheduled tasks ] *****

    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****

    ***** [ Web browsers ] *****
    -\\ Internet Explorer v11.0.9600.17801

    -\\ Google Chrome v43.0.2357.81

    *************************
    AdwCleaner[R0].txt - [4147 bytes] - [06/06/2015 14:38:52]
    AdwCleaner[R1].txt - [4138 bytes] - [06/06/2015 15:26:23]
    AdwCleaner[R2].txt - [959 bytes] - [06/06/2015 15:40:50]
    AdwCleaner[S0].txt - [4000 bytes] - [06/06/2015 15:29:01]
    AdwCleaner[S1].txt - [887 bytes] - [06/06/2015 15:41:41]
    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [945 bytes] ##########
      My Computer
    Quote Quote

  13. ThrashZone
    Posts : 20,583
    Win-7-Pro64bit 7-H-Prem-64bit
       New #10

    Hi wow filled you up pretty good with crap,
    If you haven't already you can clean all be sure to Uninstall any toolbars the traditional way too
    There was a couple that was not selected to remove please remove all findings,
    Then after cleaning and uninstalling yahoo crapware download it from a noncrapware source.
    use the custom install and weed out some of the unnecessary stuff,

    You might be good to reset ie and delete personal settings to get a fresh start,
    Cheers.
      My Computer
    Quote Quote

 

  Related Discussions
Links to websites, either from emails or from shortcuts pinned to my PC desktop's task-bar have suddenly been directed to Google Chromes search page. There are four icons pinned to the task-bar that work;Windows Media Player, Internet Explorer, Google Chrome, Google Earth and Windows Live Mail all...
I wanted to determine the color and font of text from a website. I cut and pasted a paragraph into Word 2010, but Word 2010 pasted using my default font. Is there a way to disable this, temporarily?
This is what happens when I tried to download ANYTHING from Microsoft (most of them are free applications): http://img.photobucket.com/albums/v484/Shirai/microsoftwebsite_zps504d99b5.png I've tried to uninstalled silverlight and re-installed it. I've also tried with updating graphic driver,...
Unidentified Network
in Network & Sharing

This is annoying, got this friend's PC, formatted it and got Windows 7 Ultimate installed, but now I can't connect to the internet, because of a ""Local Area Connection" can't find IP configuration" error (or something like it). I'll submit the ipconfig\all screenshot. Please help me.
The website is Gen-R website I was on it earlier today and also using the ftp account but know I can't even access the site. I am using Windows Seven 64 bit Microsoft Windows Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Users\Watson>TRACERT generationr.co.uk Tracing...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 15:59.
Find Us