Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Infected with ouo.io

29 Sep 2015   #1
VsUK

Win 7 64bit
 
 
Infected with ouo.io

My brother downloaded a free video converter on my system & he didn't uncheck all the usual pre checked boxes & now my system is infected with something.

Whenever I open a web page & click on any URL, I'm directed to a ouo.io page asking me to click on the I AM NOT A BOT box then it forwards me to my original destination. It's annoying & I have used ADWCleaner & Malwarebytes & hitmanPro. Removing everything & still when I open my browser & go to a page & click on any url it keeps sending me there.

I've uninstalled the software using Revo Uninstaller Pro & removed all reg entries & files created by it & still no luck!


My System SpecsSystem Spec
.
29 Sep 2015   #2
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

uo.io is a new money making URL

Let's see if Junkware removal tool works: download Junkware Removal Tool to your desktop.


Go offline--- disconnect from the Internet, then,
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
My System SpecsSystem Spec
30 Sep 2015   #3
VsUK

Win 7 64bit
 
 

As you can see nothing turns up other than resetting my chrome. I ran a hand full of recommended tools in safe mode & got rid of quite a few things but its not apparent from the start if its removed until It randomly appears again & then its every 4 or 5 clicks I get that bloody site!

Quote:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Ultimate x64
Ran by VsUK on Wed 09/30/2015 at 17:26:33.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\VsUK\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\VsUK\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\VsUK\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\VsUK\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 09/30/2015 at 17:38:30.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
My System SpecsSystem Spec
.

30 Sep 2015   #4
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

This is crap! ---> TuneUpUtilities_Task_BkGndMaintenance2013 ... C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe
My System SpecsSystem Spec
30 Sep 2015   #5
essenbe

Windows 7 Enterprise X64/Windows 10 Enterprise X64/Windows 10 Pro X64/Linux Mint
 
 

Quote   Quote: Originally Posted by Jacee View Post
This is crap! ---> TuneUpUtilities_Task_BkGndMaintenance2013 ... C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe
I totally agree, Jacee. Good post.
My System SpecsSystem Spec
01 Oct 2015   #6
VsUK

Win 7 64bit
 
 

Yeah good post considering it does nothing to alleviate my problem.

I am a software & hardware engineer by trade! Tuneup has its flaws but it has features I find useful within 1 program rather than having 3 or 4 individual programs that do the same thing!

Fixed the issue by the way! Found a hidden exe file within my windows directory that was secretly activating whenever I opened a browser which triggered it to install its nasties. File name was filjipi.exe should anyone care!
My System SpecsSystem Spec
01 Oct 2015   #7
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

My System SpecsSystem Spec
02 Oct 2015   #8
VsUK

Win 7 64bit
 
 

It probably was. I only recalled the name from memory as I already removed it before I got the reply. But I ran one or 2 tools to confirm it was all removed!
My System SpecsSystem Spec
08 Oct 2015   #9
syafiq89

Melaka
 
 

Quote   Quote: Originally Posted by VsUK View Post
Yeah good post considering it does nothing to alleviate my problem.

I am a software & hardware engineer by trade! Tuneup has its flaws but it has features I find useful within 1 program rather than having 3 or 4 individual programs that do the same thing!

Fixed the issue by the way! Found a hidden exe file within my windows directory that was secretly activating whenever I opened a browser which triggered it to install its nasties. File name was filjipi.exe should anyone care!
Hi @VsUK .. may i know how did you fixed this problem? I means what tool did you used? I also encounter the same problem and I'm keep getting frustrated as I have tried many anti malware tools but still couldn't solve the problem... I really need your help..
My System SpecsSystem Spec
08 Oct 2015   #10
VsUK

Win 7 64bit
 
 

Quote   Quote: Originally Posted by syafiq89 View Post

Hi @VsUK .. may i know how did you fixed this problem? I means what tool did you used? I also encounter the same problem and I'm keep getting frustrated as I have tried many anti malware tools but still couldn't solve the problem... I really need your help..

Firstly I downloaded the following tools

HitmanPro from HitmanPro 3 - SurfRight
Microsofts Safety Scanner from Microsoft Safety Scanner - Free Virus Scan with the Microsoft Safety Scanner
AdwCleaner from https://toolslib.net/downloads/viewd.../1-adwcleaner/
JRT from www.bleepingcomputer.com

Reboot into safe mode but you need networking otherwise hitmanpro wont work as its cloud based scanning.

Firstly, when in safe mode. Run JRT.exe first. This can remove auto fill data from browsers & remove plugins as it did to me on chrome but not firefox & it will also stop active services that are still running in the background hidden. This will take between 5 - 20 minutes depending on your system.

When complete, run HitmanPro. You don't need to install, just run it, register for your free 30 day trial & then let it run. Delete all it recommends you to do or quarantine.

Then run Microsoft Safety scanner. This take's the longest time to complete but doing a full scan is important. Took about an hour for me but I do have over 10TB of HD drives so it may not take as long for you. I cant remember if this prompts you to reboot. You don't want to if so.

Finally run AdwCleaner. Let it scan & remove all it comes up with. It will then ask you to reboot. But make sure you have changed your settings to reboot normally before running AdwCleaner as once it prompts you to reboot, it won't let you click on anything but ok to reboot.

This I did twice as first time I did it in normal windows & it came back. 2nd time in safe mode & it removed it!

Hope this helps
My System SpecsSystem Spec
Reply

 Infected with ouo.io




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
My PC is infected!
:(I've tried to find these things and delete them. But I have at least two I can't get rid of. One of them is a "PC CLeaner" Another is some problem in ITunes saying its not for my new W-7....but it always was good till this other thing came along. The PC is doing something else when I...
System Security
I am infected.
I was looking for info on a new korean game called tree of saviour and i found a webpage siliconera.com which apparently had a good image of the game classes so i tried to go into the page and suddenly a windows want to execute cmd something came up and i went full retard and put yes my laptop...
System Security
I think we have been infected... need some help
Was using this computer today with no issues, all of a sudden I come home tonight and any browser I choose, mozzilla, chrome has all kinds of pop ups occurring. We run two computers in the house, but it seems only this one is having the problem. We run Mcaffe security suite and everything...
Browsers & Mail
Does it appear that I am infected?
Hello to all, Thank you for any response. Yesterday while running Malwarebytes Antimalware a scan on Windows 7 Ultimate 64 bit it seemed to freeze up, now to be honest on certain cab or manifest files it can take a long time. But the clock was over 5 minutes slow, cursor immovable, and Task ...
System Security
Am I infected?
Hello to all, Thank you for any response. Yesterday while running Malwarebytes Antimalware a scan on W7 Ultimate 64 bit it seemed to freeze up, now to be honest on certain cab or manifest files it can take a long time. But the clock was over 5 minutes slow, cursor immovable, and Task Manager...
General Discussion
Have you ever been infected?
Yes. During the years of IE6 we used Norton. It was regularly finding viruses/malware until we switched to Firefox. We switched to AVG. It found at least one threat my dad had downloaded. We tried ESET and I downloaded a program that 1000s had downloaded and a few said it was clean. It seemed to...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:03.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App