Solved Unidentified Website

rjordan393 · Jun 6, 2015

Hello,
There is a website on the history page that says I visited it. I did not visit this page on my own; so it must be attached to Internet Explorer or my local news station or to a firefighter forum. Here is what I see:

s.yimg (s.yimg.com)............When I click on this, I see:
overlayie-20150109.............When I click on that, I get a blank page. There is also the IE icon just before the word "overlayie".

I suspect it may be spyware dispite the icon. I use Ccleaner and Norton Security if that helps.

Does anyone know if this site is legitimate? I have IE 11.

Tookeri · Jun 6, 2015

I know s.ytimg.com is part of YouTube. yimg.com (without the t) is part of Yahoo.

But there seem to be a browser hijack also with the name s.yimg.com so you could try a scan with:
Malwarebytes | Free Anti-Malware & Internet Security Software

Tutorial: http://www.sevenforums.com/tutorials/338716-malwarebytes-anti-malware-free.html

rjordan393 · Jun 6, 2015

Thanks,
I'll download that program and run it. Then I'll log off and then on to see what happens; especially when I go to a local news site or other locations on the web. I just want to be cautious. I believe there is a national news story about China hacking personal information.

ThrashZone · Jun 6, 2015

Hi,
You can also use Adwcleaner
Review Jacee’s instructions to run Adwcleaner here post #7,
Ignore the title of the thread,
http://www.sevenforums.com/system-security/316404-instant-savings-app.html
On the BleepingComputer site use the button that looks like this,

Post the scan results for review,
Cheers.

rjordan393 · Jun 6, 2015

The program did not identify any malware. So I logged on to Internet Explorer and then checked the history link and s.yimg (s.yimg.com) page followed the Yahoo page. So that site must be linked to Yahoo.
So my next step is to contact Yahoo and ask if that website is associated with Yahoo.

ThrashZone · Jun 6, 2015

Hi,
In Internet explorer just add that site to your restricted sites list and see what happens,
Gear symbol on the top right and Internet options/ Safety
Click on the large Restricted site icon and then on the Sites button,
Clear what ever is listed in the sites box and type in the url of the site in question
Then click on the add button. save and exit.
Close ie and re-open.

If something goes weird you can go back and remove the site as easily as you added it.

rjordan393 · Jun 6, 2015

I place "s.yimg.com on the restricted list and tested the operation of my computer. Most of everything worked fine except I found that I could not reply to messages until I remove it from the restricted list.

Tookeri is right about "s.yimg.com being part of yahoo. Thanks also to Thrashzone for recommending adware cleaner. I will download that program.

rjordan393 · Jun 6, 2015

Here is the first report of the log file using adwcleaner as requested: A second report will follow on my next post just to double check and re-affirm that there is no malware.

# AdwCleaner v4.206 - Logfile created 06/06/2015 at 15:29:01
# Updated 01/06/2015 by Xplode
# Database : 2015-06-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Robert - ROBERT-PC
# Running from : C:\Users\Robert\Downloads\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
[x] Not Deleted : YahooAUService
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\Users\Robert\AppData\LocalLow\Yahoo! Companion
***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\CoinisRS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17801

-\\ Google Chrome v43.0.2357.81
[C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN10506&l=dis&prt=360&chn=S1122&geo=US&ver=21&locale=en_US&gct=sb&qsrc=2869
*************************
AdwCleaner[R0].txt - [4147 bytes] - [06/06/2015 14:38:52]
AdwCleaner[R1].txt - [4138 bytes] - [06/06/2015 15:26:23]

rjordan393 · Jun 6, 2015

Here is the second log file which is shorter then the first. If you see something that is not right, let me know.

# AdwCleaner v4.206 - Logfile created 06/06/2015 at 15:41:41
# Updated 01/06/2015 by Xplode
# Database : 2015-06-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Robert - ROBERT-PC
# Running from : C:\Users\Robert\Downloads\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
[x] Not Deleted : YahooAUService
***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17801

-\\ Google Chrome v43.0.2357.81

*************************
AdwCleaner[R0].txt - [4147 bytes] - [06/06/2015 14:38:52]
AdwCleaner[R1].txt - [4138 bytes] - [06/06/2015 15:26:23]
AdwCleaner[R2].txt - [959 bytes] - [06/06/2015 15:40:50]
AdwCleaner[S0].txt - [4000 bytes] - [06/06/2015 15:29:01]
AdwCleaner[S1].txt - [887 bytes] - [06/06/2015 15:41:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [945 bytes] ##########

ThrashZone · Jun 7, 2015

Hi wow filled you up pretty good with crap,
If you haven't already you can clean all be sure to Uninstall any toolbars the traditional way too
There was a couple that was not selected to remove please remove all findings,
Then after cleaning and uninstalling yahoo crapware download it from a noncrapware source.
use the custom install and weed out some of the unnecessary stuff,

You might be good to reset ie and delete personal settings to get a fresh start,
Cheers.

Solved Unidentified Website

rjordan393

New member

My Computer

Tookeri

Security enthusiast

My Computer

rjordan393

New member

My Computer

ThrashZone

R.I.P. Britton30=Gary

My Computer

rjordan393

New member

My Computer

ThrashZone

R.I.P. Britton30=Gary

My Computer

rjordan393

New member

My Computer

rjordan393

New member

My Computer

rjordan393

New member

My Computer

ThrashZone

R.I.P. Britton30=Gary

My Computer

Similar threads