Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

winmoreprize.com


  • This topic is locked This topic is locked
7 replies to this topic

#1 amir257

amir257

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 21 July 2018 - 11:40 PM

HEllO,  I have the same problem : 

 

https://www.bleepingcomputer.com/forums/t/680951/yowwinnercom-and-winmoreprizecom/

 

 
 
 
 
What i Try so Far  : 
 
1- I try to reinstall all browsers.
 
2- Scan with kaspersky internet security .
 
3- Scan with a lot of malware tools .
 
4- Format all of my laptop and reinstall the OS (WINDOS 10 PRO).
 
 
 
 
 
But nothing work even format the lap top !
cannot find where this redirect is hiding? 
 
 
Please help ....
 


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:34 PM

Posted 22 July 2018 - 08:16 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

If you have formatted the Computer and reinstall the Windows Operating System the only possibility that I see is that your router may be compromised.

Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

If the problem persists run these programs and post the logs.


Please download Malwarebytes Anti-Malware from here
  • Right-click on the MBAM icon and select Run as administrator to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
  • Note: The scan may take some time to finish, so please be patient.
  • If potential threats are detected, ensure to checkmark all the listed items, and click the Quarantine Selected button.
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.
Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs for my review.

Let me know if the problem persislts.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:34 PM

Posted 22 July 2018 - 08:52 AM

Hi,

It may be simpler.

Just found this article on Malwarebytes' forum.

https://forums.malwarebytes.com/topic/233287-yowwinner-page-pops-up/

If applicable try it.

You can post the logs I previously requested for my review.

#4 amir257

amir257
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 28 July 2018 - 02:01 PM

Hello ,

thanks but not working

still show up

 

https://www.bleepingcomputer.com/forums/t/681137/virus-popup-winmoreprizecom-and-yowwinnerprizecom/

 

same problem im using linksys too.



#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:34 PM

Posted 29 July 2018 - 06:29 AM

HI,

As previously requested?

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs for my review.
---

p.s.
Is this happening on all your browsers?
Which one do you uses?

#6 amir257

amir257
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 30 July 2018 - 10:05 AM

Hello ,

 

I use only fire fox

 

in the attach

 

thanks

 

Attached Files



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:34 PM

Posted 30 July 2018 - 12:52 PM


Hi,

Your logs are clean but you should enable your System Restore

ATTENTION: System Restore is disabled
Turn System Restore On for Drives in Windows 10
http://www.tenforums.com/tutorials/4533-system-protection-turn-off-drives-windows-10-a.html


===

We have seen many issues with these redirects.


If your are using the Sync in Firefox.
If Firefox still gives you problems and you are Syncing it with other Devices remove it.
https://support.mozilla.org/en-US/kb/how-do-i-set-sync-my-computer

When all is well you can re-sync your devices.
<<<>>>

If not Syncing or the problem persists after disabling i clean the Firefox Cache.
How to:
https://kb.iu.edu/d/ahic#firefox

Restart the computer normally.
===

If the problem persists.

Export Firefox bookmarks to an HTML file to back up or transfer bookmarks
https://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

Remove Firefox using the instructions one this page.
https://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer

Restart the computer normallhy.

Install the latest version of the application.
https://www.mozilla.org/en-US/firefox/new/

Import your Bookmarks. Same link as the Export function above.

Import Bookmarks from an HTML file to the new version of FF.
https://support.mozilla.org/en-US/kb/import-bookmarks-html-file

Restart the computer normally.

--

Let me know what worked.

#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:34 PM

Posted 04 August 2018 - 07:11 AM

Are you still with me?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users