NDJeff 0 Report post Posted August 31, 2019 (edited) Run scan but still have e.eablink virus.. adaware can't find it. Here is the URL https://r.eablink.com/?key=a982cfabb5482be54a4d3a52b21940d7&cuid=US&u=https%3A%2F%2Fwww.pizzahut.com%2F My AVC will block it but want to remove all of it. Thanks, Jeff Edited September 1, 2019 by CeciliaB Converted clickable link to address to prevent people from clicking on it by mistake Quote Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted September 1, 2019 Hi NDJeff, Please see this topic: https://forum.adaware.com/index.php?/topic/30823-read-this-before-you-post/ Quote Share this post Link to post Share on other sites
NDJeff 0 Report post Posted September 1, 2019 here are the logsFRST.txtAddition.txt Quote Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted September 2, 2019 Thanks, not easy to find anything malicious in the logs. When did the problem with r.eablink start, e.g. when you installed FonePaw Screen Recorder on August 29 or before that? Do you notice r.eablink in all three browsers? Please attach a screen shot of r.eablink. I can see that you installed the add-on Honey in Chrome August 27. It seems to be questionable: https://www.systemlookup.com/FF_Extensions/3662-jid1_93CWPmRbVPjRQA_jetpack_xpi.html Quote Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) The above is a very old Java version with many known vulnerabilities, please uninstall it. If you really need to have Java installed, it's important to always have the latest version. Quote Share this post Link to post Share on other sites
NDJeff 0 Report post Posted September 2, 2019 Deleted Honey....Deleted Java. Still have problem. Only seems to work on Chrome. Attached is screen shot. Seems to target Amazon most of the time but not always. Will even redirect from icons in Facebook & Pizzahut too Quote Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted September 3, 2019 Try to reset Chrome: https://support.google.com/chrome/answer/3296214 Note, it's possible that nothing is wrong in your computer and it might be a false positive from AVG or that the web sites (or ads on the pages) where it occurs really are infected and the message is needed to protect you from a phishing attempt. Please see this AVG topic: https://support.avg.com/answers?id=9060N000000PgujQAC Quote Share this post Link to post Share on other sites
LSArtem 6 Report post Posted September 3, 2019 Hello! You can try to change default search engine and reset browser's settings. Do such actions in Chrome browser Menu->Settings-> Search engine or open an address chrome://settings/search , select Google or another search engine as default. Go to Advanced settings and choose tab "Restore and clean up" and do "Restore settings to their original defaults" If the same Phishing warning will appear again we'll try to find a service that makes changes to Chrome. Quote Share this post Link to post Share on other sites
NDJeff 0 Report post Posted September 5, 2019 Hey! It's gone! Thanks so much!! Quote Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted September 6, 2019 Very good! You're welcome Quote Share this post Link to post Share on other sites