Guce Asvertising Malware

For the past week I have been hit with this message when I try to access AOL on MS Edge (Windows 10)
"Hmm, cannot reach this page. Search for "https://guce.advertising.com" on Bing" So it's been infected by Guce Advertising. I am also having this problem on a Windows 7 computer My Yahoo home page now shows up with this added https://www.yahoo.com/?_guc_consent_skip=1576948901

I can get my AOL on IE so it's only an Edge issue. Tried search Engine and there are many instructions for this particular malware but none seem to solve my problem (including Malwarebytes) or I can even follow other than installing a third party program which I don't trust.

Your guidance will be appreciated.

 

Here is the Adware file from the first page of your instructions. Should I wait until I get further instructions to add the additional files of information or just proceed now with the second page of the additional detection downloads?

 

Yes, I followed your reset instructions explicitly and it did not have any effect. Many of the web pages I load in Yahoo & AOL have the "guce" expression in them, and other sites have nothing. I'll continue with the data files you have requested and submit them shortly.

 

I did check add-ons in both browsers (Edge and IE 11) and they had none. I was unable to get MG Tools to operate. It would open the "command window," begin to start, then a loop of nonstop "do you want to allow this program to change the registry?" prompts, to which I replied "yes," and once that was submitted, another would open..continuously and the computer was locked up until I stopped the process using the task manager. I was able to derive a "Hijack This" log from the MG tools folder and have enclosed that, but no other files.

 

MG Tools would not run under the GetRunKey or ShowNew command. Apparently, there must be a 64 bit version, but I could not find it on the link your site provided.

UNSUPPORTED 16-BIT APPLICATION (title of informational window which opened up)

The program or feature "\??\C:\MGTools\Itime.exe" cannot start or run due to incompatibity with 64-bit versions of Windows. Pleae contact the software vendor to ask if a 64-bit Windows compatible version is available.

(button) OK

 

In response to your first question, I have no ad blockers installed. The computer uses the Windows Defender anti virus which was switched off to run MG Tools.

 

Tim, here are the two logs from Farbar

 

Here is the fixlog.txt. Running zemana at the present time and will have a log shortly.

 

Zemana text; I note the "scan date" is listed as 12/21....not certain if that makes any difference, but the computer time stamp is accurate at present.

 

I really appreciate your in-depth walk through for this problem, however it has not gone away. Let me give you some examples. This is from my Edge browser....

When logging into yahoo...my home page, I do reach it, but this is in the address line...
https://www.yahoo.com/?_guc_consent_skip=1577250383

Same with AOL
https://www.aol.com/?_guc_consent_skip=1577250573
(normally, it would be just the domain in both cases.)

Then when I attempt to retrieve my mail, I get this line in Edge and my mail does not open at all
https://guce.advertising.com/collec...-session_4e6ed3e0-e244-4a4a-a94d-e3b8ec12758c

instead I get a mostly blank page and these few lines.....
>>>>>>
Hmmm...can’t reach this page
Try this

• Make sure you’ve got the right web address: https://guce.advertising.com
• Search for "https://guce.advertising.com" on Bing
• Refresh the page

Details
There were too many redirections.

Error Code: INET_E_REDIRECT_FAILED
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
I get the same extra info when doing this in IE Explorer 11...packaged with Win 10.....however, I can access my e-mail in IE 11...I am not restricted as I am in Edge.

As you likely know Verizon now owns Yahoo & AOL.....these are the only two sites which I have a problem with.

A mystery for certain...the corporate ownership of both of these sites took place months ago...and now, all of a sudden, I am seeing people with AOL accounts complain they can't get their mail to open in Edge. This issue took place around 10 days ago.

 

Tim, I did some checking on the "Down Detector" site and found a lot of complaints from various users that AOL mail access is a problem on their operating system and the "guce advertising" issue appears quite frequently. Am wondering if this is an issue exclusively with their system as far as interoperability.?

 

Tim, I ran all the suggestions you brought up in your last post, but could not find anything with the word "guce" in it. I did some extensive checking on the issue and determined that both AOL & YAHOO, under the ownership of Verizon, has made this malware a part of their respective systems as tracking software which they are able to sell data information to buyers.

The internet search engines ( such as Google & Bing) is crammed full of users trying to get rid of it, and so far, there are no workarounds. Several malware suppliers are using this as a come-on to try their products, but they are unsuccessful in the removal. It would seem to me that what will happen, unless a "cure is found," is that I, and likely many, others will just stop using AOL and chose another mail system. Of course, I would be most interested to see if you could come up with a solution. I appreciate your devotion to this and time spent in my behalf.

 

It appears that AOL is now aware of the problems they are creating and have this banner when you enter their customer service site across their web page.

"AOL Mail is currently experiencing issues with specific web browsers. Google Chrome, Mozilla Firefox or Safari are not impacted and can be used until these issues are fixed.

AOL Questions? Get 24x7 live expert help with all of your AOL needs—from email and passwords, technical questions, mobile email and more. Upgrade your account by calling 1-800-358-4860."

I clear my browser as directed on a regular basis, and it has absolutely no effect.

We have a Win 7 computer in the office and I notice that, though it does not have Edge, it still has Internet Explorer and it also shows the word "guce" when AOL is brought up and signed into as does Yahoo. No other site shows this characteristic, so I am convinced this is an internal AOL/Yahoo issue perpetrated by Verizon's Oath hierarchy in an effort to provide an intrusion into their customer's Internet site visiting habits.