popup adds and redirected links on browsers

Welcome to Major Geeks!

You need to attach it whether clear or not so that we can verify a correct version was run.

Also you need to attach the log from RogueKiller.

Are your popups and redirects only occurring with Chrome? Make sure that you test Internet Explorer too but test it with Chrome shutdown. Test Firefox too if you use it.

 

And as I worried about. You are extremely out of date with your version of Malwarebytes and also the database for it. You need to uninstall what you have and then download and install what was requested in the READ & RUN ME. Make sure you update it after installing because the database will need updating. Then run a new scan just to make sure nothing is detected. Attach the new log no matter what.


Download HostsXpert and then follow the below steps.

• Unzip HostsXpert.zip
• It will create a folder named HostsXpert in whatever folder you extract it to.
• Right click on HostsXpert.exe and select Run As Administrator.
• Click the Make Writeable? button. (if you only see a Make Read-Only selection, it is already writeable so skip this button).
• Click Restore Microsoft's Hosts File and then click OK.
• Click the X to exit the program

Then run RogueKiller and run a scan. After it finishes the scan, select the Registry tab and then select any of the below that exist and then click the Delete button.

Then immediately reboot your PC.

After reboot, run a new scan with RogueKiller and save a log as in original instructions and attach the new log.


Now shutdown McAfee before doing the below.


Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• the new Malwarebytes log
• the new RogueKiller log
• C:\MGlogs.zip

 

Okay then I have a few comments about this:

• In the future you should really have your IT Dept fix your malware problems as coming here would also then be a violation of corporate policy, and we could windup removing things that you IT people put in place as they could look like restrictions put in place due to malware.
• You should not be running Spybot Teatimer as this would likely not be a program recommended by your IT Dept and also Teatimer should not be used with a full blown McAfee Security Suite as it can cause major conflicts making both programs less effective. Also the combination of both can slow your PC down.

Your logs are clean.




If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware. You can uninstall RogueKiller and HitManPro.
3. Go back to step 4 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
6. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 6 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

Yes that is quite typical of IT as most really have no idea how to remove malware and quite often they mistakenly believe it is faster to reimage.

You're welcome. Surf Safely!