daughter's computer

Daughter's laptop is likely infected by some adware/malware that I am working on fixing. I have completed all of the steps on "Fixing browser and search engine redirection/hijacking problems" without successfully eliminating the nuisance hijacking Google Chrome. I am now working on the Read & Run Me First: Malware Removal Guide and have run into an immediate problem. Step 3 asks me to open Control Panel and when I do, there is a problem. A screen shot is attached. I hope you'll be able to help me get past this stumbling block so I can move ahead with removing the malware.

 

I realized later that you would like to see logs from "Fixing browser and search engine redirection/hijacking problems." Those logs are attached. TDSSkiller did not find any issues. I am also including the report from backing up the computer, showing some files that could not be found.

 

After running CCcleaner, I was able to access Control Panel and was able to turn off User Control.

Attached are requested logs.

I subscribe to Malwarebytes Premium and have included the two scans that were generated this morning. One is a threat scan and the other is what they call a protection scan.

Your file attacher would not allow me to upload the Rogue killer log that was created this morning, describing it as invalid. So I went into Rogue killer and created a text log, naming it Alternate Rogue killer log and attached it.

The other logs will come in another message!

Still Having issues with Google Chrome; a screenshot of what that issue looks like is attached as a jpeg.

Thanks for your help!

 

MGTools log attached.

 

The screen shot is too big to upload so I guess you'll have to let me know if you want any additional information about the Google Chrome problem.

 

I have just finished running Hitman Pro again, the first step in your assignment to me. I do not know which items are Potentially Unwanted Programs. Everything in the scan results is listed as AskBar, CouponBar, Softonic, or Unideals. Do I delete all of these? Scan is attached.

 

I read the log and discovered that everything falls under the category of PUP so I'll proceed.

 

Here's the final Hitman Pro log. The log keeps showing ask.com even though its been deleted in Hitman Pro twice now. Also there was a coupon bar that showed up in the results but did not show up in the log.

I opened 10 tabs in Google chrome and didn't have any hijacking trouble.

I've turned the antivirus protection back on.

Thanks for all of your help. Let me know if there's something else I should try.

 

Here is the Junk Removal log.

 

In response to your inquiry, I opened Google Chrome. Soundersfc.com worked fine in the first tab. I was in the midst of typing in youtube.com when the screen was taken over by a message that says "The page at https://solvemypc1.net says: 1) Windows Firewall Warning ***YOUR COMPUTER MAY HAVE ADWARE/SPYWARE VIRUS*** Call 1-866-377-1242 immediately for assistance on how to remove potential viruses. The call is toll free.

The message goes on to describe risks and more about the virus, ending with another plea to call the phone number above.

It was continually repeating messages such as these that prompted my visit to majorgeeks.com seeking assistance.

When these messages pop up, they seem to affect typing and also cause random skipping from one tab to another in the midst of typing.

I guess we are not out of the malware woods yet.

 

Google Chrome is uninstalled.

I cannot find either of the files that you requested to be deleted. When I type the second one into search, the MGlogs.zip file, and the JRT log pop up, but no individual file.

I'll await further direction before running AdwCleaner.

 

Here's the AdwCleaner log. I didn't delete anything yet because I feel rather unsure. I see some AVG files in there and my daughter has AVG antivirus protection on her computer. So I am stalled until I get some advice as to whether or not I should leave all those things in the list of what AdwCleaner says should be deleted.

 

Okay to delete the following in AdwCleaner:

HKLM\SOFTWARE\Mozilla\Firefox\Extensions
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings

 

Attached is a post-cleaning AdwCleaner log. I rebooted and then ran HitmanPro; log is attached. Google Chrome has been reinstalled. I opened about 20 different tabs in Google Chrome with no problem.

One thing that I noticed is that when Google Chrome opened after reinstallation, all of my daughters bookmarks were still there. Is that supposed to happen?

Thanks for your help. Let me know what I should do next.

 

Running the MGclean.bat file left two copies of MGlogs.zip on the computer. Should I leave these?

There is no uninstall available for TDSSKiller and AdwCleaner. I see those are both .exe files. Can I just delete them?