Still having trouble

Hi there.

Re run Malware Bytes and this time let it remove everything. The log shows nothing was quarantined. Attach a new log.

Re run Hitman Pro and let it remove all what it finds.

Please attach a proper log for Roguekiller. If you haven't got one, re run it again please.


Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Attach JRT.txt to your next message.

Run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista, Windows7 or Win8) Then attach the new C:\MGlogs.zip file that will be created by running this.

 

Malware Bytes is not showing that you have quarantined anything. Rescan with it, does it still detect items??

 

.

What browser?


Fix item using RogueKiller.

Double-click RogueKiller.exe to run. (Vista/7/8 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the tasks tab and locate this detection:

• [Suspicious.Path] \Anhiibom -- "C:\ProgramData\Anhiibom\1.0.4.1\ehnufsal.exe" ("/e=L3A9MjEwODAxXi91PTJiZmQxNDY1MTkzZjQwNmRiYjI4NWZjMDQ2YzYyMTk0Xi9kPXRyYWNrYnJlYWtpbmduZXdzLmNvbV4vbj1ORVdTXi9hPUJyZWFraW5nTmV3c0FsZXJ0Xi90") -> Found

Place a checkmark next to this item, leave the others unchecked.
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How to attach)
Reboot the machine.


What is inside of this folder?

C:\Program Files (x86)\e37a1599-8f40-4941-b5bd-cc9d9ee4a30f


Delete these. Let me know if you have problems...

• C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Templates\ZLB29EC.tmp
• C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Templates\ZLB5927.tmp
• C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Templates\ZLBC792.tmp
• C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Templates\ZLBF4E8.tmp

Run Ccleaner (not the registry scanner, just the cleaner itself to be rid of a chunk of temp files)

Re run Malware Bytes yet again and attach a fresh log for me.
Re run Hitman Pro and attach a log from that too.


Run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista, Windows7 or Win8) Then attach the new C:\MGlogs.zip file that will be created by running this.
Let me know of any problems you may have encountered with the above instructions and also let me know how things are running!

 

Instructions are all here.

 

Hmm... run it in safe mode please.

 

Did it find anything the last time you scanned?
Reinstall it and see if it runs properly.

 

You can delete it then in that case.

Not a malware problem. These are just mouse over ads that popup when your mouse moves over various underlined keywords. Many websites, including Major Geeks, use these as a source of revenue to help offset costs of running a free website and forums like this.

What issues remain, if any?

 

And all this has been happening in Google Chrome?

 

Try this:

Reset Google Chrome to defaults

 

I am very glad to hear all is well again. Final steps below..

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
2. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
4. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
   
6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
   
   
7. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!