Still Seem to have malware

Hang in there please. There's been a few of these stubborn proxy problems floating about lately, and most things we try are not working. Let me look into it further.

 

Uninstall your anti virus temporarily. Re scan with RogueKiller and have it fix the proxy entries. Reboot and then rescan with RogueKiller again and attach log.

 

Did you do what I asked previously?

 

Did you uninstall your antivirus before running that scan?

 

Please follow the instructions below in the order written.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files". We are only saving this to your Desktop at this time. We will use it later. Make sure that it shows up on your desktop as a registry patch. Notice the icon.

Now reboot your PC info safe boot mode. Remember to keep your antivirus uninstalled until requested to reinstall.


Once in safe boot mode, click Start, and type regedit into the search box.

• You should see a regedit.exe and icon appear in the Programs area of the Start Menu.
• Right click on regedit.exe and select Run As Administrator
• Then in the Registry Editor menu click File and select Import.
• Navigate to the fixme.reg file saved to your Desktop and double click it. Allow it to be added to the registry. Please observe whether you receive a success message.

Now right click on RogueKiller.exe and Select Run As Administrator and run a scan. After it finishes the scan, select the Registry tab and then select any of the below that exist and then click the Delete button.

Then immediately reboot your PC. But this time reboot into normal boot mode.

After reboot, run a new scan with RogueKiller and save a log as in original instructions and attach the new log.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• the new RogueKiller log
• C:\MGlogs.zip

 

Looks good now. Are you having any more problems?

 

You're welcome.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
3. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
4. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
5. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
6. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
7. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others) and running MGclean.bat did not remove them, you can delete these files now.
8. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
9. If you are running Win 8, Win 7, Vista, Windows XP or Windows ME, do the below to flush restore points:
   • Refer to the instructions for your WIndows version in this link: Disable And Enable System Restore​
   • What we want you to do is to first disable System Restore to flush restore points some of which could be infected.
   • Then we want you to Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

Sorry to hear about your son. Hope things are okay.

There is nothing wrong with your MBR. MBRcheck just is not real reliable anymore at detecting all the various types of MBRs that exist.

See if the people simple approach works to solve your problem with Google.

Reset Chrome to Defaults

 

Unfortunately we are too busy to offer training to anyone who is not already a recognized expert. There are a few websites that provide training rooms. The process can take awhile to complete since there is a lot to learn and the people training you are doing it in their free time. Make sure that you are serious about wanting to spend the time to learn and have the time to perform malware removal this because it takes a strong committment. Check out the below sites:

BootCamp

Geek U!

What the Tech Classroom

BleepingComputer Malware Removal Training Program

 

You are welcome. Safe surfing.