Browser Issues: Malware Issue Files Attached

Please re-run Malwarebytes' and clean all detections - upload a fresh log.

Next activate Hitman Pro's 30day trial license, then fix the Malware and Potential Unwanted Programs detections. Re-run the tool afterwards and upload a new log.

Then run RogueKiller and delete all Tasks. Upload the RKreport[2].txt to your next message.

Tell me how the PC is running, now.

 

Please follow my instructions more carefully, as the above logs don't show the fixes were performed. Re-scan with those applications and upload only those new logs so I'll know how to proceed.

 

Don't re-name the files - let each program create the filename. I will deal with removing that browser once I have current information.

 

That looks better - please download and run
GeekUninstaller 1.4.5.126 to un-install Google Chrome.

Also to empty your temporary files, click Start/ run and type in

%temp%​

When the window opens .. click on Edit > select all and then Delete.

Re-boot and tell me of any other malware issues.

 

It is listed in your newfiles.txt > Uninstall Programs list. Where doesn't it show? GeekUninstaller? Windows 10's Programs & Features?

Edit:
Please download ZHPCleaner to your desktop.

• Close all applications (including your web browsers and antivirus)
• Double-click on ZHPCleaner to run the tool.
• If you are using Windows Vista, 7/8/10; instead of double-clicking, right-mouse click ZHPCleaner and select "Run as Administrator".
• Please click the "J'accepte/I agree" button.
  • First press the "Scanner" button. Be patient, the scan may take awhile.
  • Do NOT fix/repair anything yet! Please upload that logfile with your next reply.

 

You have this message because you are viewing a ZHPBrowser window as indicated by the first line of text. Please close it and run the ZHPCleaner.exe application - you should see the below GUI. Follow the steps I gave in post #11 to produce a log.
And yes - have Malwarebytes quarantine the new detections. You can then delete all quarantined items by clicking on "Quarantine" on the Home GUI, ticking the boxes before each item and selecting the Delete button at the bottom right corner. (see thumbnail).

 

Again - close that window... perform a system-wide search if necessary for the produced log - ZHPCleaner.txt - it should be in C:\Users\youraccountname\AppData\Roaming\ZHP directory, upload that log please.

 

Please re-run ZHPCleaner

• Close all applications (including your web browsers and antivirus)
• Double-click on ZHPCleaner to run the tool.
• If you are using Windows Vista, 7/8/10; right-mouse click ZHPCleaner and select "Run as Administrator".
• Please click the "J'accepte/I agree" button.
• Then press the Repair button
• A logfile will automatically open after the scan has finished.
• Upload that logfile in your next reply.

Next download Farbar Recovery Scan Tool (FRST) and save it to your Desktop.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press the Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run from.
• The first time the tool is run, it also makes another log (Addition.txt).
• Attach both logfiles to your next reply.

*Tell me how your PC is running.

 

Thanks -

NOTE: This script was written specifically for this user for use on this particular computer. Running this on another machine may cause damage to your operating system.

• Save the attached (fixlist.txt) to your desktop.
• Right-click FRST(x32/64) and select Run as Administrator.
• Click the FIX button once.
• Wait while FRST processes fixlist.txt
• A report should pop up named Fixlog.txt, please upload it here in your next reply.

 

Perhaps these links will help explain.

https://answers.microsoft.com/en-us...d-public/377febb8-1238-4a78-baf5-6236cb05df20
https://social.technet.microsoft.co...-users-desktop-folder?forum=win10itprogeneral

That completes the malware cleanup -
If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase it, it provide no protection. It do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
3. If running Vista, Win 7/8/10 - it is time to make sure you have re-enabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
4. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
5. Go to the C:\MGtools folder and find the MGclean.bat file. Double-click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
6. If you are running Win 7/8/10, Vista, Windows XP or Windows ME, do the below:
   • Refer to the instructions for your Windows version in this link: Disable And Enable System Restore​
   • For Windows 8/8.1/10 system restore see this link: Win 8 System Restore - How to enable/disable​
   • What we want you to do is to first disable System Restore to flush restore points some of which could be infected.
   • Then we want you to Enable System Restore to create a new clean Restore Point.
7. After doing the above, you should work through the below link:
   • How to Protect yourself from malware!

Safe surfing!