Suspect I Have Virus/malware

Hello,

I recently upgraded from Win 7 to Win 10 and my brother tried re-installing a copy of Acrobat XI that I suspect was not a friendly... Immediately after, websites were being hijacked and other issues. The computer will also freeze up every now and then for about a full 30 seconds. Also, the day this happened, I saw an email pop up in my inbox confirming a BestBuy order and right before my eyes, I saw the email disappear from my inbox. My Paypal account had a $870 charge. I changed all PWs using a different computer and got that order canceled. Scary.

I ran Malwarebytes, Adaware, Spybot. They all found things and I removed what they found. I still suspect that I have something and ran through the 'Read and Run Me First' steps. Attached are all of those logs.

I may have screwed up big time. The instructions for obtaining the log for HitmanPro clearly say not to delete, replace or quarantine any items and to just save the log file. I clicked the Next button thinking it would give the option to download the log file and it ended up deleting all the items found. I hope you can still help me and I didn't make a mess of things.

I appreciate any help you can provide.

Thanks,
John

 

I let MGTools run overnight and it is left with "Running analyse.exe" as the last entry and a lot of blank space below it in the cmd screen. Attached is the log zip file. I'm not sure if it ran to completion though.

I'm having trouble installing the Zemana tool. I run it as Admin and it gives the following error "InstallSDK Failed! Filepath =C:\AntiMalware_Setup.exe".

 

I just ran Ccleaner and Disk Cleanup on all drives. Temp folders should be cleaned.

I don't get any options to agree to Hijack This when trying to install Zemana. Attached is a file with all the screenshots as they pop up when I try to install it.

The only one of those programs that I recognize is Dymo which is a label printer that I am now having trouble printing to and was trying to install the drivers for.

 

Oh, and do I close the ports open to Pirate Bay?

 

OK, I finally got MGTools to complete successfully by closing all apps and letting it run. Then, the HijackThis 'agree' popup was there. I've attached that log zip file.

I was able to get Zemana to run. I rebooted the pc prior to it running and not sure if that mattered. Attached is the log file from that.

I tried to follow the Windows Tips link to close the ports open to Pirate Bay, but I was always getting 'Access is Denied' when I try to create the Rule. The reboot seemed to also help with this and I was able to create the rules to Block the connections. I'm not sure if I did this properly because I still see those listed in the runkeys.txt log from the MGTools zip I created after trying to block the ports. Attached is a screenshot of the Inbound Rules from Windows Defender in case that shows something.

Thanks again for all you do!

 

I deleted all from the %temp% search.

I deleted the two Private Internet Access program files.

I did not have any uTorrent showing in the notification area and Task Manager showed no processes related to that running.

I ran MGTools again and attached the latest zip in case its useful.

Thanks

 

I disable that connection as instructed. Shows 'Disabled' in the Network Connections control panel.

I ran MGTools again (zip attached), but still see the ports showing 'Established' to thepiratebay.

 

The only issue that seems to be lingering is the computer will freeze every now and then for about 30 seconds. The last time it froze, but the bluetooth mouse tracking worked, but clicking wouldn't, except for clicking in the browser address bar. The bluetooth keyboard wouldn't work except for typing in the browser address bar. Alt-tab would work. When it unfroze, all of the alt-tabs keyed in before would then process all at once. Could this be a software conflict?

 

Correction: Alt-tab wouldn't work. When it unfroze, all of the alt-tabs keyed in before would then process all at once. Could this be a software conflict?