Computer got infected with a virus

My computer got infected with a virus, My google chrome copy was hit by it but firefox is IExplore,exe and Edge are working fine. The google chrome browser is having a fake newtab page which malwarebytes is detecting it with a block popup when i try to go to it, There is also a new search engine it has which i can’t remove. I had adblock installed which is now missing… here is a log from Bitdefender Rescue CD scan that i had ran. I didn’t have bitdefender total security installed before getting infected but the rescue cd only found things that appears to be in the recycle bin. Any help would be much appeariated


====================================================
= Logging started on Fri 22 Dec 2017 09:34:50 PM UTC
====================================================

List of objects to be scanned:
   - /run/media/livecd/AAAA8B94AA8B5C27

Object '/run/media/livecd/AAAA8B94AA8B5C27/$Recycle.Bin/S-1-5-21-3642839158-3424249434-357513839-1002/$ROMO98W.exe=>(Instyler o)=>(Instyler Module 0)' is infected with 'Adware.Agent.TVX'
Object '/run/media/livecd/AAAA8B94AA8B5C27/$Recycle.Bin/S-1-5-21-3642839158-3424249434-357513839-1002/$RTP2I4Q.tmp/southernwood.dll' is infected with 'Adware.Agent.TVX'

==================================================
= Applying actions
==================================================
Object '/run/media/livecd/AAAA8B94AA8B5C27/$Recycle.Bin/S-1-5-21-3642839158-3424249434-357513839-1002/$RTP2I4Q.tmp/southernwood.dll' has been deleted


Attach your basic diagnostic logs. (MBAM and FRST)
Instructions: https://forum.avast.com/index.php?topic=194892

Here is 2 screenshots of the popup and settings in chrome… Having to use Firefox.exe to prevent those popups right now.

Here’s the logs.

OK, now you’ve to wait for one of the malware experts…

Okay, when the virus got on my computer and I realized what happened… I was so mad first virus in like 2 years.

So i ran Zemana that malwaretips recommended it found some chrome policy that it removed and i got to remove the redirect and the search engine. I have did a new farbar scan and attached the logs of them. As well as the Zemana report. Now to wait for you expert volunteers here to check them out to see if my PC is clean again or if you need to do more :slight_smile:

  • Open Notepad (click Start button → type notepad.exe → press Enter)
  • Copy text from code block below and paste it into Notepad
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
EmptyTemp:
  • Go to FileSave As
  • Make sure that UTF-8 is selected as Encoding (left side of Save button)
  • Save it as fixlist.txt on Desktop
  • Open again FRST and click on button Fix
  • Wait until FRST finishes
  • fixlog.txt should be genereted and opened. Attach it your post and wait further instructions.

Here you go! :smiley:

What is the system status now?

Its acting perfect. :slight_smile: Thanks for the help by the way.

Merry Christmas!!! ;D

The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.
Run the tool and check the following boxes below;
[i]
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Remove disinfection tools

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Create registry backup

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.