Google search blocked by malware and uploading data to unknown

A received an email from a cellular phone on the PC. On the next day,the Google search engine website on Internet Explorer,Google Chrome and Firefox cannot be accessed due to taking too long to respond from the webserver. I thought it was nothing.

I noticed that I am uploading something or data as long as I am connected to the Internet when no updates or browsers are running on the background.Most of the time the browsers are uploading something not downloading a webpage.The upload speed is 4x the download speed.
It is still uploading as my download meter is 000.000
I think the malware is stealing my passwords and data.

Virustotal.com cannot be connected and antivirus software cannot function. I tried to install Kaspersky Security Scan and it failed.

At first, I can still can access webpages like https://sites.google.com/site,https secured webpages,blogspot.com,translate.google.com,and mail.google.com.

After using Chrome Cleanup Tool, anything that has Google related in the URL cannot be accessed like https://sites.google.com/site, https secured webpages, blogspot.com, translate.google.com,and mail.google.com are all blocked.Other search engines can still be accessed.

The PC is acting weird as the cursor is jumping around, and the Processes at Windows Task Manager showed huge Physical memory usage at 85%.There are many svchost.exe,conhost.exe, and csrss.exe.running.

All the web browsers are very slow in speed and the PC is very slow and unstable in responding.

The MBAM free version on my PC found nothing after a thorough scan.

Thank you for reading and responding.

https://forum.avast.com/index.php?topic=194892.0

Thank you for your reply. I will follow as instructed.I apologised for keeping you waiitng for my reply for so long about 3 days.I dare not to go online.Uploading and uploading with many websites being blocked not only Google related.

I am attaching MBAM report.All cleared. No threat detected.
Going to step Nr.2.

Monitoring this thread for logs. Thank you.

Thank you for waiting.

When I ran FARBAR scan for the first time the phrase “Farbar failed to update 1” appeared. I am not sure but I think FARBAR failed to backup the registry.

It scanned alright.

Here are the 2 logs .Thank you for your time.

Open notepad by pressing the Windows Key + R Key, typing in Notepad in the Run dialog and then pressing Enter. Please copy the contents of the Code box below. To do this highlight the contents of the box and right click on it and select copy (or you can just click on the (select) next to Code Box). Paste this into the open notepad. Save it to your desktop as fixlist.txt


Start
CreateRestorePoint:
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Reboot:
End::


NOTE. It’s important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 by right clicking on the FRST64.exe file, selecting “Run as Administrator…”. The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.

The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show nothing (meaning there is no update found) and you can continue on. Press the Fix button just once and wait. The tool will create a restore point, process the script and ask for a restart of your system.

http://i1351.photobucket.com/albums/p785/dbreeze2/just%20stuff/Press%20the%20FIX%20button_zpsdd5zi3mt.png

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please attach it to your reply post. Also, tell me how your system is running now.

How is your system running now? Can you update Windows Defender?

Thank you for the fixlist. I still have run it yet.My Windows Defender is running and updating without any problem. I read that an extension that I downloaded for Firefox contains spyware “Smart Price”.

If you do not need it, then remove the extension.

Thank you for your patience.I am been running many scans without the effect as I did not read your instructions carefully and follow it correctly for these few days. Will run fixlist and scan as administrator.
I have forgetting the two procedures all the time. Will post scan results soon.Thank you.

It flushed everything. But it still remains the same.I lost all my history data on all browsers. I am still uploading and google search engines unable to access. Will post fixlist log in the next post.

The computer response is getting slower and the Physical Memory is bloated to 95 percent all the time after the fixlist being ran.Weird.All the same for firewall.

Found in the FRST log that https://www.google.com becomes hxxps://www.google.com

That’s by design.

You do realize that you have no antivirus installed and running on this system, correct? Why is that?


https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Fix with Farbar Recovery Scan Tool

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[b] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/b]
Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

How is your system running now?

[quote author=dbrisendine link=topic=203458.msg1401427#msg1401427 date=1497452555]
You do realize that you have no antivirus installed and running on this system, correct? Why is that?


You do realize that you have no antivirus installed and running on this system, correct?
Correct.
I feel that I am getting the same infection. What is the use of AV software when it cannot stop the malware or rootkit.
So I decided not to install AV at all by design.

First I like to thank DrBrisendine and Eddy.Thank you for your help.

1.When I first flushed my Google Chrome with Chrome Cleanup Tool, anything that has Google related in the URL cannot be accessed.

2.The second flushing of my PC to delete all Internet files in Temp folder and not Google Chrome using the fixlist.txt brought more blocking of websites or pages.

However as of now, everything is back to normal which is weird :-[ . It is still uploading but Google search engine and sites related to google are able to access.

Maybe I am a victim of hacking and maybe a backdoor is established with the hacker completed downloading all my info.Who knows?

How do I know if I am being hacked? :-

Thank you very much,deeply appreciated and grateful for the help rendered.