malware/ trojan attacking browsers

phant0m2017 said:

Attachment 106941 Attachment 106943

Based on what I am seeing in these logs, I'm sorry, but I have to bow out. I think you need to call in the big guns.
Am I infected? What do I do? Forum - BleepingComputer.com
Virus, Trojan, Spyware, and Malware Removal Logs Forum - BleepingComputer.com

Read the instructions here before posting:
Before You Post About A Problem - Am I infected? What do I do?

Create an account, start a new thread, wait for a trained expert to respond.

In the meantime, make sure your data is backed up, and remove the following programs:
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering)
CCleaner 5.21.5700 (HKLM-x32\...\CCleaner 5.21.5700) (Version: 5.21.5700 - SandySeedings Team)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)

Note: If there is illegal/cracked software or keygens on the system, please remove that, or no legitimate help forum will assist.

phant0m2017 said:

Oh no !!! You got me worried now ........ ok I have deleted most but there is no body text feathering app (whatever that is)....also no HKLM showing up and also no B792 showing in programs and features. Do I have to delete every app that I have got through torrents eg. Adobe photoshop,microsoft office 2016 , nero 2016 etc... or just the keygens and files in my downliads folder ..?

(Body Text Feathering was showing in your installed programs. If you can't find it, they will get rid of it for you.)
Everything must be completely off the system. Torrents are notorious infection vectors, as are illegal software and keygens.

Follow the instructions here:
Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help - Virus, Trojan, Spyware, and Malware Removal Logs
Post fresh FRST and Addition logs in your new thread. Be patient, as they are very busy, and all volunteers, just like us here.

phant0m2017 said:

Just one question..... what are addition logs ?

FRST creates 2 logs when you first run it - frst.txt and addition.txt. I believe the addition.txt will not be created on subsequent runs of the tool, unless you specifically check the box for it. They will need both logs from you.

MoxieMomma,

You are On point!!

phant0m2017 MUST fully uninstall ALL pirated/cracked/keygen software, etc., to get help at the top ranked Malware Removal forums!!

@phant0m2017
I would be curious to observe the thread you create at BleepingComputer. I'd appreciate it if you'd post the link here, or PM it to me. Thanks.

@phant0m2017
I see your helper at Bleeping Computer has appeared to have abandoned you.
If he hasn't asked someone to pick things up while he is away, perhaps we can continue here, if we are pretty sure your system is clean.
Let me know your thoughts.