Topwebclub.com invasion

[REDACTED]

Hello,

my homepage on Micosoft Edge changed to Topwebclub.com or one of its other guises.
I also use chrome but that does not seem affected.

Can someone please guide my through the process of malware removal.

Thanks

Adam

[Asyn]

Attach your basic diagnostic logs. (MBAM, FRST and aswMBR)
Instructions: https://forum.avast.com/index.php?topic=53253

[REDACTED]

MBAM log...

[REDACTED]

Farbar logs...

[REDACTED]

aswMBR log...

[Asyn]

OK, now you've to wait a bit...

[REDACTED]

Okay, thank you.

[essexboy]

Let me know if this works

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2015-11-10]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Scan.
  
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S0].txt as well.
  

[REDACTED]

FRST fix log...

[REDACTED]

AdwCleaner.exe log...

[essexboy]

How is the computer now ?

[REDACTED]

Hiya,

still there I'm afraid.

[essexboy]

OK lets now reset Edge


CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
C:\Users\Adam\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix

THEN


To Launch PowerShell, Type “Power Shell” in Windows search.
Right Click powershell.exe and Run as Administrator 
Copy and paste the following command into the blue box :

Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml" -Verbose}

Press enter and reboot once completed
Now try Edge

[REDACTED]

Tried this but it started on en.4yendex.com

Tried again but it started on Topwebclub.com again.

The normal homepage is MSN.

[essexboy]

Hmm that is intriguing as what we did was totally re-install edge

Could you go to edge settings > advanced settings and let me know if you can change the home page