WinYahoo recurring / not quarantined

[arb32]

Hello, MWB found that I had 3 instances of the PUP Optional.WinYahoo --- I've followed the instructions from all of the other forum posts, but MWB keeps detecting two instances (it removed 1). However, it won't even quarantine them. It simply detects them. 

I experimented a bit and decided to change the C:\Users\arbonfiglio\AppData\Local\Google\Chrome\User Data\Default to C:\Users\arbonfiglio\AppData\Local\Google\Chrome\User Data\Default_Old

WinYahoo is no longer showing up in the MWB scan, but I lost all of my extensions and bookmarks, etc. on Chrome. Is there a way to remove WinYahoo without losing all of my other information? 

[kevinf80]

Hello arb32 and welcome to Malwarebytes,

Go to the following link: 

    Please note there are two posts in that thread, the second one by @Aura should help remove WinYahoo. Let me know if that works for you..

Thank you.

Kevin...

[arb32]

Hi Kevin,

I've already done all of those things amd they did not work.

Anything other suggestions?

[kevinf80]

Thanks for the update, can you post the most recent log from Mlawarebytes:

To get the log from Malwarebytes do the following:

• Click on the Reports tab > from main interface.
• Double click on the Scan log which shows the Date and time of the scan just performed.
• Click Export > From export you have two options: > From export you have two options:

    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
   

• Use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…
  

Next,

Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status...   Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Post those logs to your reply.. Thank s, Kevin

[kevinf80]

Any progress...?

[kevinf80]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!