Possible Malware?

Working your logs now, pleasehelpme2...

 

You're welcome!

re: Using Malwarebytes Anti-Malware
Please re-run Malwarebytes and Remove Selected. Upload the new log.

Re-run RogueKiller.exe. (Vista/Windows7/8/10 users should right-click and select "Run as Administrator")
After it finishes the scan, select everything under these tabs and then click the Delete button.

¤¤¤ Registry ¤¤¤
¤¤¤ Files ¤¤¤
​

Then immediately reboot your PC.

When it is finished, there will be a log on your desktop called: RKreport[2].txt
Upload RKreport[2].txt to your next message.
After uploading RKreport[2].txt, now run a new scan with RogueKiller and save a log as in the original instructions and upload that new log also.

Now re-scan with Hitman Pro and have it delete everything under the headings of

• Potential Unwanted Programs
• Malware remnants

Ignore all other detections.
Afterwards, click the Next button.
Now reboot the PC in order for the changes to take affect.

After reboot and when you are back in Windows, rescan with HitmanPro and upload that new log.

Uninstall the below software using
GeekUninstaller 1.4.0.88, a portable appl.

Java 8 Update 51 <= outdated
QponPrinterV2 1.0.3​

Now run CCleaner to empty out the trash.

*Upload all requested logs and tell me how the pc is running.

 

Yes. Please read my instructions closely and don't do things on your own. That's what changing what I saw in the original logs and what you see now. Also go back and view the original MB log that you uploaded. See what I mean?

Continue on with my instructions, please.

 

Please rescan with Hitman Pro and upload an updated log.

Also - please download Junkware Removal Tool to your desktop.

• Make sure to shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Note: That JRT may reset your home page to a google default so you will need to restore your home page setting if this happens.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Upload JRT.txt to your next message.

Describe how the pc is running.

 

Are you wanting to complete the malware cleaning, helpmeplease2?

 

Of course! I wish you a swift recovery and this thread will remain open. We'll continue when you're ready.

dr.m

 

Yes, all of the (CouponBar) listings.

 

Those logs look good, by the way.

 

Now run this online scan on both PCs and then upload the resulting logs. *NOTE: Each log to the proper thread:
eSet Online Scan

 

Yes

 

I see the "Adware.Toolbar" detection and also the expected False Detection on a process in MGTools. You can close the scanner now.

What does that mean???

Describe how the pc is running.

 

Now run the below instructions and upload the logs.

Please download ZHPcleaner to your desktop.

• Close all applications (including your web browsers and antivirus)
• Double-click on ZHPCleaner to run the tool.
• If you are using Windows Vista, 7/8/10; instead of double-clicking, right-mouse click ZHPCleaner and select "Run as Administrator".
• Please click the "J'accepte/I agree" button.
  • First press the "Scanner" button. Be patient, the scan takes longer than 5mins.
  • Then press the ''Repair'' button.
• Browsers will automatically shut down.
• A logfile will automatically open after the scan has finished.
• Please upload that logfile with your next reply.

Then, download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done you'll see: Pending: Please uncheck elements you don't want removed.
• Now click on the Report button...a logfile (AdwCleaner[S#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• Upload this log to your next reply.

 

Run the last instructions that I gave, upload the logs... then tell me how the machine is running.

 

Keyboard issues aren't part of this malware removal.

Yes. *There are online language translation sites, such as
https://www.google.com/#q=french+to+english+translation

EDIT: A reminder to run all suggested tools while browsers are ClOSED.

 

NOTE: This site gets an approval from VirusTotal URL Scanner and WOT.

http://ccm.net/download/download-24750-zhpcleaner

 

You're welcome... but we're not finished.

Using AdwCleaner.exe previously downloaded:

• Double click on AdwCleaner.exe to run the tool. (Vista, Win7/8/10 users should right-click and "Run As Administrator")
• Click on the Scan button.
• When the scan has completed, click on the Clean button.
• Press OK when asked to close all programs and follow the on-screen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Upload this log to your next reply.

 

Again - you're welcome. I'll get a notification when you do post in the other thread.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase it, it provide no protection. It do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. Go back to step 6 of the READ ME and re-enable your Disk Emulation software with Defogger if you had disabled it.
3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
4. If running Vista, Win 7/8/10 - it is time to make sure you have re-enabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Go to add/remove programs and uninstall HijackThis.
6. Go to the C:\MGtools folder and find the MGclean.bat file. Double-click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
7. If you are running Win 7/8/10, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 6 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
8. After doing the above, you should work through the below link:
   • How to Protect yourself from malware!

Safe surfing!