Help removing malware - computer 3

Ran the procedures on another computer and removed a good deal of junk.

Files are attached.

Thanks

 

Scan with HijackThis and check the boxes for the following entries:
( Make sure ALL browser windows are closed when you click FIX )

O4 - HKLM\..\Run: [oatfvsudud] C:\WINDOWS\System32\hmqnza.exe

O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)

Again, make sure ALL browser windows are closed when you click FIX.

Now, Please boot into Safe Mode, be sure you have the Viewing of Hidden Files & Folders Enabled per the tutorial. Now, navigate to and DELETE the following if they should remain:

C:\Program Files\Ebates_MoeMoneyMaker ← Delete this whole folder if it exist!

C:\WINDOWS\kwv2.dat

Next, run CCleaner to clean up cookies and temp files.

Finally, I would like you to flush your System Restore points. Please follow the instructions in the below:

• Disable and Re-enable System Restore
  
  
• Turn OFF System Restore to flush any bad Restore Points.
  
  
• Then, follow the instructions at the bottom of the linked page to Re-enable the Restore Utility which will create a fresh restore point.

After you complete the above reboot once more and then scan with HijackThis and attach the new log.

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now.

 

I removed the two lines with HJT.

Ebates_MoeMoneyMaker folder doesn't exist. I uninstalled the program when I started the cleanup process.

I removed kwv2.dat and ran CCleaner.

System restore points flushed and new point created.

New HJT log is attached.

 

Your log looks good, are you having any further problems?

 

No, the computer is running well. Thank you for the help.

 

Your Welcome!