have followed instructions--here's my log files

Welcome to MGs!

Seems you did not follow the steps for making your BitDefender log exactly as written. All you saved was a log summary which is of now help to us. You have a WareOut infection we need to work on. Hang on while I look at the rest of your log and work up a fix.

 

Did you look in Add/Remove programs for the below?
MyWay
Need2Find

If found, uninstall them.

 

Okay. let's attack the WareOut infection.

Look in Add/Remove programs for UnSpyPC and uninstall if found.

Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe

• Save it to your desktop and then run it by double clicking on it. It creates a folder named c:\fixwareout.
• Click Next, then Install.
• Then make sure Run fixit is checked (this runs C:\fixwareout\fixit.bat). And then click Finish.
• The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so.
• Your system may take longer than usual to load; this is normal.
• When your system reboots, follow the prompts. Afterwards, HijackThis will launch. Please click Scan, and check the following items if they still exist:

R3 - URLSearchHook: (no name) - {F50F04E7-4C38-BCBB-DD6E-DD30A1CA613C} - media64.dll (file missing)
O1 - Hosts: localhost 127.0.0.1
O4 - HKLM\..\Run: [dmkny.exe] C:\WINDOWS\System32\dmkny.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CFB5971-E5A4-451E-BC4E-63CDB9F1139B}: NameServer = 85.255.115.46,85.255.112.154
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8CFD013-7F1C-4F05-B047-C8F630D7363B}: NameServer = 85.255.115.46,85.255.112.154


After clicking Fix Checked, close HijackThis, and click OK to proceed.

At the end of the fix, reboot into safe mode and use Windows Explorer to double check for the below files and delete if found (many of these may already be gone):
C:\WINDOWS\SYSTEM32\favset.exe
C:\WINDOWS\SYSTEM32\r.exe
C:\WINDOWS\rdt.ini
C:\WINDOWS\system32\howiper.exe
C:\WINDOWS\System32\dmkny.exe
C:\WINDOWS\System32\media64.dll
C:\Program Files\UnSpyPC <--- delete the whole folder if found

Now reboot into normal mode and please attach the contents of the logfile C:\fixwareout\report.txt

There could be additional cleanup to do from Wareout and it the log will let us know.

Also attach a new HijackThis log.

 

You're clean now. Are you having any other malware issues?

 

You're welcome. Let me know the results of the external keyboard.

If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

After that, you should work thru the below link:

How to Protect yourself from malware!