im not sure if its a trojan or malware

[Seronix]

i was going this far yesterday that i cleaned with malwarebytes anti-malware the trojan or what ever it is.
for the rest of the day i had no issuese i could play search on the internet and everything.
but the only thing that didnt got fixxed was this page called "miweichnpyu.ru" that was always loading when i restart my browser.

and now today about 1h ago it was starting again.
i could not load pages could not connect to games adds where everywhere and yeah thats it.
i used malwarebytes anti-malware again and it found like 1.9k dangerous files and i deleted them.
but nothing got fixxed.
than i watched all my installed programms and deleted everything what i downloaded at october 3. 4. 5. 6. 7. 8. and 9. just to make sure everything bad is gone.

now my pages load fine again and i guess i can play again too.

when i started my opera browser there wasnt even the page loading like everytime only 2 pages where open where it said could not load the page.

im not sure if im safe now or if i need to do something to make sure im fine.
because this thing came back once i dont want it to come back twice.

 

[TwinHeadedEagle]

Hello,


Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
  
  
  
  
  
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

[Seronix]

some parts in the files are in german but i hope its ok for you

 

[TwinHeadedEagle]

That was my reaction seeing all of that Adware installations. First I thought this was unreal and I thought you purposely installed all of this adware.

We need to start somewhere.

Please uninstall following programs:

Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.2.0 - IObit)
Better Gmail (HKLM-x32\...\{7BCAC0EB-3993-2416-0531-848C39DF8B65}) (Version: - "") <==== ACHTUNG
Claro Chrome Toolbar (HKLM-x32\...\{069B290F-5398-4629-A009-85B4BCB4B1B9}) (Version: 1.0.0.2 - Claro) <==== ACHTUNG
ContinueToSave (HKLM\...\ContinueToSave) (Version: 1.0 - BetterSoft) <==== ACHTUNG
Driver Booster 3.3 (HKLM-x32\...\Driver Booster_is1) (Version: 3.3 - IObit)
Effective Measure Community Plugin (HKLM-x32\...\{4E5FE462-1A84-47B4-3411-C72434AAD86C}) (Version: - "") <==== ACHTUNG
EXEcheCker (HKLM-x32\...\{86593088-CB6B-8BD7-2277-397C45F99E2D}) (Version: - EXXEchecker) <==== ACHTUNG
FoxyDeal version 1.0.0 (HKLM-x32\...\FoxyDeal_is1) (Version: 1.0.0 - R&E Media GmbH) <==== ACHTUNG
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ACHTUNG
Internet Explorer Toolbar 4.7 by SweetPacks (HKLM-x32\...\{0110EF3B-85D7-4365-B585-4C521CFA9064}) (Version: 4.7.0002 - SweetIM Technologies Ltd.) <==== ACHTUNG
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.1 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.6.101 - IObit)
JFileManager (HKLM-x32\...\JFileManager) (Version: v1.10 - TUGUU SL) <==== ACHTUNG
KinGCoupon (HKLM-x32\...\{5C28578D-D0F1-699F-01B0-CC0653A28C11}) (Version: - "") <==== ACHTUNG
metaCrawler (HKLM-x32\...\metaCrawler) (Version: - metaCrawler) <==== ACHTUNG
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: - PC Utilities Software Limited) <==== ACHTUNG
Picasa Instant Upload Move Enabler (HKLM-x32\...\{6C998B44-82D8-CC7E-D847-4CD73036412A}) (Version: - "") <==== ACHTUNG
ProxyGate version 3.0.0.1176 (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1) (Version: 3.0.0.1176 - Gold Click Ltd) <==== ACHTUNG
QueeinnCouapon (HKLM-x32\...\{3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}) (Version: - "") <==== ACHTUNG
Save Sense (remove only) (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Save Sense) (Version: 6.4.1.0 - SaveSense) <==== ACHTUNG
SaveSense (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\SaveSense) (Version: 6.4.0.0 - SaveSense) <==== ACHTUNG
saviiNshop (HKLM-x32\...\{70BD2558-27DA-8B02-02D0-D8704ECD2EDF}) (Version: - savainshop) <==== ACHTUNG
Savings Bull (HKLM\...\Level Quality Watcher) (Version: v1.01 - Savings Bull) <==== ACHTUNG
SeaalesChheckeeRi (HKLM-x32\...\{CC17A332-9555-AD95-3985-0BDD9BF0EC71}) (Version: - "") <==== ACHTUNG
Search Assistant MocaFlix 1.66 (HKLM-x32\...\SP_8e4eb48d) (Version: - ) <==== ACHTUNG
Settings Manager (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Settings Manager) (Version: 21.4.0.1 - Spigot, Inc.) <==== ACHTUNG
ShopperMaaSteer (HKLM-x32\...\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}) (Version: - "") <==== ACHTUNG
Shopping Helper Smartbar Engine (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\{444d80db-07eb-4221-af66-f366cf8aff55}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ACHTUNG
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.0.2 - IObit)
Speech recognition for Gmail (HKLM-x32\...\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}) (Version: - "") <==== ACHTUNG
ssurfkEepit (HKLM-x32\...\{594FD08C-0622-F9B8-CB02-7C1355D33CB8}) (Version: - Surfkeeepitu) <==== ACHTUNG
SualesMagnet (HKLM-x32\...\{3119AFD3-545C-0955-573A-494F62E61990}) (Version: - "") <==== ACHTUNG
SweetIM for Messenger 3.7 (HKLM-x32\...\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}) (Version: 3.7.0007 - SweetIM Technologies Ltd.) <==== ACHTUNG
topDeali (HKLM-x32\...\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}) (Version: - "") <==== ACHTUNG
TTIcTaCOOuupon (HKLM-x32\...\{E370F69F-ED3F-925F-31FC-14D1329A713B}) (Version: - "") <==== ACHTUNG
Update for Zip Extractor (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\DigitalSite) (Version: - ) <==== ACHTUNG
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ACHTUNG
Update_for_BonanzaDeals (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Bonanza) (Version: - Update_for_BonanzaDeals) <==== ACHTUNG
VIS (HKLM-x32\...\VIS) (Version: - ) <==== ACHTUNG
YTD Video Downloader 4.8 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL) <==== ACHTUNG
Zip Extractor Packages (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\Zip Extractor Packages) (Version: - ) <==== ACHTUNG


If you're unable to install some of them, just skip it.

 

[Seronix]

ok i deleted now all of the following programs.
but i had some problems while uninstalling them.
some programms wont uninstall and some programms i could not find.
i list the programms i could not delet down here.



Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.2.0 - IObit)
Better Gmail (HKLM-x32\...\{7BCAC0EB-3993-2416-0531-848C39DF8B65}) (Version: - "") <==== ACHTUNG
Driver Booster 3.3 (HKLM-x32\...\Driver Booster_is1) (Version: 3.3 - IObit)
Effective Measure Community Plugin (HKLM-x32\...\{4E5FE462-1A84-47B4-3411-C72434AAD86C}) (Version: - "") <==== ACHTUNG
EXEcheCker (HKLM-x32\...\{86593088-CB6B-8BD7-2277-397C45F99E2D}) (Version: - EXXEchecker) <==== ACHTUNG
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ACHTUNG
Internet Explorer Toolbar 4.7 by SweetPacks (HKLM-x32\...\{0110EF3B-85D7-4365-B585-4C521CFA9064}) (Version: 4.7.0002 - SweetIM Technologies Ltd.) <==== ACHTUNG
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.1 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.6.101 - IObit)
KinGCoupon (HKLM-x32\...\{5C28578D-D0F1-699F-01B0-CC0653A28C11}) (Version: - "") <==== ACHTUNG
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: - PC Utilities Software Limited) <==== ACHTUNG
Picasa Instant Upload Move Enabler (HKLM-x32\...\{6C998B44-82D8-CC7E-D847-4CD73036412A}) (Version: - "") <==== ACHTUNG
QueeinnCouapon (HKLM-x32\...\{3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}) (Version: - "") <==== ACHTUNG
saviiNshop (HKLM-x32\...\{70BD2558-27DA-8B02-02D0-D8704ECD2EDF}) (Version: - savainshop) <==== ACHTUNG
Savings Bull (HKLM\...\Level Quality Watcher) (Version: v1.01 - Savings Bull) <==== ACHTUNG
SeaalesChheckeeRi (HKLM-x32\...\{CC17A332-9555-AD95-3985-0BDD9BF0EC71}) (Version: - "") <==== ACHTUNG
ShopperMaaSteer (HKLM-x32\...\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}) (Version: - "") <==== ACHTUNG
Shopping Helper Smartbar Engine (HKU\S-1-5-21-2260964575-2753946872-1401531445-1001\...\{444d80db-07eb-4221-af66-f366cf8aff55})(Version: 11.82.63.17791 - ReSoft Ltd.) <==== ACHTUNG
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.0.2 - IObit)
Speech recognition for Gmail (HKLM-x32\...\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}) (Version: - "") <==== ACHTUNG
ssurfkEepit (HKLM-x32\...\{594FD08C-0622-F9B8-CB02-7C1355D33CB8}) (Version: - Surfkeeepitu) <==== ACHTUNG
SualesMagnet (HKLM-x32\...\{3119AFD3-545C-0955-573A-494F62E61990}) (Version: - "") <==== ACHTUNG
SweetIM for Messenger 3.7 (HKLM-x32\...\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}) (Version: 3.7.0007 - SweetIM Technologies Ltd.) <==== ACHTUNG
topDeali (HKLM-x32\...\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}) (Version: - "") <==== ACHTUNG
TTIcTaCOOuupon (HKLM-x32\...\{E370F69F-ED3F-925F-31FC-14D1329A713B}) (Version: - "") <==== ACHTUNG
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ACHTUNG

 

[TwinHeadedEagle]

Please download Zemana AntiMalware and save it to your Desktop.

• Install the program and once the installation is complete it will start automatically.
• Without changing any options, press Scan to begin.
• After the short scan is finished, if threats are detected press Next to remove them.

Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please restart your computer manually.​

• Open Zemana AntiMalware again.
• Click on
  
  icon and double click the latest report.
• Now click File > Save As and choose your Desktop before pressing Save.
• The only left thing is to attach saved report in your next message.

Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Accept the Terms of use.
• Wait until the database is updated.
• Click Scan.
• When finished, please click Clean.
• Your PC should reboot now.
• After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner