Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
I have a Police Central e-crime Unit ransomware which blocks EVERYTHING :(
Message
<blockquote data-quote="ThCorp" data-source="post: 122808" data-attributes="member: 8544"><p># AdwCleaner v2.301 - Logfile created 05/30/2013 at 12:29:45</p><p># Updated 16/05/2013 by Xplode</p><p># Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)</p><p># User : TOMI - TOMI-PC</p><p># Boot Mode : Normal</p><p># Running from : C:\Users\TOMI\Desktop\AdwCleaner.exe</p><p># Option [Search]</p><p></p><p></p><p>***** [Services] *****</p><p></p><p></p><p>***** [Files / Folders] *****</p><p></p><p>File Found : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\searchplugins\SweetIm.xml</p><p>Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar</p><p>Folder Found : C:\Program Files (x86)\SweetIM</p><p>Folder Found : C:\ProgramData\SweetIM</p><p>Folder Found : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}</p><p></p><p>***** [Registry] *****</p><p></p><p>Key Found : HKCU\Software\Conduit</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKCU\Software\Softonic</p><p>Key Found : HKCU\Software\YahooPartnerToolbar</p><p>Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}</p><p>Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils</p><p>Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1</p><p>Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator</p><p>Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1</p><p>Key Found : HKLM\SOFTWARE\Classes\sim-packages</p><p>Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar</p><p>Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1</p><p>Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook</p><p>Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1</p><p>Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie</p><p>Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1</p><p>Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}</p><p>Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\Software\Conduit</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}</p><p>Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}</p><p>Key Found : HKU\S-1-5-21-2859402052-3199446746-1923838893-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}</p><p>Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]</p><p>Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]</p><p>Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]</p><p>Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]</p><p>Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]</p><p></p><p>***** [Internet Browsers] *****</p><p></p><p>-\\ Internet Explorer v10.0.9200.16576</p><p></p><p>[OK] Registry is clean.</p><p></p><p>-\\ Mozilla Firefox v11.0 (fr)</p><p></p><p>File : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\prefs.js</p><p></p><p>[OK] File is clean.</p><p></p><p>-\\ Google Chrome v27.0.1453.94</p><p></p><p>File : C:\Users\TOMI\AppData\Local\Google\Chrome\User Data\Default\Preferences</p><p></p><p>Found [l.3043] : urls_to_restore_on_startup = [ "hxxps://www.facebook.com/", "hxxps://mail.google.com/mail/?ui=2&shva=1#inbox", "hxxps://dub116.mail.live.com/default.aspx?id=64855&owa=1&owasuffix=owa%2f", "hxxp://translate.google.com/#fr/en/", "hxxps://www.google.com/calendar/render?pli=1", "hxxp://fr.anno-online.com/fr/jouer", "hxxp://movies.netflix.com/WiHome?movieid=70170559" ]</p><p></p><p>*************************</p><p></p><p>AdwCleaner[R1].txt - [6197 octets] - [30/05/2013 12:29:45]</p><p></p><p>########## EOF - C:\AdwCleaner[R1].txt - [6257 octets] ##########</p></blockquote><p></p>
[QUOTE="ThCorp, post: 122808, member: 8544"] # AdwCleaner v2.301 - Logfile created 05/30/2013 at 12:29:45 # Updated 16/05/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : TOMI - TOMI-PC # Boot Mode : Normal # Running from : C:\Users\TOMI\Desktop\AdwCleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** File Found : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\searchplugins\SweetIm.xml Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar Folder Found : C:\Program Files (x86)\SweetIM Folder Found : C:\ProgramData\SweetIM Folder Found : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} ***** [Registry] ***** Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\YahooPartnerToolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8} Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Key Found : HKLM\SOFTWARE\Classes\sim-packages Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Key Found : HKLM\Software\Conduit Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Found : HKU\S-1-5-21-2859402052-3199446746-1923838893-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}] ***** [Internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Registry is clean. -\\ Mozilla Firefox v11.0 (fr) File : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\prefs.js [OK] File is clean. -\\ Google Chrome v27.0.1453.94 File : C:\Users\TOMI\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.3043] : urls_to_restore_on_startup = [ "hxxps://www.facebook.com/", "hxxps://mail.google.com/mail/?ui=2&shva=1#inbox", "hxxps://dub116.mail.live.com/default.aspx?id=64855&owa=1&owasuffix=owa%2f", "hxxp://translate.google.com/#fr/en/", "hxxps://www.google.com/calendar/render?pli=1", "hxxp://fr.anno-online.com/fr/jouer", "hxxp://movies.netflix.com/WiHome?movieid=70170559" ] ************************* AdwCleaner[R1].txt - [6197 octets] - [30/05/2013 12:29:45] ########## EOF - C:\AdwCleaner[R1].txt - [6257 octets] ########## [/QUOTE]
Insert quotes…
Verification
Post reply
Top