Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
I have a Police Central e-crime Unit ransomware which blocks EVERYTHING :(
Message
<blockquote data-quote="ThCorp" data-source="post: 122810" data-attributes="member: 8544"><p># AdwCleaner v2.301 - Logfile created 05/30/2013 at 12:33:35</p><p># Updated 16/05/2013 by Xplode</p><p># Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)</p><p># User : TOMI - TOMI-PC</p><p># Boot Mode : Normal</p><p># Running from : C:\Users\TOMI\Desktop\AdwCleaner.exe</p><p># Option [Delete]</p><p></p><p></p><p>***** [Services] *****</p><p></p><p></p><p>***** [Files / Folders] *****</p><p></p><p>File Deleted : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\searchplugins\SweetIm.xml</p><p>Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar</p><p>Folder Deleted : C:\Program Files (x86)\SweetIM</p><p>Folder Deleted : C:\ProgramData\SweetIM</p><p>Folder Deleted : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}</p><p></p><p>***** [Registry] *****</p><p></p><p>Key Deleted : HKCU\Software\Conduit</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKCU\Software\Softonic</p><p>Key Deleted : HKCU\Software\YahooPartnerToolbar</p><p>Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils</p><p>Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1</p><p>Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator</p><p>Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1</p><p>Key Deleted : HKLM\SOFTWARE\Classes\sim-packages</p><p>Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar</p><p>Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1</p><p>Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook</p><p>Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1</p><p>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\Software\Conduit</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}</p><p>Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]</p><p>Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]</p><p>Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]</p><p>Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]</p><p>Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]</p><p></p><p>***** [Internet Browsers] *****</p><p></p><p>-\\ Internet Explorer v10.0.9200.16576</p><p></p><p>[OK] Registry is clean.</p><p></p><p>-\\ Mozilla Firefox v11.0 (fr)</p><p></p><p>File : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\prefs.js</p><p></p><p>[OK] File is clean.</p><p></p><p>-\\ Google Chrome v27.0.1453.94</p><p></p><p>File : C:\Users\TOMI\AppData\Local\Google\Chrome\User Data\Default\Preferences</p><p></p><p>Deleted [l.3043] : urls_to_restore_on_startup = [ "hxxps://www.facebook.com/", "hxxps://mail.google.com/mail/?ui[...]</p><p></p><p>*************************</p><p></p><p>AdwCleaner[R1].txt - [6314 octets] - [30/05/2013 12:29:45]</p><p>AdwCleaner[S1].txt - [315 octets] - [30/05/2013 12:33:09]</p><p>AdwCleaner[S2].txt - [5959 octets] - [30/05/2013 12:33:35]</p><p></p><p>########## EOF - C:\AdwCleaner[S2].txt - [6019 octets] ##########</p></blockquote><p></p>
[QUOTE="ThCorp, post: 122810, member: 8544"] # AdwCleaner v2.301 - Logfile created 05/30/2013 at 12:33:35 # Updated 16/05/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : TOMI - TOMI-PC # Boot Mode : Normal # Running from : C:\Users\TOMI\Desktop\AdwCleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** File Deleted : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\searchplugins\SweetIm.xml Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar Folder Deleted : C:\Program Files (x86)\SweetIM Folder Deleted : C:\ProgramData\SweetIM Folder Deleted : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} ***** [Registry] ***** Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8} Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Key Deleted : HKLM\SOFTWARE\Classes\sim-packages Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}] ***** [Internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Registry is clean. -\\ Mozilla Firefox v11.0 (fr) File : C:\Users\TOMI\AppData\Roaming\Mozilla\Firefox\Profiles\8nis2nwb.default\prefs.js [OK] File is clean. -\\ Google Chrome v27.0.1453.94 File : C:\Users\TOMI\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.3043] : urls_to_restore_on_startup = [ "hxxps://www.facebook.com/", "hxxps://mail.google.com/mail/?ui[...] ************************* AdwCleaner[R1].txt - [6314 octets] - [30/05/2013 12:29:45] AdwCleaner[S1].txt - [315 octets] - [30/05/2013 12:33:09] AdwCleaner[S2].txt - [5959 octets] - [30/05/2013 12:33:35] ########## EOF - C:\AdwCleaner[S2].txt - [6019 octets] ########## [/QUOTE]
Insert quotes…
Verification
Post reply
Top