Psychotic

Fine, then proceed with my other isntructions and you´re safe!

Please re-run the fix with FRST, but start the tool as administrator.

Your system is clean now! Uninstall our tools using delfix Please follow these steps in order: In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed. In any case please download delfix to your desktop. Close all other programms and start delfix. Please check all the boxes and run the tool. delfix will now delete all found traces of our removal process [*] If there is still something left please delete it manualy. Delete System Restore Points To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one. On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points. Recommendations: How to protect yourself System Updates Please ensure to have automatic updates activated in your control panel. For further information and a tutorial, see this Microsoft Support article. Protection What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly. Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free. To keep your browser free of advertising, you may install the Adblock Plus browser extension. It will filter unwanted advertising out of the website´s content. To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension. It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser. In addition, before accessing a dangerous classified web site, a warning screen is displayed. [*]Up to date Software Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check: Secunia Personal Software Inspector - checks if your software has updates available. SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software. Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser. [*]Backup Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough. While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware. Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything. When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system. Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.

You´re welcome!

Your system is clean now! Internet Explorer out of date Your version of Internet Explorer is outdated. Please download IE 11 from here Save it to your desktop. Double click on the file on your desktop to start the installation process. Reboot Defrag your hard drive Your hard drive is heavily fragmented. This may result in performance losses. If it is NOT an SSD drive, use a tool like Auslogic DiskDefrag to defrag the drive. Attention: During srtup, uncheck any additional tools the software may provide! Uninstall our tools using delfix Please follow these steps in order: In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed. In any case please download delfix to your desktop. Close all other programms and start delfix. Please check all the boxes and run the tool. delfix will now delete all found traces of our removal process [*] If there is still something left please delete it manualy. Delete System Restore Points To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one. On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points. Recommendations: How to protect yourself System Updates Please ensure to have automatic updates activated in your control panel. For further information and a tutorial, see this Microsoft Support article. Protection What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly. Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free. To keep your browser free of advertising, you may install the Adblock Plus browser extension. It will filter unwanted advertising out of the website´s content. To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension. It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser. In addition, before accessing a dangerous classified web site, a warning screen is displayed. [*]Up to date Software Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check: Secunia Personal Software Inspector - checks if your software has updates available. SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software. Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser. [*]Backup Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough. While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware. Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything. When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system. Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.

You´re welcome!

Then we can do the cleanup - if you are facing any issues, report that immediately. Delete junk with adwCleaner Please download AdwCleaner to your desktop. Run adwcleaner.exe Hit Scan and wait for the scan to finish. Confirm the message but don´t uncheck anything. Hit Clean When the run is finished, it will open up a text file Please post its contents within your next reply You´ll find the log file at C:\AdwCleaner[s1].txt also Delete junk with JRT Please download Junkware Removal Tool to your desktop. Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message. SecurityCheck Reboot your system before starting! Please download SecurityCheck: LINK1 LINK2 Save it to your desktop, start it and follow the instructions in the window. After the scan finished the (checkup.txt) will open. Copy its content to your thread. Tell me: Are any problems left now or may I post the final reply?

You may refresh the system files as often as you want to face occuring problems. We´re not finished yet! Then we can do the cleanup - if you are facing any issues, report that immediately. Delete junk with adwCleaner Please download AdwCleaner to your desktop. Run adwcleaner.exe Hit Scan and wait for the scan to finish. Confirm the message but don´t uncheck anything. Hit Clean When the run is finished, it will open up a text file Please post its contents within your next reply You´ll find the log file at C:\AdwCleaner[s1].txt also Delete junk with JRT Please download Junkware Removal Tool to your desktop. Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message. SecurityCheck Reboot your system before starting! Please download SecurityCheck: LINK1 LINK2 Save it to your desktop, start it and follow the instructions in the window. After the scan finished the (checkup.txt) will open. Copy its content to your thread. Tell me: Are any problems left now or may I post the final reply?

Delete C:\windows.old manually. Fix with FRST (normal mode) WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Download the attached fixlist.txt and save it to the location where FRST is saved to.Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply. Adobe Reader out of date Your Adobe Reader is outdated. We will fix this. Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.Run setup and follow the instructions.Click upon Start-->control panel-->add/remove programs.Search for and remove any older reader versions. Also update your chrome browser! Uninstall our tools using delfix Please follow these steps in order: In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.In any case please download delfix to your desktop.Close all other programms and start delfix.Please check all the boxes and run the tool.delfix will now delete all found traces of our removal processIf there is still something left please delete it manualy. Delete System Restore Points To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one. On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points. Recommendations: How to protect yourself System Updates Please ensure to have automatic updates activated in your control panel. For further information and a tutorial, see this Microsoft Support article.Protection What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly. Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.To keep your browser free of advertising, you may install the Adblock Plus browser extension. It will filter unwanted advertising out of the website´s content.To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension. It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser. In addition, before accessing a dangerous classified web site, a warning screen is displayed.Up to date Software Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:Secunia Personal Software Inspector - checks if your software has updates available.SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software.Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser.Backup Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system.Behaviour The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. fixlist.txt

Yes, the link is ok but you don´t need to run it anymore. JRT did the trick. Your system is clean now! Java runtime Environment out of date Your Java runtime environment is outdated. We will fix this. Get the actual JRE from here Save jxpiinstall.exe to your desktop Close all running programs, especially your browser(s) Run jxpiinstall.exe. This will download the newest JRE installer and install the software when finished, go to Start-->control panel-->add/remove programs and remove all older Java versions. (if existing) When finished, reboot your computer. After the reboot Open control panel again and click the java symbol. Click Settings under Temporary Internet Files. The Temporary Files Settings dialog box appears. Click Delete Files. The Delete Temporary Files dialog box appearsClick OK on Delete Temporary Files window.Click OK again. Mozilla Firefox out of date Your Firefox browser is outdated. Please follow these instructions to update it: Get the actual firefox from here. Run setup and follow the instructions on your monitor. Report any problems you have with the update. Uninstall our tools using delfix Please follow these steps in order: In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed. In any case please download delfix to your desktop. Close all other programms and start delfix. Please check all the boxes and run the tool. delfix will now delete all found traces of our removal process [*] If there is still something left please delete it manualy. Delete System Restore Points To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one. On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points. Recommendations: How to protect yourself System Updates Please ensure to have automatic updates activated in your control panel. For further information and a tutorial, see this Microsoft Support article. Protection What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly. Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free. To keep your browser free of advertising, you may install the Adblock Plus browser extension. It will filter unwanted advertising out of the website´s content. To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension. It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser. In addition, before accessing a dangerous classified web site, a warning screen is displayed. [*]Up to date Software Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check: Secunia Personal Software Inspector - checks if your software has updates available. SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software. Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser. [*]Backup Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough. While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware. Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything. When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system. Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.

Yes, this really looks like the doodle malfunctioned. It was good to scan your PC as we had to remove several malicious programs. Your system is clean now! Java runtime Environment out of date Your Java runtime environment is outdated. We will fix this. Get the actual JRE from here Save jxpiinstall.exe to your desktop Close all running programs, especially your browser(s) Run jxpiinstall.exe. This will download the newest JRE installer and install the software when finished, go to Start-->control panel-->add/remove programs and remove all older Java versions. (if existing) When finished, reboot your computer. After the reboot Open control panel again and click the java symbol. Click Settings under Temporary Internet Files. The Temporary Files Settings dialog box appears. Click Delete Files. The Delete Temporary Files dialog box appearsClick OK on Delete Temporary Files window.Click OK again. Mozilla Thunderbird out of date Your Thunderbird mail client is outdated. Please follow these instructions to update it: Get the actual Thunderbird from here. Run setup and follow the instructions on your monitor. Report any problems you have with the update. Defrag your hard drive Your hard drive is heavily fragmented. This may result in performance losses. If it is NOT an SSD drive, use a tool like Auslogic DiskDefrag to defrag the drive. Be careful during setup and uncheck any additional software it provides! Also update your antivirus! Uninstall our tools using delfix Please follow these steps in order: In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed. In any case please download delfix to your desktop. Close all other programms and start delfix. Please check all the boxes and run the tool. delfix will now delete all found traces of our removal process [*] If there is still something left please delete it manualy. Delete System Restore Points To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one. On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points. Recommendations: How to protect yourself System Updates Please ensure to have automatic updates activated in your control panel. For further information and a tutorial, see this Microsoft Support article. Protection What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly. Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free. To keep your browser free of advertising, you may install the Adblock Plus browser extension. It will filter unwanted advertising out of the website´s content. To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension. It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser. In addition, before accessing a dangerous classified web site, a warning screen is displayed. [*]Up to date Software Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check: Secunia Personal Software Inspector - checks if your software has updates available. SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software. Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser. [*]Backup Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough. While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware. Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything. When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system. Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.

Please do nothing on your own while being helped here. Follow these instructions to remove and reinstall Malwarebytes. When finished, run a scan following my instructions above and post the log.

I can´t find malicious modifications or errors. Seems like windows itself is broken. Please follow these instructions to refresh the system files of windows. Your personal files will not be harmed. Tell me if that worked for you.

Fix with FRST (normal mode) WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Download the attached fixlist.txt and save it to the location where FRST is saved to.Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply. When finished, please rescan with ESET. I know that it takes a huge amount of time, but I want to ensure everything is gone. fixlist.txt

Which directory has been deleted? I´ll write an FRST script for the remainings

This is not malware related - it looks like a malfunction of the google doodle. Let me do some research (as I have no idea how to get rid of this at the moment...)

Your system is clean now! Java runtime Environment out of date Your Java runtime environment is outdated. We will fix this. Get the actual JRE from here Save jxpiinstall.exe to your desktop Close all running programs, especially your browser(s) Run jxpiinstall.exe. This will download the newest JRE installer and install the software when finished, go to Start-->control panel-->add/remove programs and remove all older Java versions. (if existing) When finished, reboot your computer. After the reboot Open control panel again and click the java symbol. Click Settings under Temporary Internet Files. The Temporary Files Settings dialog box appears. Click Delete Files. The Delete Temporary Files dialog box appearsClick OK on Delete Temporary Files window.Click OK again. Uninstall our tools using delfix Please follow these steps in order: In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed. In any case please download delfix to your desktop. Close all other programms and start delfix. Please check all the boxes and run the tool. delfix will now delete all found traces of our removal process [*] If there is still something left please delete it manualy. Delete System Restore Points To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one. On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points. On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points. Recommendations: How to protect yourself System Updates Please ensure to have automatic updates activated in your control panel. For further information and a tutorial, see this Microsoft Support article. Protection What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly. Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free. To keep your browser free of advertising, you may install the Adblock Plus browser extension. It will filter unwanted advertising out of the website´s content. To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension. It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser. In addition, before accessing a dangerous classified web site, a warning screen is displayed. [*]Up to date Software Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check: Secunia Personal Software Inspector - checks if your software has updates available. SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software. Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser. [*]Backup Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough. While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware. Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything. When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system. Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.

Please set your desktop background to a plain color, f.e. black. Tell me if that worked for you.

Is this a movable icon or has your desktop background been changed?

Chrome is hard to modify...:-( Please follow these instructions to reset chrome: https://support.google.com/chrome/answer/3296214?hl=en Tell me if that worked

OK, what about the custom search now? ^^

Hi there, my name is Marius and I will assist you with your malware related problems. Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding. Fix with FRST (normal mode) WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Download the attached fixlist.txt and save it to the location where FRST is saved to.Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply. Full System Scan with Malwarebytes Antimalware If not existing, please download Malwarebytes Anti-Malware to your desktop.Double-click the downloaded setup file and follow the prompts to install the program.At the end, be sure a checkmark is placed next to the following:Launch Malwarebytes Anti-MalwareA 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.Click Finish. If the program is already installed: Run Malwarebytes AntimalwareOn the Dashboard, click the 'Update Now >>' linkAfter the update completes, click the 'Scan Now >>' button.Or, on the Dashboard, click the Scan Now >> button.If an update is available, click the Update Now button.A Threat Scan will begin.When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.In most cases, a restart will be required.Wait for the prompt to restart the computer to appear, then click on Yes. After the restart once you are back at your desktop, open MBAM once more.Click on the History tab > Application Logs.Double click on the scan log which shows the Date and time of the scan just performed.Click 'Copy to Clipboard'Paste the contents of the clipboard into your reply. Scan with ESET Online Scan Please go to here to run the online scannner from ESET. Turn off the real time scanner of any existing antivirus program while performing the online scanTick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the activex control to installClick StartMake sure that the option Remove found threats is untickedClick on Advanced Settings and ensure these options are ticked:Scan for potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth TechnologyClick ScanWait for the scan to finishIf any threats were found, click the 'List of found threats' , then click Export to text file....Save it to your desktop, then please copy and paste that log as a reply to this topic. fixlist.txt

Are any problems left or may I post the final reply?

Please delete your existing copy of JRT. Delete junk with JRT Please download Junkware Removal Tool to your desktop. Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message.

Run FRST, check the boxes for addition.txt and shortcut.txt and hit scan. Provide the logs, when ready. We have removed the threat itself but it is a bit different to get rid of the altered browser settings in chrome.