ok so i runed OLT with the customization provided and here are the links:
olt: http://cjoint.com/13jn/CFfwdOlLXHi.htm
extras: http://cjoint.com/13jn/CFfwes4286U.htm
you didn’t click on the link to configure it like I asked
don’t use internet explorer for the moment , the start page isn’t conventional
sorry missed that bit rescanning now
no problem 
Unless you’ve been approved by someone from Avast, please do not interfere or help those customers
who come here looking for qualified malware removal.
ok I explained all to Magna86 , contact him please
“Don’t interfere”
? I took first this topic
He is a qualified Malware remover but not an Avast employee. Until they approve your credentials,
My original post remains. Those are the rules.
This isn’t a competition. It doesn’t matter who took the topic first. What counts in this case is who is qualified to help the customer.
When I see that you recommend to aswmbr while you do not even know first if the mbr is infected, I 'd like to know where are the rules.
You make use tools while there is no reason
Malwarebytes is not a magic powder , it not detects All
I haven’t recommended anything. I’m smart enough to not interfere in something I’m not qualified to answer.
You may be the best at what you’re trying to do but you need approval.
Be patient. First rule is to do no harm. If you want to help than please wait till you’ve been given a green light.
I know the rules of the desinfection for 5 years, I spend 16 hours a day to desinfect computers and I am developper, if you want to know everything request to magna86 I have not desire to repeat 50 times the same things
ok this are the OTL scan results witch the Customization and config
ok let me the time to study it i come back with what is coming after
@g3n-h@ckm@n
Please continue with malware removal. You are “on probe”. 
Cheers,
magna
Thanks
==
a question before :
do you use “Pando Media Booster” ?
It uses many resources of the computer
If you do not use it, I recommend you to uninstall it
don’t know what the Pando Media Booster is for exactly however i play" Ligue of Legends" and it seams to be a software used by that game from what i have noticed after googleing it.
Please c this lol forum thread for more info.
http://na.leagueoflegends.com/board/showthread.php?t=2481176
ok I let it , be patient, it’ll not take a long time
You had Kaspersky before ? ^^
====================
If you have XP = > double click
If you have Vista or Windows 7/8 = > right click “as administrator”
On OTL to execute it
Copy the list which is bold below,paste it in the zone under “Customization”(“Personalization”) :
[b]
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
safari.exe
opera.exe
rundll32.exe
:OTL
FF - HKLM\Software\MozillaPlugins@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
:Reg
[HKU\S-1-5-21-634944359-2489888201-1644717415-1000\SOFTWARE\Microsoft\Internet Explorer\Main]
“Start Page”=“http://www.google.com”
[-HKEY_CURRENT_USER\Software\Ó¦ÓóÌÐòÏòµ¼Éú³ÉµÄ±¾µØÓ¦ÓóÌÐò]
:Files
C:\Users\bartek\MBR.dat
C:\eula..txt
C:\install.res..dll
C:\msdia80.dll
C:\Users\bartek\AppData\Local\28050
:commands
[emptytemp][/b]
click “Correction” to launch The deletion
Post the report which logically will open alone at the end of work after the reboot
no only used avast molwarebytes and iObit
Ironically IObit is the software that got me in to this mess:)
The software popped that there is a client ubdate download available i opened the page from there, and got a download link to cent download which is a respectable site and after i installed that new iObit version i got all that unwanted browser stuff.
some info about IObit company you may want to read
http://www.malwarebytes.org/forums/index.php?showtopic=29681
http://www.malwarebytes.org/forums/index.php?showtopic=30989
http://www.malwarebytes.org/forums/index.php?showtopic=33217
yes they are stealers ^^
the script is above
Frankly i find the fat that a piece of antimalware software comes with hidden malware-like stuff a serious breach of consumer trust.