Hi,
========== First ==========
Check USB storage devices / removable drives
Download MCShield from one of the following links:
MyCity - Official download link
Softpedija - Mirror download link
[*] Double click MCShield-Setup to install the application.
[*] Wait a few seconds to MCShield finish initial scan.
Recommendation to under General and Scanner tab you click on Defaults button to choose recommended options.
[*] Connect your USB storage devices to the computer one at a time. Scanning will be done automatically.
When all scanning is done, you need to attach a logreport that has made MCShield.
Start → All Programs → MCShield → Logs
Attach here → AllScans.txt
Explanation: USB storage devices are all the USB devices that get their own partition letter at connecting to the PC,
e.g. flash drives (thumb/pen drives, USB sticks), external HDDs, MP3/MP4 players, digital cameras,
memory cards (SD cards, Sony Memory Stick, MultiMedia Cards etc.), some mobile phones, some GPS navigation devices etc.
========== Next ==========
Re-run OTL.exe.
[*]Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.
:Commands
[CREATERESTOREPOINT]
:OTL
O4 - HKU\S-1-5-21-315241628-3474773456-3279493250-1000..\Run: [89be] C:\Users\Paula\AppData\Roaming\9f\89be.js ()
O4 - Startup: C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d8f.js ()
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
O3 - HKU\S-1-5-21-315241628-3474773456-3279493250-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
:Files
C:\Users\Paula\AppData\Roaming\9f\*.js
C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt /c
:Commands
[emptytemp]
[*]Then click the Run Fix button at the top.
[*]Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.
========== Next ==========
Re-run OTL, click on QuickScan and attach here fresh OTL.txt log