I think i have the same problem as the recent posts, it seems to be gones since i deleted firefox…
any help? anyone?
Monitoring 8)
Hi affrancos.
I will be working on your Malware issues 
Step#1
Re-run OTL.exe.
[*]Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.
:OTL
CHR - Extension: Codec-V = C:\Users\Pipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.20.61_0\crossrider
CHR - Extension: Codec-V = C:\Users\Pipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.20.61_0\
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4 - HKLM..\Run: [PlusService] C:\Program Files\Messenger Plus! Live\PlusService.exe File not found
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O33 - MountPoints2\{6ac723ef-35e9-11df-b63e-904ce5e60744}\Shell - "" = AutoRun
O33 - MountPoints2\{6ac723ef-35e9-11df-b63e-904ce5e60744}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6ac72415-35e9-11df-b63e-904ce5e60744}\Shell - "" = AutoRun
O33 - MountPoints2\{6ac72415-35e9-11df-b63e-904ce5e60744}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6ac72419-35e9-11df-b63e-904ce5e60744}\Shell - "" = AutoRun
O33 - MountPoints2\{6ac72419-35e9-11df-b63e-904ce5e60744}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9dbbe86f-35e6-11df-8d7c-904ce5e60744}\Shell - "" = AutoRun
O33 - MountPoints2\{9dbbe86f-35e6-11df-8d7c-904ce5e60744}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9dbbe88a-35e6-11df-8d7c-904ce5e60744}\Shell - "" = AutoRun
O33 - MountPoints2\{9dbbe88a-35e6-11df-8d7c-904ce5e60744}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9dbbe88d-35e6-11df-8d7c-904ce5e60744}\Shell - "" = AutoRun
O33 - MountPoints2\{9dbbe88d-35e6-11df-8d7c-904ce5e60744}\Shell\AutoRun\command - "" = F:\AutoRun.exe
[1 C:\Users\pipe\Desktop\*.tmp files -> C:\Users\pipe\Desktop\*.tmp -> ]
:files
C:\Users\Pipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt /c
ipconfig /release /c
ipconfig /renew /c
:commands
[CREATERESTOREPOINT]
[emptytemp]
[*]Then click the Run Fix button at the top.
[*]Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.
Step#2
Re-run OTL , click on RunScan and attach here fresh OTL.txt log.
Step#3
Check USB storage devices / removable drives
Download MCShield from one of the following links:
MyCity - Official download link
Softpedija - Mirror download link
[*] Double click MCShield-Setup to install the application.
[*] Wait a few seconds to MCShield finish initial scan.
Recommendation to under General and Scanner tab you click on Defaults button to choose recommended options.
[*] Connect your USB storage devices to the computer one at a time. Scanning will be done automatically.
When all scanning is done, you need to attach a logreport that has made MCShield.
Start → All Programs → MCShield → Logs
Attach here → AllScans.txt
Explanation: USB storage devices are all the USB devices that get their own partition letter at connecting to the PC,
e.g. flash drives (thumb/pen drives, USB sticks), external HDDs, MP3/MP4 players, digital cameras,
memory cards (SD cards, Sony Memory Stick, MultiMedia Cards etc.), some mobile phones, some GPS navigation devices etc.
ok first txt. (0918…) is OTL with the code, OTL(1) is post fix.
thank you for the help.
Re-run OTL.exe.
[*]Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.
:services
aimz3cxe
:commands
[Reboot]
[*]Then click the Run Fix button at the top.
[*]Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.
Let’s reset your browser settings.
Download AT-Destroyer by @Infospyware from here to your desktop.
http://www.infospyware.com/antispyware/at-destroyer/
( Click the green button Descarag )
note: The entire tool is on French language.
[*] Run AT-Destroyer
[*] A pop-up warning, disclaimer appears tool. Press YES
Black windows will open
[*] Press Option 1 ( Buscar y Destruir ) [aka Search and Destroy]
AT-Destroyer momentarily disconnect the desktop.
If infected, the AT-Destroyer red lines indicate where the infection is detected, it will be green lines.
After the scan, you can again see the desktop and it will open a report, to be copied into your next reply commenting on how the system works.
If a program does not start, restart the PC.
Reboot your computer. How’s your system running now?
its actually spanish but hey my computer is working great! thank you very much for your help, no more annoying pop up messages. i appreciate everything you’ve done 
logs are attached.
Ahaha, I didnt know. ;D
Thanks for the info. 
Re-run OTL and click on CleanUp! button.
You will be asked to reboot the machine to finish the cleanup process, choose Yes.
After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTL. Feel free to manually delete any tools it leaves behind.