ababaei2000

I just re-installed windows and formatted Drive c, Problem solved

Hi this is the results Addition.txt FRST.txt

no malware has been detected logs.txt

same issues. chrome crashes.internet explorer sometimes works

Fixlog.txt

I did it but again Google Chrome crashed

Hi here is the file,I noticed some issues. IE works(sometimes it stops but after refresh it works).but Mozilla and Chrome Crash, after few minutes. I cleaned up every etxensions and uninstalled Mozilla and Chrome and reinstalled them. In config section of Mozilla, there were some extensions which has not been shown in Extension section, I started my Computer in safe modeand delete their Folders in appdata/roaming. but still when I open chriome or Mozilla it crashes. Addition.txt FRST.txt

in one minute after starting mozzilla I have internet connection but after 1 minute everything is the same.

on mozilla startup there is no website .but still I have no internet connection

Hi Here is the logfile: AdwCleaner v5.200 - Logfile created 18/06/2016 at 11:37:35 # Updated 14/06/2016 by ToolsLib # Database : 2016-06-16.2 [Local] # Operating system : Windows 8.1 Pro (X64) # Username : Armin Ba - ARMIN # Running from : C:\Users\Armin Ba\Desktop\AdwCleaner.exe # Option : Clean # Support : https://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLLs ] ***** [-] File Disinfected : C:\Windows\System32\dnsapi.dll [-] File Disinfected : C:\Windows\SysWOW64\dnsapi.dll ***** [ WMI ] ***** [-] Key Deleted : \root\subscription\\ActiveScriptEventConsumer [ASEC] ***** [ Shortcuts ] ***** [-] Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk [-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [-] Shortcut Disinfected : C:\Users\Armin Ba\Desktop\Pandora TV.lnk [-] Shortcut Disinfected : C:\Users\Armin Ba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [-] Shortcut Disinfected : C:\Users\Armin Ba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [-] Shortcut Disinfected : C:\Users\Armin Ba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ***** [ Scheduled tasks ] ***** [-] Task Deleted : simplitec Power Suite (Tray) [-] Task Deleted : simplitec Power Suite ***** [ Registry ] ***** [-] Key Deleted : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin [-] Key Deleted : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP [-] Key Deleted : HKEY_CLASSES_ROOT\.qmgc [-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com] [-] Key Deleted : HKLM\SOFTWARE\Classes\.bgl [-] Key Deleted : HKLM\SOFTWARE\Classes\.bof [-] Key Deleted : HKLM\SOFTWARE\Classes\BabyDict [-] Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss [-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho [-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1 [-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin [-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1 [-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin64 [-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin64.1 [-] Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile [-] Key Deleted : HKLM\SOFTWARE\Classes\metnsd [-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap [-] Key Deleted : HKLM\SOFTWARE\Classes\qmgcfiles [-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.BrowserHandler [-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.BrowserHandler.1 [-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.YTBPartnerSample [-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.YTBPartnerSample.1 [-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar [-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1 [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3} [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48} [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF} [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{947217BD-E967-400A-B14A-BA851A8EDCBB} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{928FE5E7-D557-46B7-8AF6-17ACCE1FB4ED} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{29B6CFD5-0064-411A-8C42-9890C83F9921} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{947217BD-E967-400A-B14A-BA851A8EDCBB}] [-] Key Deleted : HKCU\Software\Babylon [-] Key Deleted : HKCU\Software\Microsoft\Babylon [-] Key Deleted : HKCU\Software\Yahoo\Companion [-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar [-] Key Deleted : HKCU\Software\MICROSOFT\OTUT [-] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion [-] Key Deleted : HKLM\SOFTWARE\Babylon [-] Key Deleted : HKLM\SOFTWARE\simplitec [-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion [-] Key Deleted : HKLM\SOFTWARE\SrpnFiles [-] Key Deleted : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\simplitec POWER SUITE_is1 [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client] [-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [Babylon Client] [-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql] [#] Value Deleted : HKU\S-1-5-21-2115171958-3693150112-3585303543-1001\Software\Microsoft\Windows\CurrentVersion\Run [msiql] [-] Value Deleted : HKU\S-1-5-21-2115171958-3693150112-3585303543-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [msiql] [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\YahooAUService ***** [ Web browsers ] ***** [-] [C:\Users\Armin Ba\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com [-] [C:\Users\Armin Ba\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com [-] [C:\Users\Armin Ba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chphlpgkkbolifaimnlloiipkdnihall [-] [C:\Users\Armin Ba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : kbfnbcaeplbcioakkpcpgfkobkghlhen ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [4588 bytes] - [17/06/2016 10:30:53] C:\AdwCleaner\AdwCleaner[C2].txt - [9672 bytes] - [18/06/2016 11:37:35] C:\AdwCleaner\AdwCleaner[S1].txt - [18434 bytes] - [17/06/2016 10:29:34] C:\AdwCleaner\AdwCleaner[S2].txt - [9866 bytes] - [18/06/2016 11:34:36] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [9892 bytes] ##########

Hi Thanx for your reply, here is the result. I ran it once today, but I will add Addition too FRST.txt Addition.txt

Hi I removed malwars on my laptop by Malwarebytes. But I lost my internet connection.I tried several different approaches. but still doesnt work. I saw again some adwares in google chrome , I uninstalled chrome. and after it I didnt have internet connection. when I restart my computer and start mozilla a website address sticks to mozilla shortcut . the website is: http://yeabests.cc everytime I remove it, it comes back.and malwarebyte oes not detect any malware or threat. nd right now I dont have internet connection on my laptop. I hope you help me in this area. BR