ababaei2000
-
Posts
12 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by ababaei2000
-
-
-
no malware has been detected
-
same issues. chrome crashes.internet explorer sometimes works
-
-
Quote
I did it but again Google Chrome crashed
-
Hi
here is the file,I noticed some issues. IE works(sometimes it stops but after refresh it works).but Mozilla and Chrome Crash, after few minutes. I cleaned up every etxensions and uninstalled Mozilla and Chrome and reinstalled them. In config section of Mozilla, there were some extensions which has not been shown in Extension section, I started my Computer in safe modeand delete their Folders in appdata/roaming. but still when I open chriome or Mozilla it crashes.
-
in one minute after starting mozzilla I have internet connection but after 1 minute everything is the same.
-
on mozilla startup there is no website .but still I have no internet connection
-
Hi
Here is the logfile:
AdwCleaner v5.200 - Logfile created 18/06/2016 at 11:37:35
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-16.2 [Local]
# Operating system : Windows 8.1 Pro (X64)
# Username : Armin Ba - ARMIN
# Running from : C:\Users\Armin Ba\Desktop\AdwCleaner.exe
# Option : Clean
# Support : https://toolslib.net/forum***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****[-] File Disinfected : C:\Windows\System32\dnsapi.dll
[-] File Disinfected : C:\Windows\SysWOW64\dnsapi.dll***** [ WMI ] *****
[-] Key Deleted : \root\subscription\\ActiveScriptEventConsumer [ASEC]
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\Users\Armin Ba\Desktop\Pandora TV.lnk
[-] Shortcut Disinfected : C:\Users\Armin Ba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Armin Ba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Armin Ba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk***** [ Scheduled tasks ] *****
[-] Task Deleted : simplitec Power Suite (Tray)
[-] Task Deleted : simplitec Power Suite***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
[-] Key Deleted : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Key Deleted : HKEY_CLASSES_ROOT\.qmgc
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\.bgl
[-] Key Deleted : HKLM\SOFTWARE\Classes\.bof
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabyDict
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin64
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin64.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile
[-] Key Deleted : HKLM\SOFTWARE\Classes\metnsd
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\qmgcfiles
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.BrowserHandler
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.BrowserHandler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.YTBPartnerSample
[-] Key Deleted : HKLM\SOFTWARE\Classes\Sample.YTBPartnerSample.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{947217BD-E967-400A-B14A-BA851A8EDCBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{928FE5E7-D557-46B7-8AF6-17ACCE1FB4ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{947217BD-E967-400A-B14A-BA851A8EDCBB}]
[-] Key Deleted : HKCU\Software\Babylon
[-] Key Deleted : HKCU\Software\Microsoft\Babylon
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKCU\Software\MICROSOFT\OTUT
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\SrpnFiles
[-] Key Deleted : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\simplitec POWER SUITE_is1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [Babylon Client]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[#] Value Deleted : HKU\S-1-5-21-2115171958-3693150112-3585303543-1001\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[-] Value Deleted : HKU\S-1-5-21-2115171958-3693150112-3585303543-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [msiql]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\YahooAUService***** [ Web browsers ] *****
[-] [C:\Users\Armin Ba\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Armin Ba\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Armin Ba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chphlpgkkbolifaimnlloiipkdnihall
[-] [C:\Users\Armin Ba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : kbfnbcaeplbcioakkpcpgfkobkghlhen*************************
:: "Tracing" keys deleted
:: Winsock settings cleared*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4588 bytes] - [17/06/2016 10:30:53]
C:\AdwCleaner\AdwCleaner[C2].txt - [9672 bytes] - [18/06/2016 11:37:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [18434 bytes] - [17/06/2016 10:29:34]
C:\AdwCleaner\AdwCleaner[S2].txt - [9866 bytes] - [18/06/2016 11:34:36]########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [9892 bytes] ##########
-
Hi
Thanx for your reply, here is the result. I ran it once today, but I will add Addition too
-
Hi
I removed malwars on my laptop by Malwarebytes. But I lost my internet connection.I tried several different approaches. but still doesnt work. I saw again some adwares in google chrome , I uninstalled chrome. and after it I didnt have internet connection. when I restart my computer and start mozilla a website address sticks to mozilla shortcut . the website is: http://yeabests.cc
everytime I remove it, it comes back.and malwarebyte oes not detect any malware or threat. nd right now I dont have internet connection on my laptop.
I hope you help me in this area.
BR
Internet Connection problem after malware removal
in Resolved Malware Removal Logs
Posted
I just re-installed windows and formatted Drive c, Problem solved