Remove Yontoo 2.053

[adamcafi1]

Hi,

I would like to remove Yontoo 2.053 from my laptop, I have run DDS and I am unsure what I should do next. I have copied and pasted the content of the DDS.txt and Attach.txt output files below. Assistance would be greatly appreciated!! Thanks.

Attach.txt:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 10/03/2012 13:35:26

System Uptime: 23/05/2013 17:37:53 (2 hours ago)

.

Motherboard: Hewlett-Packard | | 166F

Processor: Intel® Pentium® CPU B960 @ 2.20GHz | CPU1 | 2200/1333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 582 GiB total, 500.598 GiB free.

D: is FIXED (NTFS) - 0 GiB total, 0.158 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP49: 26/04/2013 11:45:56 - Windows Update

RP50: 27/04/2013 23:25:05 - Installed Java 7 Update 21

RP51: 30/04/2013 13:05:58 - Windows Update

RP52: 07/05/2013 13:46:00 - Scheduled Checkpoint

RP53: 09/05/2013 04:00:57 - Installed Java 7 Update 21

RP54: 09/05/2013 12:59:39 - Installed Java 7 Update 21

RP55: 13/05/2013 17:00:31 - HPSF Applying updates

RP56: 13/05/2013 17:00:31 - HPSF Applying updates

RP57: 16/05/2013 09:05:59 - Windows Update

RP58: 17/05/2013 14:14:36 - HPSF Applying updates

RP59: 17/05/2013 16:52:58 - HPSF Applying updates

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.7) MUI

Adobe Shockwave Player 11.6

AVG 2013

AVG Security Toolbar

Babylon toolbar on IE

BabylonObjectInstaller

Bejeweled 3

Bing Bar

BitZipper 2013

Blackhawk Striker 2

CCleaner

Chuzzle Deluxe

Cradle of Rome 2

Crazy Chicken Soccer

CyberLink YouCam

D3DX10

DefaultTab

Dora's World Adventure

ESU for Microsoft Windows 7 SP1

Evernote v. 4.2.3

Farm Frenzy

Farmscapes

FATE

File Type Assistant

Final Drive Fury

Free Alarm Clock 2.5.0

Google Chrome

Google Drive

Google Toolbar for Internet Explorer

Google Update Helper

Hewlett-Packard ACLM.NET v1.2.1.1

Hoyle Card Games

HP Auto

HP Client Services

HP Customer Experience Enhancements

HP Documentation

HP Games

HP Launch Box

HP On Screen Display

HP Power Manager

HP Quick Launch

HP QuickWeb

HP Recovery Manager

HP Security Assistant

HP Setup

HP Setup Manager

HP Software Framework

HP Support Assistant

IDT Audio

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Java 7 Update 21

Java Auto Updater

Java 6 Update 39

Jewel Match 3

Jewel Quest Mysteries: The Seventh Gate Collector's Edition

John Deere Drive Green

Junk Mail filter update

Letters from Nowhere 2

Luxor HD

Magic Desktop

Mah Jong Medley

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MiKTeX 2.9

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

opensource

Penguins!

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime x86

Poker Superstars III

Polar Bowler

Polar Golfer

Ralink RT5390 802.11b/g/n WiFi Adapter

Realtek Ethernet Controller Driver

Realtek PCIE Card Reader

RollerCoaster Tycoon 3: Platinum

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

SelectionLinks

Skype™ 6.1

Some PDF Images Extract 2.0

swMSM

Synaptics TouchPad Driver

TeX Live 2011

TexMakerX 2.1

TeXnicCenter Version 1.0 Stable RC1

The Treasures of Mystery Island: The Ghost Ship

Torchlight

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update Installer for WildTangent Games App

Virtual Villagers 4 - The Tree of Life

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Yontoo 2.053

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

23/05/2013 12:34:15, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).

23/05/2013 12:33:50, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

22/05/2013 17:33:45, Error: Service Control Manager [7030] - The DefaultTabSearch service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

22/05/2013 00:59:30, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.

21/05/2013 21:28:47, Error: Schannel [36887] - The following fatal alert was received: 47.

17/05/2013 17:01:39, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

17/05/2013 17:01:39, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

.

==== End Of File ===========================

DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2

Run by Adam at 19:40:59 on 2013-05-23

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.353.1033.18.6092.3184 [GMT 1:00]

.

AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Users\Adam\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe

C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe

C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe

C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Users\Adam\AppData\Roaming\Yontoo\YontooDesktop.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: SelectionLinks: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll

BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Adam\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll

TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun

uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

uRun: [Yontoo Desktop] "C:\Users\Adam\AppData\Roaming\Yontoo\YontooDesktop.exe"

uRun: [GoogleChromeAutoLaunch_A8A74C443D959D090116AB80EF7334F8] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [ErrorTeck] C:\Program Files (x86)\ErrorTeck\ErrorTeck.exe /scan

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: HideFastUserSwitching = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

TCP: NameServer = 89.101.160.4 89.101.160.5

TCP: Interfaces\{861668DC-180F-4531-88DD-B6307D4AFC07} : DHCPNameServer = 89.101.160.4 89.101.160.5

TCP: Interfaces\{861668DC-180F-4531-88DD-B6307D4AFC07}\24279646765684F64756C6 : DHCPNameServer = 168.95.1.1

TCP: Interfaces\{861668DC-180F-4531-88DD-B6307D4AFC07}\54163747D49646C616E6463745271696E637F575966496 : DHCPNameServer = 10.20.16.1

TCP: Interfaces\{861668DC-180F-4531-88DD-B6307D4AFC07}\55343402745756374737 : DHCPNameServer = 10.255.255.1 10.255.255.2

TCP: Interfaces\{EB467FAF-A51A-4AFE-8C4B-ED5274817FEB} : NameServer = 143.239.1.2,143.239.1.12

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-11-16 111968]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 45856]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-20 249648]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Adam\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-5-22 107520]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-9-6 197536]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-12-12 13592]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-12 2425960]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-12 2656280]

R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-5-21 1015984]

R2 Yontoo Desktop Updater;Yontoo Desktop Updater;C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [2013-5-2 23552]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-5-13 317440]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-12-12 1860672]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-12 565352]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-2-11 572928]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-8-1 195320]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-12-12 339048]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-11 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

.

=============== Created Last 30 ================

.

2013-05-23 18:33:38 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-05-23 18:33:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-23 00:22:37 -------- d-----w- C:\Users\Adam\AppData\Roaming\Malwarebytes

2013-05-23 00:22:28 -------- d-----w- C:\ProgramData\Malwarebytes

2013-05-22 16:58:19 -------- d-----w- C:\Users\Adam\AppData\Roaming\ErrorTeck

2013-05-22 16:58:16 -------- d--h--w- C:\Windows\PIF

2013-05-22 16:36:00 -------- d-----w- C:\ProgramData\Graboid Inc

2013-05-22 16:35:59 -------- d-----w- C:\Users\Adam\AppData\Local\Geckofx

2013-05-22 16:35:27 -------- d-----w- C:\Program Files (x86)\VideoLAN

2013-05-22 16:35:08 -------- d-----w- C:\Program Files (x86)\Graboid

2013-05-22 16:33:42 -------- d-----w- C:\Program Files (x86)\DefaultTab

2013-05-22 16:33:35 -------- d-----w- C:\Users\Adam\AppData\Roaming\DefaultTab

2013-05-22 16:33:25 -------- d-----w- C:\Program Files (x86)\OApps

2013-05-21 12:31:09 -------- d-----w- C:\Users\Adam\AppData\Local\{BE5F42B0-BE34-43BE-913C-ED4FCCADFD3E}

2013-05-15 22:26:55 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-05-15 22:26:54 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-05-15 22:26:54 111448 ----a-w- C:\Windows\System32\consent.exe

2013-05-15 22:26:53 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-05-15 22:26:22 983912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-15 22:26:22 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-05-15 22:25:18 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-05-15 22:25:18 230400 ----a-w- C:\Windows\System32\wwansvc.dll

2013-05-15 22:24:51 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-05-09 12:02:22 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-05-02 12:13:08 -------- d-----w- C:\Users\Adam\AppData\Local\FileTypeAssistant

2013-05-02 12:13:03 -------- d-----w- C:\Program Files (x86)\File Type Assistant

2013-05-02 12:12:59 -------- d-----w- C:\Users\Adam\AppData\Local\BitZipper

2013-05-02 12:12:55 -------- d-----w- C:\Users\Adam\AppData\Local\Programs

2013-05-02 12:12:55 -------- d-----w- C:\Program Files (x86)\BitZipper

2013-05-02 12:12:48 -------- d-----w- C:\Program Files (x86)\Driver-Soft

2013-05-02 12:12:27 -------- d-----w- C:\Users\Adam\AppData\Roaming\Yontoo

2013-05-02 12:12:26 -------- d-----w- C:\Program Files (x86)\Yontoo

2013-05-02 12:11:05 -------- d-----w- C:\ProgramData\APN

2013-04-30 12:15:59 73728 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe

2013-04-30 12:10:15 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-04-25 11:27:51 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

.

==================== Find3M ====================

.

2013-05-21 11:38:47 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-05-15 10:39:41 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-15 10:39:41 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-04-30 12:16:01 226304 ----a-w- C:\Windows\System32\elshyph.dll

2013-04-30 12:16:01 185344 ----a-w- C:\Windows\SysWow64\elshyph.dll

2013-04-30 12:16:01 158720 ----a-w- C:\Windows\SysWow64\msls31.dll

2013-04-30 12:16:01 1054720 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2013-04-30 12:16:00 719360 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll

2013-04-30 12:16:00 523264 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-04-30 12:16:00 38400 ----a-w- C:\Windows\SysWow64\imgutil.dll

2013-04-30 12:16:00 150528 ----a-w- C:\Windows\SysWow64\iexpress.exe

2013-04-30 12:16:00 138752 ----a-w- C:\Windows\SysWow64\wextract.exe

2013-04-30 12:16:00 137216 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-04-30 12:16:00 12800 ----a-w- C:\Windows\SysWow64\mshta.exe

2013-04-30 12:16:00 110592 ----a-w- C:\Windows\SysWow64\IEAdvpack.dll

2013-04-30 12:10:15 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll

2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

2013-03-11 16:17:36 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2013-03-11 16:17:36 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

.

============= FINISH: 19:41:27.37 ===============

[Maniac]

Hello adamcafi1 and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
  

Step 1

Please uninstall the following applications:

AVG Security Toolbar

Babylon toolbar on IE

BabylonObjectInstaller

DefaultTab

Yontoo 2.053

Step 2

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
  
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  
• The tool will open and start scanning your system.
  
• Please be patient as this can take a while to complete depending on your system's specifications.
  
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  
• Post the contents of JRT.txt into your next message.
  

Step 3

• Launch Malwarebytes' Anti-Malware
  
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 4

Please download AdwCleaner from here and save it on your Desktop.

1. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
   
2. Now click on the Search tab.
   
3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Step 5

• Download on the desktop RogueKiller
  
• Quit all programs
  
• Start RogueKiller.exe
  
• Wait until Prescan has finished ...
  
• Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.

In your next reply, post the following log files:

• Junkware Removal Tool log
  
• Malwarebytes' Anti-Malware log
  
• AdwCleaner log
  
• RogueKiller log

[adamcafi1]

Hi Maniac,

Thanks for your response. I have uninstalled everything on that list expect for yontoo 2.053 as it just says "setup initialization error" when I try to uninstall it. What should I do next? Thanks for your help!!!

[Maniac]

Proceed further.

[adamcafi1]

Thanks!

JRT file:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows 7 Home Premium x64

Ran by Adam on 24/05/2013 at 16:59:21.22

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Failed to stop: [service] yontoo desktop updater

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\yontoo desktop

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortapp.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortlbr.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\yontooieclient.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\funmoodslatest_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\funmoodslatest_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014A3BFD-3AA4-81B3-11D1-28E7036BCB4C}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{23083A1A-F9A0-439E-B721-C55273057307}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{245183FC-E39F-4EDC-9462-7D35CA3EEE62}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{245183FC-E39F-4EDC-9462-7D35CA3EEE62}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

~~~ Files

Successfully deleted: [File] "C:\Users\Adam\appdata\local\funmoods-speeddial.crx"

Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"

Successfully deleted: [Folder] "C:\Users\Adam\AppData\Roaming\babylon"

Successfully deleted: [Folder] "C:\Users\Adam\AppData\Roaming\yontoo"

Successfully deleted: [Folder] "C:\Program Files (x86)\driver-soft"

Successfully deleted: [Folder] "C:\Program Files (x86)\oapps"

Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{109629E7-8046-4364-A011-7E268B3BE79D}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{199512E8-5EC3-427F-9F36-00C7D5C89877}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{19C8287B-1838-44E2-B120-BAE25779281E}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{2B6C9B9D-399D-40E7-9A30-C65A8AC55448}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{2BB0D4EA-B163-482A-9176-75A8DCA52C46}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{33678D27-A0DE-4FAC-9131-B8251B65D16E}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{369DA32D-5F9B-4B8F-B8DF-75170E406C2D}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{3EC28B4D-06F9-4612-B61E-357644183246}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{46028CC4-3589-47B0-8000-95D237162634}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{4D487033-B6DB-4634-A764-818C04ADB983}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{4DBC5835-3B77-4236-9F63-4BA80BB1F5B2}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{6106ADC4-DD99-43F0-81F6-160496030473}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{8104EA0A-D50F-4EC0-8446-BD24C23D1B93}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{82C40DAC-D118-48AE-85CF-560F7C7CDCFE}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{965DABFF-7868-4B7E-8D86-5E11B66B206C}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{A34AE31D-2BF7-4B68-BE16-131D7BFD83DB}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{A6360E37-5632-4452-907C-A2C091838748}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{B0F96D31-AABD-4FB5-B919-D101095811F1}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{BE5F42B0-BE34-43BE-913C-ED4FCCADFD3E}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{CCBF61A1-7F56-443A-8723-99A1474A4776}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{CEFCC397-2281-4B16-BD0F-61BCB57F40B2}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{D28C1D03-DB99-48C2-9651-DE17E73763CC}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{D64610E5-9DEF-4086-A1D8-0492DF474378}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{D823047A-B326-44F1-A974-BA2F9CAB9659}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{E687FE4E-1C64-410E-A00B-7CC274230A06}

Successfully deleted: [Empty Folder] C:\Users\Adam\appdata\local\{EF2AEC1D-5CD1-411B-ABB0-CBFDF769FB34}

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Adam\appdata\local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 24/05/2013 at 17:06:15.51

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MBAM file:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.24.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16576

Adam :: ADAM-HP [administrator]

Protection: Enabled

24/05/2013 17:08:50

mbam-log-2013-05-24 (17-08-50).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 214381

Time elapsed: 4 minute(s), 12 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

ADW cleaner file:

# AdwCleaner v2.301 - Logfile created 05/24/2013 at 17:17:22

# Updated 16/05/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Adam - ADAM-HP

# Boot Mode : Normal

# Running from : C:\Users\Adam\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

Found : Yontoo Desktop Updater

***** [Files / Folders] *****

File Found : C:\user.js

File Found : C:\Users\Adam\AppData\Local\Temp\Uninstall.exe

Folder Found : C:\ProgramData\APN

***** [Registry] *****

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}

Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Found : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Found : HKLM\SOFTWARE\Tarma Installer

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page] = hxxp://search.babylon.com/?affID=110808&tt=3412_4&babsrc=HP_ss&mntrId=e4cf687a0000000000007ce9d362333a

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.2183] : homepage = "hxxp://search.babylon.com/?affID=110808&tt=3412_4&babsrc=HP_ss_cr&mntrId=e4cf687a0000000000007ce9d362333a",

*************************

AdwCleaner[R1].txt - [6978 octets] - [24/05/2013 17:17:22]

########## EOF - C:\AdwCleaner[R1].txt - [7038 octets] ##########

Roguekiller File:

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Adam [Admin rights]

Mode : Scan -- Date : 05/24/2013 17:28:07

| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] adwcleaner.exe -- C:\Users\Adam\Desktop\adwcleaner.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 6 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{EB467FAF-A51A-4AFE-8C4B-ED5274817FEB} : NameServer (143.239.1.2,143.239.1.12) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{EB467FAF-A51A-4AFE-8C4B-ED5274817FEB} : NameServer (143.239.1.2,143.239.1.12) -> FOUND

[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++

--- User ---

[MBR] be52e7d17f00300a439609d62c32491a

[bSP] 349df2fcd682bc72d51f6da5030e3ca0 : Linux MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 595561 Mo

2 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 1220120576 | Size: 113551 Mo

3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1452673026 | Size: 6097 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_05242013_02d1728.txt >>

RKreport[1]_S_05242013_02d1728.txt

[Maniac]

1. Please re-run AdwCleaner
   
2. Click on Delete button.
   
3. Confirm each time with OK.
   
4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

How are things now?

[adamcafi1]

# AdwCleaner v2.301 - Logfile created 05/24/2013 at 18:33:35

# Updated 16/05/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Adam - ADAM-HP

# Boot Mode : Normal

# Running from : C:\Users\Adam\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

Stopped & Deleted : Yontoo Desktop Updater

***** [Files / Folders] *****

File Deleted : C:\user.js

File Deleted : C:\Users\Adam\AppData\Local\Temp\Uninstall.exe

Folder Deleted : C:\ProgramData\APN

***** [Registry] *****

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Deleted : HKLM\SOFTWARE\Tarma Installer

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

Deleted : [HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page]

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.2183] : homepage = "hxxp://search.babylon.com/?affID=110808&tt=3412_4&babsrc=HP_ss_cr&mntrId=e4cf687a000[...]

*************************

AdwCleaner[R1].txt - [7061 octets] - [24/05/2013 17:17:22]

AdwCleaner[s1].txt - [7075 octets] - [24/05/2013 18:33:35]

########## EOF - C:\AdwCleaner[s1].txt - [7135 octets] ##########

[Maniac]

How are things now?

[adamcafi1]

Yes Yontoo is not longer installed. Thanks very much for your help, much appreciated!!!

[Maniac]

Glad I could help!

Step 1

• Download OTC to your desktop and run it
  
• Click Yes to beginning the Cleanup process and remove these components, including this application.
  
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
  

Step 2

• Double click on AdwCleaner.exe to run the tool.
  
• Click on Uninstall
  
• Confirm with Yes
  

Step 3

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing!

[adamcafi1]

Thanks for your help once again, running smoothly now woohoooo!!!!

[Maniac]

You're welcome!

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!