Cannot remove Yontoo malware from my computer

[Aren26]

I accidentally installed Yontoo to my computer and am unable to remove it. Trying to uninstall it through Control Panel results in a popup saying "setup initialization error." I have run scans with MalwareBytes, AVG, Avast, Comodo and Spybot. Each found and removed problems but did not find Yontoo. Neither Microsoft Fix It nor Revo Uninstaller were able to even see the program. I have disabled the application in Chrome and Explorer which got rid of the popups but my computer is still running slowly.

DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.17.2
Run by Ann at 13:38:07 on 2013-09-14
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2047.384 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Windows\system32\lxczcoms.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Edimax\Common\RaUI.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\COMODO\GeekBuddy\unit_manager.exe
C:\Program Files (x86)\COMODO\GeekBuddy\unit.exe
C:\Windows\system32\UI0Detect.exe
C:\Users\Ann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Users\Ann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo0.dll
mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo0.dll
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo0.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} -
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Define: {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo0.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo0.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [Google Update] "C:\Users\Ann\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [ImproveSpeedPC] C:\Program Files (x86)\ImproveSpeedPC\ImproveSpeedPC.exe
mRun: [FaxCenterServer] "C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe" /s
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [gbrspcontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\Ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~1.LNK - C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~2.LNK - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files (x86)\Edimax\Common\RaUI.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
TCP: NameServer = 192.168.10.1
TCP: Interfaces\{D7CA0390-A503-4168-8AEC-FF6A473AC693} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{EE768141-8CD9-43E1-B00F-498DE97369B8} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{EE768141-8CD9-43E1-B00F-498DE97369B8} : DHCPNameServer = 192.168.10.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~2\nvidia~1\nvstre~1\rxinput.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [lxczbmgr.exe] "C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe"
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-13 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-9-13 204880]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-5 45880]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-9-13 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-9-13 378944]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-6-18 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-6-18 708632]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-6-18 48360]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-9-13 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-9-13 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-13 46808]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-5-29 2094216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-27 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-27 701512]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-7-18 25928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-8-23 39712]
R3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\System32\drivers\netr6164.sys [2012-4-22 439808]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-6-18 158936]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Steam\SteamApps\common\dragon age origins\bin_ship\daupdatersvc.service.exe [2012-12-26 25832]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
.
=============== Created Last 30 ================
.
2013-09-14 19:36:19 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-09-14 19:07:10 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-09-14 19:06:33 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-09-14 19:06:27 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-14 17:54:53 -------- d-----w- C:\Program Files (x86)\Common Files\COMODO
2013-09-14 05:20:40 -------- d-s---w- C:\ProgramData\Shared Space
2013-09-14 05:19:58 -------- d-----w- C:\Program Files\COMODO
2013-09-14 05:19:39 -------- d-----w- C:\ProgramData\COMODO
2013-09-14 05:18:47 -------- d-----w- C:\Users\Ann\AppData\Local\Comodo
2013-09-14 05:18:44 56072 ----a-w- C:\Windows\System32\certsentry.dll
2013-09-14 05:18:44 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll
2013-09-14 05:18:30 -------- d-----w- C:\Program Files (x86)\Comodo
2013-09-14 05:17:59 -------- d-----w- C:\ProgramData\Comodo Downloader
2013-09-14 05:11:16 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-09-14 05:11:13 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-09-14 05:11:12 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-09-14 05:11:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-09-14 05:11:07 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-09-14 05:10:12 41664 ----a-w- C:\Windows\avastSS.scr
2013-09-14 05:09:12 -------- d-----w- C:\Program Files\AVAST Software
2013-09-14 05:07:47 -------- d-----w- C:\ProgramData\AVAST Software
2013-09-14 01:29:56 -------- d-----w- C:\Program Files (x86)\Common Files\337
2013-09-14 01:25:15 -------- d-----w- C:\Users\Ann\AppData\Local\DefineExt
2013-09-11 02:20:25 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-09-11 02:19:46 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-09-10 04:57:47 -------- d-----w- C:\Program Files (x86)\HP
2013-09-05 08:43:42 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-08-23 22:08:38 -------- d-----w- C:\NvidiaLogging
2013-08-23 22:04:46 39712 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-08-23 22:04:46 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-08-23 22:04:46 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-08-23 08:34:07 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
.
==================== Find3M ====================
.
2013-09-13 06:31:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-13 06:31:25 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-20 08:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-07-20 08:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-07-20 08:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-07-20 08:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-08 20:59:52 708632 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-01 08:45:28 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2013-06-21 12:16:02 566048 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-06-21 10:23:16 6496544 ----a-w- C:\Windows\System32\nvcpl.dll
2013-06-21 10:23:16 3514656 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-06-21 10:23:11 884512 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-06-21 10:23:10 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-06-21 10:23:10 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-06-18 23:16:10 48360 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2013-06-18 23:16:08 23168 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2013-06-18 23:15:50 43216 ----a-w- C:\Windows\System32\cmdcsr.dll
2013-06-18 23:15:48 437688 ----a-w- C:\Windows\System32\guard64.dll
2013-06-18 23:15:48 348584 ----a-w- C:\Windows\SysWow64\guard32.dll
2013-06-18 23:15:40 45784 ----a-w- C:\Windows\System32\cmdkbd64.dll
2013-06-18 23:15:40 344792 ----a-w- C:\Windows\System32\cmdvrt64.dll
2013-06-18 23:15:36 40664 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll
2013-06-18 23:15:36 278232 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
.
============= FINISH: 13:43:01.80 ===============


aswMBR

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-14 13:51:30
-----------------------------
13:51:30.829 OS Version: Windows x64 6.1.7601 Service Pack 1
13:51:30.829 Number of processors: 2 586 0x170A
13:51:30.832 ComputerName: KEVIN-PC UserName: Ann
13:51:35.983 Initialize success
13:51:37.104 AVAST engine defs: 13091401
13:52:45.536 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-4
13:52:45.538 Disk 0 Vendor: WDC_WD3200AAJS-00L7A0 01.03E01 Size: 305245MB BusType: 3
13:52:45.889 Disk 0 MBR read successfully
13:52:45.891 Disk 0 MBR scan
13:52:45.895 Disk 0 Windows 7 default MBR code
13:52:45.907 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:52:45.949 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
13:52:45.975 Disk 0 scanning C:\Windows\system32\drivers
13:53:01.391 Service scanning
13:53:25.209 Modules scanning
13:53:25.216 Disk 0 trace - called modules:
13:53:25.232 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:53:25.236 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002813410]
13:53:25.567 3 CLASSPNP.SYS[fffff8800197e43f] -> nt!IofCallDriver -> [0xfffffa80026ba520]
13:53:25.572 5 ACPI.sys[fffff88000f0f7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP4T0L0-4[0xfffffa80026d4060]
13:53:26.059 AVAST engine scan C:\Windows
13:53:28.074 AVAST engine scan C:\Windows\system32
13:56:04.144 AVAST engine scan C:\Windows\system32\drivers
13:56:15.503 AVAST engine scan C:\Users\Ann
13:58:18.387 Disk 0 MBR has been saved successfully to "C:\Users\Ann\Desktop\MBR.dat"
13:58:18.395 The log file has been saved successfully to "C:\Users\Ann\Desktop\aswMBR.txt"

[Robybel]

Hi and Welcome!! Aren26

My name is Robybel.

I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

• I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
• The fixes are specific to your problem and should only be used for the issues on this machine.
• Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
• It's often worth reading through these instructions and printing them for ease of reference.
• If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
• Please reply to this thread. Do not start a new topic.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Vista and Windows 7 users:

These tools MUST be run from the executable. (.exe) every time you run them
with Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

Having said that....Let's get going!!

=====================

P2P Programs:

P2P programs are a major source of Malware infections.
From your log I see you have uTorrentand 1ClickDownloader We do not pass judgment on file-sharing, however we must inform you that engaging in this activity and having this kind of software installed on your system will always make you more susceptible to Malware infections.
The use of P2P programs may be contributing to your current situation, and you would certainly be doing yourself a favour by removing them.
If you wish to keep the program(s), please do not use them until your computer is cleaned.

Information regarding the risk of using these programs can be found from here and here

Next

" I see from the logs that you have two antivirus products installed. Having more than one antivirus can cause slowdowns, conflicts and crashes.
I suggest removing one of them via Programs and Features"


Next

Download Security Check by screen317 from here or here.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Next

AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool
  Vista/Windows 7/8 users right-click and select Run As Administrator.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
• Copy and paste the contents of that logfile in your next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Next

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Next

• Download RogueKiller and save it to your desktop.
• Quit all other programs
• Start RogueKiller.exe
• Wait until the Prescan has finished ...
• Click on Scan
  
• Wait for the end of the scan
• A report will be created on your desktop.
• Click on the Delete button
  
• Next click on the ShortcutsFix
  
• another report will be created on your desktop.

Please post: All RKreport.txt text files located on your desktop.

On your next reply please post :

• checkup.txt
• AdwCleaner[S1].txt
• JRT.txt
• All RKreport.txt

Let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!

[Aren26]

Sorry it took me so long to get back to you. I removed utorrent, 1clickdownload and AVG from my computer.

Here are the scans you asked for.

checkup.txt

Results of screen317's Security Check version 0.99.73
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.0
Java(TM) 6 Update 21
Java 7 Update 17
Java version out of Date!
Adobe Flash Player 9 Flash Player out of Date!
Google Chrome 29.0.1547.62
Google Chrome 29.0.1547.66
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Spybot Teatimer.exe is disabled!
Comodo Firewall cmdagent.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


AdwCleaner[R0] I'm not sure why it gave me R0 instead of S1

# AdwCleaner v3.004 - Report created 17/09/2013 at 20:05:12
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Ann - KEVIN-PC
# Running from : C:\Users\Ann\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Found : C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
Folder Found C:\Program Files (x86)\1ClickDownload
Folder Found C:\Program Files (x86)\Common Files\337
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\uTorrentControl_v2
Folder Found C:\Program Files (x86)\Yontoo
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\Users\Ann\AppData\Local\apn
Folder Found C:\Users\Ann\AppData\Local\Conduit
Folder Found C:\Users\Ann\AppData\Local\cre
Folder Found C:\Users\Ann\AppData\Local\DefineExt
Folder Found C:\Users\Ann\AppData\Local\Temp\AskSearch
Folder Found C:\Users\Ann\AppData\Local\Temp\Desk365
Folder Found C:\Users\Ann\AppData\LocalLow\Conduit
Folder Found C:\Users\Ann\AppData\LocalLow\PriceGong
Folder Found C:\Users\Ann\AppData\LocalLow\uTorrentControl_v2
Folder Found C:\Users\Ann\Documents\optimizer pro

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : HKCU\Software\uTorrentControl_v2
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\IGearSettings
Key Found : [x64] HKCU\Software\uTorrentControl_v2
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\Classes\1ClicktorrentFile
Key Found : HKLM\SOFTWARE\Classes\1ClicktorrentFile1
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\oneclick
Key Found : HKLM\SOFTWARE\Classes\oneclickmg
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Desksvc
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F12FD8C-FDA4-496F-A7E3-07CA2029DE97}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEDDC2B4-9040-4A4B-B216-EAF01E5B2DBF}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Found : HKLM\Software\uTorrentControl_v2
Key Found : HKLM\Software\V9
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v

-\\ Google Chrome v

[ File : C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12024 octets] - [17/09/2013 20:05:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12085 octets] ##########


JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Ultimate x64
Ran by Ann on Tue 09/17/2013 at 20:16:05.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\1clicktorrentfile
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\1clicktorrentfile1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\oneclick
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\oneclickmg
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnToolbarInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnToolbarInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Ann\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\Ann\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Ann\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Ann\appdata\local\defineext"
Successfully deleted: [Folder] "C:\Users\Ann\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Ann\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Ann\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 09/17/2013 at 20:45:57.55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


All RKreport.txt

As for this one I believe there may be a new version out. Your image is v7.0.2 while the one I found was v8.6.11_x64_ and they looked slightly different. There was a Fix Shortcuts button in my version instead of a ShortcutsFix. I assumed they would do the same thing, but unfortunately it doesn't seem to have created an All RKreport.txt that I can find.

Thank you for your help I hope we can get this sorted out.

[Robybel]

Hi Aren26

Your image is v7.0.2 while the one I found was v8.6.11_x64

My image is only for demonstration

Ok!! we go ahead
AdwCleaner

Double click on AdwCleaner.exe to run the tool again.

• Click on the Scan button.
• AdwCleaner will begin to scan your computer like it did before.
• After the scan has finished...
• This time, click on the Clean button.
• Press OK when asked to close all programs and follow the onscreen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.

About your All RKreports, you can find on your desktop.

[Aren26]

AdwCleaner

# AdwCleaner v3.004 - Report created 18/09/2013 at 21:33:55
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Ann - KEVIN-PC
# Running from : C:\Users\Ann\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\Common Files\337
Folder Deleted : C:\Users\Ann\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Ann\AppData\Local\Temp\Desk365
Folder Deleted : C:\Users\Ann\Documents\optimizer pro
File Deleted : C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F12FD8C-FDA4-496F-A7E3-07CA2029DE97}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEDDC2B4-9040-4A4B-B216-EAF01E5B2DBF}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v

-\\ Google Chrome v

[ File : C:\Users\Ann\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12206 octets] - [17/09/2013 20:05:12]
AdwCleaner[R1].txt - [5776 octets] - [18/09/2013 20:51:41]
AdwCleaner[S0].txt - [4975 octets] - [18/09/2013 21:33:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5035 octets] ##########

[Robybel]

Hi Aren26

Please read through these instructions to familarize yourself with what to expect when this tool runs

Refer to the ComboFix User's Guide


Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs


====================================================


Double click on combofix.exe & follow the prompts.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

On your next reply please post :

• Combofix log

Let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!

[Robybel]

Still need help?

[Aren26]

I am currently trying to get Combofix to work, it has been trying to install for two hours. I'm going to give it a little longer and if it still doesn't work I'll download it again. I'll get the info to you as soon as possible.

[Aren26]

Combofix keeps getting stuck while installing, I will let it go overnight in case it is just being incredibly slow, but other than that I'm not sure what to do.

[Robybel]

Hi Aren26

Can you tell me something about your Combofix