• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
Followers 0
aspirit

Yontoo

8 posts in this topic

I have yontoo showing up and can not remove it.

 

I believe yontoo is causing numerous problems. There could be something else but I believe yontoo is the main culprit

 

I have Ad Aware total security and Lavasoft registry tuner.

I ran a virus scan that came back clean. Then I tried to run DDS but it would not run so I removed total security from my startup and tried to run DDS with out Ad Aware running and DDS still just freezes. I even tried in safe mode with the same result.

 

So I cannot post DDS log fife but I was able to run OTL and here are those files.

 

 

 

Any help is appreciated

Extras.Txt

OTL.Txt

Share this post


Link to post
Share on other sites

Hi aspirit,

 

Please, uninstall:

Java™ SE Runtime Environment 6 Update 1

Java™ 6 Update 3

Java™ 6 Update 26

since they are old versions with many known vulnerabilities that can be exploited by a web page to infect the computer.

 

Please, save AdwCleaner by Xplode on the desktop: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

 

Turn off all programs, including browsers.

Double-click on AdwCleaner to start the program.

 

Click on the Search button.

Wait until the search has finished.

A report will be displayed, copy its content and paste into your answer.

If the report isn't displayed, it exist as C:\AdwCleaner[R1].txt.

 

Share this post


Link to post
Share on other sites

# AdwCleaner v2.114 - Logfile created 03/06/2013 at 17:54:54

# Updated 05/03/2013 by Xplode

# Operating system : Windows Vista Home Premium (32 bits)

# User : Bill - BILL-PC

# Boot Mode : Normal

# Running from : C:\Users\Bill\Desktop\adwcleaner.exe

# Option [search]

 

***** [services] *****

 

***** [Files / Folders] *****

Folder Found : C:\Program Files\1ClickDownload

Folder Found : C:\ProgramData\boost_interprocess

Folder Found : C:\ProgramData\Tarma Installer

Folder Found : C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco

Folder Found : C:\Users\Bill\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload

Key Found : HKCU\Software\IM

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload

Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Found : HKLM\Software\Freeze.com

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco

Key Found : HKLM\Software\Iminent

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Found : HKLM\Software\Tarma Installer

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18882

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [unable to get version]

File : C:\Users\Bill\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2489 octets] - [06/03/2013 17:54:54]

########## EOF - C:\AdwCleaner[R1].txt - [2549 octets] ##########

Share this post


Link to post
Share on other sites

Please, turn off all programs, including browsers.

Double-click on AdwCleaner to start the program.

 

Click on the Delete button.

 

Click on OK.

The computer will be restarted.

 

A report will be displayed, copy its content and paste into your answer.

If the report isn't displayed, it exist as C:\AdwCleaner[s1].txt

 

How is the computer working now?

Share this post


Link to post
Share on other sites

# AdwCleaner v2.114 - Logfile created 03/06/2013 at 18:26:42

# Updated 05/03/2013 by Xplode

# Operating system : Windows Vista Home Premium (32 bits)

# User : Bill - BILL-PC

# Boot Mode : Normal

# Running from : C:\Users\Bill\Desktop\adwcleaner.exe

# Option [Delete]

 

***** [services] *****

 

***** [Files / Folders] *****

Folder Deleted : C:\Program Files\1ClickDownload

Folder Deleted : C:\ProgramData\boost_interprocess

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco

Folder Deleted : C:\Users\Bill\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco

Key Deleted : HKLM\Software\Iminent

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Deleted : HKLM\Software\Tarma Installer

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18882

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [unable to get version]

File : C:\Users\Bill\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2618 octets] - [06/03/2013 17:54:54]

AdwCleaner[s1].txt - [2595 octets] - [06/03/2013 18:26:42]

########## EOF - C:\AdwCleaner[s1].txt - [2655 octets] ##########

Share this post


Link to post
Share on other sites

Yontoo is gone and things seem to be working much smother.

 

Thank you very much for the help.

Share this post


Link to post
Share on other sites

Good!

 

You are welcome :)

 

Time for final clean-up.

 

1. Please, turn off all programs, including browsers.

Double-click on AdwCleaner to start the program.

 

Click on the Uninstall button.

 

2. Start OTL program.

Click the CleanUp! button.

Select Yes when asked "Begin cleanup process".

If you are asked to reboot, select Yes.

If any logs remain on the computer you can remove them.

 

3. Improve the security in the computer

It is very important to keep Windows and all programs updated. An old version of, for example, Flash contains vulnerabilities that makes it easy to infect the computer from a web page. To help you with keeping everything updated you can use the program Secunia Personal Software Inspector (PSI). http://www.bleepingc...th-secunia-psi/ describes how to install and use the program.

Share this post


Link to post
Share on other sites

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

 

If you're the topic starter, and need this topic reopened, please contact the staff member who was helping you with your issue.

 

Everyone else please begin a New Topic.

 

Thank you !

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0