if you still have problems, see here https://forum.avast.com/index.php?topic=53253.0
scroll down to Farbar Recovery Scan Tool (second picture) run as instructed and attach the two diagnostic logs
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Antonin at 2015-06-20 14:28:46 Run:2
Running from C:\Users\Antonin\Downloads
Loaded Profiles: Antonin (Available Profiles: Antonin & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
CHR Extension: (DHC - REST/HTTP API Client) - C:\Users\Antonin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2015-06-14]
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
Restore point was successfully created.
C:\Users\Antonin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm folder not found
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========
EmptyTemp: => 325.9 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 14:29:05 ====
[]Right-mouse click JRT.exe and select “Run as Administrator” the tool will open and start scanning your system
[]please be patient as this can take a while to complete depending on your system’s specifications
[]On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
[]post the contents of JRT.txt into your next message.
I don’t know, I think whatever virus I had, it may be gone at this point and I’m just left with it’s consequences. I would like to know where you can set this “administrator enforced settings” and maybe just remove it there.
BTW when I boot the system into safe mode, I’m actually able to remove the setting in Chrome … only when I boot back normally, it’s back.
As far as I know Chrome is storing this search engine values into system registry, that’s why it actually persist install/uninstall because uninstaller is apparently keeping those entries. Other people just deleted this registry entries and they were ok. It’s very strange for me that if I run regedit and search for yourtv.link, it won’t find it anywhere … so I have no idea where could it possibly come from.
essexboy: How did you use the SpyHunter to remove this malware without paying for it? I woudn’t be surprised if the authors of this software are actually authors of this malware as well since it is the only one who can detect it and after a long scan it wants you to buy a licence. I’m not gonna support that.
If you guys ran out of ideas, I have no other choice than to give up. Really sad but what can we do. I am registered for a Windows 10 upgrade, I’ll try to do clean installation then and I hope it’s gonna be enough napalm to kill this shit. Until then I’ll just have to live with Firefox.
essexboy: I uninstalled it, the only option there is on top to add is I think clearing the user data, which I chose. I don’t know how could I make a more full uninstall, what is “Stop and Clear”? Such option is not there during uninstall process.
Eddy: Except that you have deleted my shows, it behaves the same (including my problem).