Jump to content

cosstminn HELP!

RichManitoba
 Share

Recommended Posts

RichManitoba

RichManitoba

Posted
Posted

Hi, newby here.


 


I upgraded to the premium version of Malwarebytes under the advice from a "computer guy".  This thing "cosstminn"  keeps popping up ads. It appears in my Chrome extensions the next session AFTER I disable it and throw it in the trash can. It does not appear in the uninstall programs section. Malwarebytes did quarantine some form of cosstminn according to the log, but's it's stiil here and further scans don't find anything.


 


Any advice?


 


Thanks, Rich. 


Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
    
 
    
Before we start please read and note the following:
    
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Do not paste the logs in your posts, attachments make my work easier. There is a Attach Files option below which you can use to attach your reports. Always attach reports from all tools.
Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.
Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
    
icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
 
P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

 

 

51a612a8b27e2-Zoek.png Scan with ZOEK
 
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;gpt.ini;z C:\Windows\System32\GroupPolicy;vC:\Windows\SysWOW64\GroupPolicy;vprocess;services-list;systemspecs;startupall;skipfix-iedefaults;firefoxlook;chromelook;filesrcm;installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Link to post
Share on other sites
RichManitoba

RichManitoba

Posted
  • Author
Posted
 

Zoek.exe v5.0.0.0 Updated 13-08-2014

Tool run by Kim on Wed 08/13/2014 at 19:15:06.00.

Microsoft Windows 8.1 6.3.9600  x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Kim\Downloads\zoek.exe    [scan all users] [script inserted] 

 

==== System Restore Info ======================

 

8/13/2014 7:17:11 PM Zoek.exe System Restore Point Created Succesfully.

 

==== Installed Programs ======================

 

 Sansa Media Converter  

64 Bit HP CIO Components Installer  

Adobe Flash Player 14 Plugin  

Adobe Reader XI (11.0.08)  

AMD APP SDK Runtime  

AMD Catalyst Install Manager  

AMD VISION Engine Control Center  

ANT Drivers Installer x64  

Catalyst Control Center - Branding  

Catalyst Control Center InstallProxy  

Catalyst Control Center Localization All  

Catalyst Control Center Profiles Mobile  

ccc-utility64  

CCC Help Chinese Standard  

CCC Help Chinese Traditional  

CCC Help Czech  

CCC Help Danish  

CCC Help Dutch  

CCC Help English  

CCC Help Finnish  

CCC Help French  

CCC Help German  

CCC Help Greek  

CCC Help Hungarian  

CCC Help Italian  

CCC Help Japanese  

CCC Help Korean  

CCC Help Norwegian  

CCC Help Polish  

CCC Help Portuguese  

CCC Help Russian  

CCC Help Spanish  

CCC Help Swedish  

CCC Help Thai  

CCC Help Turkish  

Compatibility Pack for the 2007 Office system  

CyberLink MediaEspresso 6.5  

CyberLink PowerDVD 10  

DIRECTV Player  

Elevated Installer  

EZ Vinyl/Tape Converter 4.1 by MixMeister  

Garmin Communicator Plugin  

Garmin Communicator Plugin x64  

Garmin Express  

Garmin Express Tray  

Garmin USB Drivers  

Gateway Power Management  

Gateway Recovery Management  

Google Chrome  

Google Drive  

Google Earth  

Google Update Helper  

Greeting Card Factory Express  

HP ENVY 4500 series Basic Device Software  

HP ENVY 4500 series Help  

HP FWUpdateEDO2  

HP Photo Creations  

HP Update  

HPDiagnosticAlert  

Identity Card  

Live Updater  

Malwarebytes Anti-Malware version 2.0.2.1012  

Microsoft Office Professional Plus 2013 - en-us  

Microsoft Visual C++ 2005 Redistributable  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727  

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727  

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727  

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005  

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005  

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005  

Microsoft Works 6-9 Converter  

Nero 12 Essentials OEM.a01  

Nero BackItUp  

Nero BackItUp 12 Essentials OEM.a01  

Nero BackItUp Help (CHM)  

Nero ControlCenter  

Nero ControlCenter Help (CHM)  

Nero Core Components  

Nero Express  

Nero Express Help (CHM)  

Nero Launcher  

Nero RescueAgent  

Nero RescueAgent Help (CHM)  

Nero Update  

Office 15 Click-to-Run Extensibility Component  

Office 15 Click-to-Run Licensing Component  

Office 15 Click-to-Run Localization Component  

Prerequisite installer  

Qualcomm Atheros Bluetooth Suite (64)  

Qualcomm Atheros WLAN and Bluetooth Client Installation Program  

QuickTime  

Realtek Ethernet Controller Driver  

Realtek High Definition Audio Driver  

Realtek USB 2.0 Card Reader  

Sansa Updater  

Shockwave  

Shockwave Director 8.5.1  

Soluto  

Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)  

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)  

Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1)  

YTD Video Downloader 4.7.2  

 

==== Running Processes ======================

 

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Kim\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe

C:\Users\Kim\AppData\Local\DIRECTV Player\NDSPCShowServer.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Kim\Downloads\zoek.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

 

==== Services (whitelist) ======================

Powered by E Dev

 

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

R2 - [AMD External Events Utility] - AMD External Events Utility - C:\WINDOWS\system32\atiesrxx.exe

R2 - [AtherosSvc] - AtherosSvc - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe

R2 - [ClickToRunSvc] - Microsoft Office ClickToRun Service - "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service

R2 - [Garmin Core Update Service] - Garmin Core Update Service - "C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"

R2 - [iconMan_R] - IconMan_R - "C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"

R2 - [MBAMScheduler] - MBAMScheduler - "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"

R2 - [MBAMService] - MBAMService - "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"

R2 - [NAUpdate] - Nero Update - "C:\Program Files (x86)\Nero\Update\NASvc.exe"

R2 - [solutoLauncherService] - Soluto Launcher Service - "C:\Program Files\Soluto\SolutoLauncherService.exe"

R2 - [solutoService] - Soluto PCGenome Core Service - "C:\Program Files\Soluto\SolutoService.exe"

R2 - [WinDefend] - Windows Defender Service - "C:\Program Files\Windows Defender\MsMpEng.exe"

R2 - [WSearch] - Windows Search - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

R3 - [ePowerSvc] - ePower Service - "C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe"

R3 - [VSS] - Volume Shadow Copy - C:\WINDOWS\system32\vssvc.exe

R3 - [WdNisSvc] - Windows Defender Network Inspection Service - "C:\Program Files\Windows Defender\NisSrv.exe"

S2 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc

S2 - [sppsvc] - Software Protection - C:\WINDOWS\system32\sppsvc.exe

S2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"

S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

S3 - [ALG] - Application Layer Gateway Service - C:\WINDOWS\System32\alg.exe

S3 - [COMSysApp] - COM+ System Application - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

S3 - [Fax] - Fax - C:\WINDOWS\system32\fxssvc.exe

S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc

S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - C:\WINDOWS\system32\IEEtwCollector.exe /V

S3 - [MSDTC] - Distributed Transaction Coordinator - C:\WINDOWS\System32\msdtc.exe

S3 - [msiserver] - Windows Installer - C:\WINDOWS\system32\msiexec.exe /V

S3 - [ose] - Office  Source Engine - "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"

S3 - [PerfHost] - Performance Counter DLL Host - C:\WINDOWS\SysWow64\perfhost.exe

S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\WINDOWS\system32\locator.exe

S3 - [sNMPTRAP] - SNMP Trap - C:\WINDOWS\System32\snmptrap.exe

S3 - [TrustedInstaller] - Windows Modules Installer - C:\WINDOWS\servicing\TrustedInstaller.exe

S3 - [vds] - Virtual Disk - C:\WINDOWS\System32\vds.exe

S3 - [wbengine] - Block Level Backup Engine Service - "C:\WINDOWS\system32\wbengine.exe"

S3 - [wmiApSrv] - WMI Performance Adapter - C:\WINDOWS\system32\wbem\WmiApSrv.exe

 

==== Folders Found ======================

 

 

==== Files Found ======================

 

 

--- C:\Windows\System32\GroupPolicy\GPT.INI ---

Company: ------

File Description: ------

File Version: ------

Product Name: ------

Copyright: ------

Original Filename: ------

File type: ----a-w-

File size: 11

Created time: 2014-07-18 21:01:14

Modified time: 2014-07-18 21:02:29

MD5: EC3584F3DB838942EC3669DB02DC908E

SHA1: 8DCEB96874D5C6425EBB81BFEE587244C89416DA

 

 

--- C:\Windows\SysWOW64\GroupPolicy\gpt.ini ---

Company: ------

File Description: ------

File Version: ------

Product Name: ------

Copyright: ------

Original Filename: ------

File type: ----a-w-

File size: 11

Created time: 2014-07-18 21:01:14

Modified time: 2014-07-18 21:02:29

MD5: EC3584F3DB838942EC3669DB02DC908E

SHA1: 8DCEB96874D5C6425EBB81BFEE587244C89416DA

 

 

==== Folders Found In C:\Windows\System32\GroupPolicy ======================

 

2014-07-18 21:01:14 d-----w- C:\Windows\System32\GroupPolicy\Machine

2014-07-18 21:01:14 d-----w- C:\Windows\System32\GroupPolicy\User

 

==== Files Found In C:\Windows\System32\GroupPolicy ======================

 

2014-07-18 21:02:29 165 ----a-w- BF233D3F32875CFCD621F531A00AA558 C:\Windows\System32\GroupPolicy\GPT.INI

 

==== Files Found In C:\Windows\SysWOW64\GroupPolicy ======================

 

2014-07-18 21:02:29 11 ----a-w- EC3584F3DB838942EC3669DB02DC908E C:\Windows\SysWOW64\GroupPolicy\gpt.ini

 

==== System Specs ======================

 

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 5581 MB

CPU Info: AMD A6-3620 APU with Radeon HD Graphics

CPU Speed: 2199.4 MHz

Sound Card: Speakers (Realtek High Definiti | 

Display Adapters: AMD Radeon HD 6530D | AMD Radeon HD 6530D

Monitors: 1x; Generic PnP Monitor | 

Screen Resolution: 1920 X 1080 - 32 bit

Network: Network Present

Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth Device (Personal Area Network) | Qualcomm Atheros AR5BWB222 Wireless Network Adapter | Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (E: | ) E: ATAPI   DVD A  DH16ACSH

Ports: COM3 | COM4 LPT Port NOT Present. 

Mouse: 8 Button Wheel Mouse Present

Hard Disks: C:  914.4GB

Hard Disks - Free: C:  867.7GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE |  | ACRSYS - 1072009

Time Zone: Central Standard Time

Motherboard *: Gateway DX4370G

Country: United States 

Language: ENU 

 

==== System Specs (Software) ======================

 

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Google Chrome 36.0.1985.125

Internet Explorer Version: 11.0.9600.17207 

Google Chrome version: 36.0.1985.125

Adobe Reader version: 11.0.8.4

Flash Player version: 14.0.0.145

Shockwave Player version: 8.5.1r102

 

==== Files Recently Created / Modified ======================

 

====== C:\WINDOWS ====

====== C:\Users\Kim\AppData\Local\Temp ====

2014-08-12 22:29:22 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Kim\AppData\Local\Temp\ESGScanner.sys

2014-08-12 22:27:37 58189625BBCF169B56B3B3C4E457D287 47329360 ----a-w- C:\Users\Kim\AppData\Local\Temp\SHSetup.exe

====== Java Cache =====

2014-07-22 00:50:18 338FF0BBCD96F62A21017FE78F474B4B 265357 ----a-w- C:\Users\Kim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-287df46a

2014-07-22 00:50:17 0719A8334BEBACBFCA55555E98B66AB2 932 ----a-w- C:\Users\Kim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\31b19ba-7e19d98c

2014-07-22 00:50:18 0719A8334BEBACBFCA55555E98B66AB2 932 ----a-w- C:\Users\Kim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-752dcf82

====== C:\WINDOWS\SysWOW64 =====

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2014-08-09 02:58:44 F62F4BB2637FAD0E021D3BEE20B0A9E1 264 ----a-w- C:\WINDOWS\Sysnative\ehccqjv

====== C:\WINDOWS\Sysnative\drivers =====

2014-08-13 00:49:30 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\WINDOWS\Sysnative\drivers\uxxj.sys

2014-08-09 02:58:44 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\WINDOWS\Sysnative\drivers\uvrqyfsu.sys

2014-08-09 01:58:18 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\WINDOWS\Sysnative\drivers\eias.sys

2014-08-02 14:14:46 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys

2014-08-02 14:14:32 FA8C097DF2323BB9754AB78F356B3210 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys

2014-08-02 14:14:32 F9162DB8016E5E3A5A5434DE9071FC45 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys

2014-08-02 14:14:32 5D811CBF7D397B411898C4DB9E6BB852 91352 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys

2014-07-18 21:01:29 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_webinstr_01009.Wdf

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-07-30 20:59:02 -------- d-----w- C:\Program Files\Enigma Software Group

======= C:\PROGRA~2 =====

2014-07-30 20:57:52 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard

======= C: =====

2014-07-30 20:59:31 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

====== C:\Users\Kim\AppData\Roaming ======

2014-08-02 14:01:03 -------- d-----w- C:\Users\Kim\AppData\Local\Programs

2014-07-22 00:50:23 -------- d-----w- C:\Users\Kim\AppData\Roaming\Oracle

2014-07-18 21:01:16 -------- d-----w- C:\Users\Kim\AppData\Locallow\{36A9F89B-6D22-E53A-9CF7-D285EF7937CB}

2014-07-18 21:01:14 -------- d-----w- C:\Users\Kim\AppData\Local\Torch

2014-07-18 21:01:14 -------- d-----w- C:\Users\Kim\AppData\Local\Chromatic Browser

2014-07-18 21:01:14 -------- d-----w- C:\Users\Guest\AppData\Local\Torch

2014-07-18 21:01:14 -------- d-----w- C:\Users\Guest\AppData\Local\Chromatic Browser

2014-07-18 21:01:14 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch

2014-07-18 21:01:14 -------- d-----w- C:\Users\Administrator\AppData\Local\Chromatic Browser

2014-07-18 21:01:13 -------- d-----w- C:\Users\Kim\AppData\Local\Comodo

2014-07-18 21:01:13 -------- d-----w- C:\Users\Guest\AppData\Local\Google

2014-07-18 21:01:13 -------- d-----w- C:\Users\Guest\AppData\Local\Comodo

2014-07-18 21:01:13 -------- d-----w- C:\Users\Administrator\AppData\Local\Google

2014-07-18 21:01:13 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo

====== C:\Users\Kim ======

2014-08-13 23:10:13 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp

2014-07-26 01:37:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

2014-07-18 21:01:18 -------- d-----w- C:\ProgramData\400d79d495df63d0

2014-07-18 21:01:15 075B0DA82E23780FA2DD7F2EA0464FD4 258 --sha-r- C:\ProgramData\ntuser.pol

2014-07-18 21:01:13 -------- d-----w- C:\Users\Guest\AppData

2014-07-18 21:01:13 -------- d-----w- C:\Users\Administrator\AppData

2014-07-17 22:35:46 -------- d-----r- C:\WINDOWS\SysNative\config\systemprofile\Searches

 

====== C: exe-files ==

2014-08-14 00:14:27 318F5F7E9365C71AF9E2B93264D74F66 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-372735754-2820383533-3636447293-1001\$IH1D8NC.exe

2014-08-14 00:14:22 F5E483A2DB1BC4E07D6D24761B0AFBCA 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-372735754-2820383533-3636447293-1001\$IMQP6HW.exe

2014-08-13 21:30:25 A0659E101B5D2158234D3FE5C9EC5D7A 2190480 ----a-w- C:\Users\Kim\AppData\Local\Microsoft\Windows\INetCache\IE\RWWCXSK7\DefaultPack.EXE

2014-08-13 21:23:12 EB96FC9EDAFDF00F0025A39F9BCF1861 40992 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControl_08d99bc2-d371-4a37-81f0-f87deb9ef51a\PCGAppControlPluginLoader.exe

2014-08-13 21:23:11 EB96FC9EDAFDF00F0025A39F9BCF1861 40992 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControl_63a50b74-9f7e-4b7e-916a-2847b3e494e2\PCGAppControlPluginLoader.exe

2014-08-12 22:35:05 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe

2014-08-12 22:27:37 58189625BBCF169B56B3B3C4E457D287 47329360 ----a-w- C:\Users\Kim\AppData\Local\Temp\SHSetup.exe

2014-08-12 22:27:19 9BEA4F6FFC292EE8647BAFC8B4CCFC4D 728960 ----a-w- C:\$Recycle.Bin\S-1-5-21-372735754-2820383533-3636447293-1001\$RMQP6HW.exe

2014-08-12 17:57:02 EB96FC9EDAFDF00F0025A39F9BCF1861 40992 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControl_f6136465-d322-4291-9105-bbb578dfc0f2\PCGAppControlPluginLoader.exe

2014-08-12 17:56:59 EB96FC9EDAFDF00F0025A39F9BCF1861 40992 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControl_23616891-5cfc-4f21-9096-a7a33225472f\PCGAppControlPluginLoader.exe

2014-08-08 17:50:23 9E0911C3321423B86FD5568F424DDB5A 884544 ----a-w- C:\$Recycle.Bin\S-1-5-21-372735754-2820383533-3636447293-1001\$RH1D8NC.exe

2014-08-08 16:40:03 331F49F8FE14FA2F0DC9FE88BB3A5A93 217768 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE

2014-08-08 16:40:02 40C7B067561CF0A333849E498EC21E7F 842448 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE

2014-08-08 16:40:02 340EBEC84B187DC1F88EDBB02781B247 550584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOSQM.EXE

2014-08-08 16:40:01 7DAD0687DC4D04C5BACEEA0F85BEB9C1 283312 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msoia.exe

2014-08-08 16:40:00 C139E98EDC5770025B87AF478F43DCDB 705184 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\dcf\SPREADSHEETCOMPARE.EXE

2014-08-08 16:39:55 07172AE32812C00603887C0D54DEADA0 79600 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE

2014-08-08 16:39:54 A4E96540BAF2596592D172F6592101BB 7487192 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe

2014-08-08 16:39:51 D34E8AC7A629929BCE61C424931894F2 5520088 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe

2014-08-08 16:39:51 6C1F77880396D362D7688FFDC094CB26 207016 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOXMLED.EXE

2014-08-08 16:39:49 0B039686D3DD66A2B0260F8503C4AAA2 9597104 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\PDFREFLOW.EXE

2014-08-08 16:39:48 2DB17A0C55260676BE38C9DE1E8004B3 873648 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe

2014-08-08 16:39:47 DC4901C5AD905C2C8444C16BE94D3142 474344 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE

2014-08-08 16:39:24 F4BA3654E74C8783C7A5C56340DC3225 1076440 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe

2014-08-08 16:39:22 F8D3AA972C86F5F1DA095E4EA9A74D86 480984 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE

2014-08-08 16:39:22 BA508353F5B1CC0A7C861770EE61E13D 497856 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE

2014-08-08 16:39:22 9C055A5A8C4C8E828609EFAD4CB71067 228544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\CLVIEW.EXE

2014-08-08 16:39:21 9F7CDD5496EA3CC2F6FF780597E28DC9 21930144 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe

2014-08-08 16:39:21 629E073BBF520EBC262A2E1800D60DB7 517360 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe

2014-08-08 16:39:21 5B8B68C1B048F5C257AE649122CBF8FA 569584 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE

2014-08-08 16:39:21 51DB6A1ED36A0EA43125DDE1EBD34AD9 449216 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE

2014-08-08 16:39:21 21D4192AC16FE58C7C3FBF7E9C6E1AEA 4522176 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GRAPH.EXE

2014-08-08 16:39:21 1C9EE472F0AEF9B95503D0677A44256D 1296080 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OcPubMgr.exe

2014-08-08 16:39:20 82626CC4994711B7A2DC2F948206ADAF 6483624 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconv.exe

2014-08-08 16:39:20 6B8E10CCB457AE7639B84D07F3A7DFD4 665248 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\UcMapi.exe

2014-08-08 16:39:20 4E4F2190AB716AA2FBF0B221B21ED28C 528072 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE

2014-08-08 16:39:20 4360D4DDE5D4D0053497CBC8272BE375 33440 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\AppSharingHookController.exe

2014-08-08 16:38:46 E4708F218D909BADA665FC5A93682074 589008 ----a-w- C:\Program Files\Microsoft Office 15\root\integration\Integrator.exe

2014-08-08 16:38:12 03BE15530D87A95415D019F63CF303AD 18997408 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lync.exe

2014-08-08 16:38:11 2F8876306B397C6F8217E56F5A293615 1784488 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\INFOPATH.EXE

2014-08-08 16:38:10 AA567319C9AF7F67C8E13227B542BBE9 8514240 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE

2014-08-08 16:38:08 C4C43F38C601756CAE155479F4BDF70B 18938024 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE

2014-08-08 16:38:05 88354CCEE11A1621B5C7951BFF999474 195248 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

2014-08-08 16:38:05 858C33F5A9307970C1DA8E89F73CAD4D 1754792 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE

2014-08-08 16:38:04 D53A185F15854E0B3A7F2BF5BE904AA5 15518376 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE

2014-08-08 16:37:47 AD70512F80F9DF842F9A9711F3C985F1 1923232 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE

2014-08-08 16:37:46 1A85EEDAB6D5F89864FE1A9F5F11457F 1846960 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE

2014-08-08 16:37:45 A1B4AA9C0CB138F8006C8ABF826926BD 10751656 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSPUB.EXE

2014-08-08 16:37:43 82F642D8418CEC1D14318ECC80626EC8 25710240 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE

2014-08-08 16:37:40 85DE4756AD2AE17EE8C1023C9F5BFC86 986792 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\FIRSTRUN.EXE

2014-08-08 16:34:30 EB96FC9EDAFDF00F0025A39F9BCF1861 40992 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControl_c60c2329-4492-4312-b3e0-642883c22091\PCGAppControlPluginLoader.exe

2014-08-08 16:34:24 EB96FC9EDAFDF00F0025A39F9BCF1861 40992 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControl_c18053f5-59ae-4b2a-a1ff-3b718d738874\PCGAppControlPluginLoader.exe

2014-08-07 01:12:07 EB96FC9EDAFDF00F0025A39F9BCF1861 40992 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControl_dfda4b7c-88b7-4487-b7a5-160d01af43cb\PCGAppControlPluginLoader.exe

2014-08-07 01:12:06 EB96FC9EDAFDF00F0025A39F9BCF1861 40992 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControl_2d99226c-3e07-4a0e-895b-dca4bff3d8ff\PCGAppControlPluginLoader.exe

=== C: other files ==

2014-08-13 21:15:08 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Kim\AppData\Local\Temp\_MEI21202\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx

2014-08-13 00:49:30 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\Windows\System32\drivers\uxxj.sys

2014-08-12 22:29:22 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Kim\AppData\Local\Temp\ESGScanner.sys

2014-08-09 02:58:44 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\Windows\System32\drivers\uvrqyfsu.sys

2014-08-09 01:58:18 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\Windows\System32\drivers\eias.sys

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

 

[HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run]

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

 

[HKEY_USERS\S-1-5-21-372735754-2820383533-3636447293-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

"PCShowServer"="C:\Users\Kim\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

"SansaDispatch"="C:\Users\Kim\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe"

 

[HKEY_USERS\S-1-5-21-372735754-2820383533-3636447293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run]

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

"PCShowServer"="C:\Users\Kim\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

"SansaDispatch"="C:\Users\Kim\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe"

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\qttask.exe -atboottime"

"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

"PCShowServer"="C:\Users\Kim\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

"SansaDispatch"="C:\Users\Kim\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"BtPreLoad"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe"

 

==== Startup Folders ======================

 

2014-03-19 20:03:16 1932 ----a-w- C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP ENVY 4500 series.lnk

2014-02-14 15:19:43 2160 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ WinCinema Manager.lnk

 

==== Task Scheduler Jobs ======================

 

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [07/09/2014 06:28 PM]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []

 

==== Other Scheduled Tasks ======================

 

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Gateway\Live Updater\updater.exe]

"C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Gateway\Live Updater\liveupdater_agent.exe]

"C:\WINDOWS\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe]

"C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe"]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{1F08191B-5B21-43F0-AE6F-43F9C821B613}" [C:\WINDOWS\system32\msfeedssync.exe]

 

==== Chrome Look ======================

 

cosstminn - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Administrator\AppData\Local\Torch\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Guest\AppData\Local\Torch\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Kim\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Kim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

Google Drive - Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Google Voice Search Hotword (Beta) - Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn

YouTube - Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Last updated at time on date - Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Google Search - Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Full Screen Weather - Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg

cosstminn - Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

Google Wallet - Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

cosstminn - Kim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

cosstminn - Kim\AppData\Local\Torch\User Data\Default\Extensions\jcekldoeagflnocamnonidjkcalhllgl

 

==== Chromium Startpages ======================

 

C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Preferences


"startup_urls": [ "https://www.ighome.com/" ],

 

 

==== IE Start and Search Settings ======================

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://bing.com/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{2CF45D06-7AF3-4E23-ABC8-57AFF8B8988C}"

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{2CF45D06-7AF3-4E23-ABC8-57AFF8B8988C} Unknown  Url="Not_Found"

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=0 folders=0 0 bytes)

 

==== EOF on Wed 08/13/2014 at 19:22:33.69 ======================
Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

51a612a8b27e2-Zoek.png Fix with ZOEK
 



icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;C:\Windows\System32\GroupPolicy\Machine;fsC:\Windows\System32\GroupPolicy\User;fsC:\Windows\System32\GroupPolicy\GPT.INI;fC:\Windows\SysWOW64\GroupPolicy\gpt.ini;fjcekldoeagflnocamnonidjkcalhllgl;chrautoclean;emptyalltemp;ipconfig /flushdns;b
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.
 
 
 
 
 
adwcleaner_new.png Fix with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.
  • Please include the contents of that file in your reply.
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.