Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible malware - mouse problems, other symptoms not showing or aren't there.


  • Please log in to reply
8 replies to this topic

#1 eerik911

eerik911

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 16 July 2016 - 05:11 AM

Hello there.

 

Some days ago my computer started to act wierd. Something is messing with the mouse and the touchpad of my laptop. 

 

The symptoms: The mouse pointer moves as it should but the left click is not working in some cases. The cursor wont change to "selection cursor" and sometimes i cant close or minimize my open windows. The close or minimize buttons wont change color as i hover over them and i cannot click them. Also, other buttons(for example installation buttons "next" and "finish" on the installation screen) will not work when clicked on. 
 Sometimes the cursor will go into selection mode and will highlight everything and tries to drag it. At this point I can not use anything to do with the mouse, except moving the cursor. The left click is not working, the right click is not working, the scrolling wheel is not working and so on. 
 Now, when I am on the internet, lets say youtube, then sometimes the page will go back to previous just randomly. When I play videos on the internet, the videos rapidly play and puse and play and pause and its going on until the "surge" ends.

I unistalled and reinstalled all the mouse and touchpad drivers. This fixed the problem for a day or so, but then it all started again.
I have used F-Secure scan and at the moment I am running ESET scan. The F-secure scan found a SuperFish, which is responsible for some of the ads on the webpages, but nothing else.

Hope to get help soon,

Thank you.


EDIT: Forgot to give my specs.
Running Lenovo Z50-70 i7 on windows 10.


Edited by eerik911, 16 July 2016 - 05:28 AM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,255 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:34 PM

Posted 16 July 2016 - 05:59 AM

Welcome to BC....

 

You may have SuperFish installed by Lenovo. You will need to run the uninstall tool provided by Lenovo if you haven't done that.

SuperFish Removal Tool from Lenovo

 

Use the programs below for finding and removing both adware and malware. If Eset finds anything please post the result of its scan.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 eerik911

eerik911
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 16 July 2016 - 08:02 AM

Thank you for your fast reply buddy215, I will add the logs in separate replys.

 

First, ESET:

Log
Scan Log
Version of virus signature database: 13477 (20160512)
Date: 16/07/2016  Time: 12:26:03
Scanned disks, folders and files: Operating memory;C:\Boot sector;D:\Boot sector;C:\;D:\
Boot sector of disk C: - error opening [4]
Boot sector of disk D: - error opening [4]
C:\hiberfil.sys - error opening [4]
C:\pagefile.sys - error opening [4]
C:\Program Files\WinRAR\Default.SFX » WINRARSFX - archive damaged
C:\Program Files\WinRAR\Zip.SFX » WINRARSFX - archive damaged
C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AppvIsvStream64.dll - error opening [4]
C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AppvIsvSubsystems64.dll - error opening [4]
C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\C2R64.dll - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\119fad08d42ffa6d95dcd9b526e7a420_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\44b203e75b01c86dc68dc78ba6a79773_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\554f7098078cc16807ca210418792c3f_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\af926e570c42173dec77edc061b63b08_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c30968b0959bdea06feca2ade3c3a465_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_b52476d8-a7e7-4cee-80f1-bf32e8e36afd - error opening [4]
C:\ProgramData\Microsoft\Crypto\SystemKeys\b749c1f973c0897d6120b12d94d28723_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\swapfile.sys - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\08b91ec02725d5ed13a0614630ea5287_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\1168b4ec171b3c29d20a46d79e7f8dbd_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\119fad08d42ffa6d95dcd9b526e7a420_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\1e8fbefc039dde14d91875be5d5e42ff_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\424b201c040ca32804895b0b7d5ae967_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\44b203e75b01c86dc68dc78ba6a79773_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\554f7098078cc16807ca210418792c3f_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\6c1e51f1169b8fde11421940b99d1321_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\6d0e211f6e6c1a6c8037daa317f5d33d_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\af926e570c42173dec77edc061b63b08_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\b540a0108bb82b130801ddfc1faa006e_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\b9344e17e7d81557626c62d9f0ad18e8_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\c30968b0959bdea06feca2ade3c3a465_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_b52476d8-a7e7-4cee-80f1-bf32e8e36afd - error opening [4]
C:\Users\All Users\Microsoft\Crypto\SystemKeys\b749c1f973c0897d6120b12d94d28723_f522bf97-a214-4825-9e49-be33d8f89386 - error opening [4]
C:\Users\Kole\AppData\Local\Microsoft\Windows\Explorer\thumbcache_48.db - error opening [4]
C:\Users\Kole\AppData\Local\Microsoft\Windows\Explorer\ThumbCacheToDelete\thmE65.tmp - error opening [4]
C:\Users\Kole\AppData\Local\Microsoft\Windows\Explorer\ThumbCacheToDelete\thmE76.tmp - error opening [4]
C:\Users\Kole\AppData\Local\Microsoft\Windows\Explorer\ThumbCacheToDelete\thmE77.tmp - error opening [4]
C:\Users\Kole\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin - error opening [4]
C:\Users\Kole\Downloads\ccsetup519.exe » NSIS » PF-Toolbar-W78.exe - is OK
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config - error opening [4]
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe.config - error opening [4]
C:\Windows\Panther\UnattendGC\diagerr.xml - error opening [4]
C:\Windows\Panther\UnattendGC\diagwrn.xml - error opening [4]
C:\Windows\PLA\System\System Diagnostics.xml - error opening [4]
C:\Windows\PLA\System\System Performance.xml - error opening [4]
C:\Windows\security\database\secedit.sdb - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG1 - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG2 - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{94bbb605-bddd-11e4-8263-c038965837fe}.TM.blf - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{94bbb605-bddd-11e4-8263-c038965837fe}.TMContainer00000000000000000001.regtrans-ms - error opening [4]
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{94bbb605-bddd-11e4-8263-c038965837fe}.TMContainer00000000000000000002.regtrans-ms - error opening [4]
C:\Windows\System32\restore\MachineGuid.txt - error opening [4]
C:\Windows\System32\Sysprep\Panther\IE\diagerr.xml - error opening [4]
C:\Windows\System32\Sysprep\Panther\IE\diagwrn.xml - error opening [4]
C:\Windows\System32\Sysprep\Panther\IE\setupact.log - error opening [4]
C:\Windows\System32\Sysprep\Panther\IE\setuperr.log - error opening [4]
C:\Windows\System32\winevt\Logs\AirSpaceChannel.etl - error opening [4]
C:\Windows\System32\winevt\Logs\Application.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Key Management Service.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Lenovo-Customer Feedback.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Client-Licensing-Platform%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Troubleshooter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Inventory.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Telemetry.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Steps-Recorder.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ApplicationResourceManagementSystem%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4EXE and DLL.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4MSI and Script.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4Packaged app-Deployment.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppLocker%4Packaged app-Execution.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppModel-Runtime%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppReadiness%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppReadiness%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeployment%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeploymentServer%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppXDeploymentServer%4Restricted.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-AppxPackaging%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4CaptureMonitor.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4PlaybackManager.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-BackgroundTaskInfrastructure%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CoreSystem-SmsRouter-Events%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Crypto-DPAPI%4BackUpKeySvc.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Crypto-DPAPI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Devices-Background%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceSetupManager%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DeviceSetupManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Dhcp-Client%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Dhcpv6-Client%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PCW%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scheduled%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scripted%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scripted%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-EapHost%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-FileHistory-Core%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-HomeGroup Control Panel%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-HomeGroup Provider Service%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-HotspotAuth%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-IKE%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-ApphelpCache%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Boot%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-EventTracing%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-IO%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-PnP%4Configuration.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-ShimEngine%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WDI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Errors.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Known Folders API Service.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LiveId%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NcdAutoSetup%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NCSI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkLocationWizard%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkProfile%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NlaSvc%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Ntfs%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Ntfs%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PowerShell%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PowerShell%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PrintService%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4CompatAfterUpgrade.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PushNotification-Platform%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PushNotification-Platform%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Security-SPP-UX-Notifications%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SettingSync%4Debug.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SettingSync%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-ConnectedAccountState%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Shell-Core%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SmartCard-DeviceEnum%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SmbClient%4Connectivity.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBClient%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SmbClient%4Security.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Audit.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Connectivity.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-SMBServer%4Security.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-StateRepository%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-StateRepository%4Restricted.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Storage-ClassPnP%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Storage-Storport%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-StorageSpaces-ManagementAgent%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Store%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Maintenance.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TWinUI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TZSync%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-User Profile Service%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-User-Loader%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UserPnp%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UserPnp%4DeviceInstall.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-VolumeSnapshot-Driver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-VPN%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Wcmsvc%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WER-Diag%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WFP%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsBackup%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsSystemAssessmentTool%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WinINet-Config%4ProxyConfigChanged.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winlogon%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WMI-Activity%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WorkFolders%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WPD-ClassInstaller%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WPD-MTPClassDriver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-WindowsPhone-Connectivity-WiFiConnSvc-Channel.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\OAlerts.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Security.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Setup.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\System.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Windows PowerShell.evtx - error opening [4]
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - error opening [4]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - error opening [4]
C:\Windows\WinSxS\amd64_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_10.0.10586.0_none_5db42904e056ea84\dnary.xsd - error opening [4]
Number of scanned objects: 365507
Number of threats found: 0
Time of completion: 15:25:29  Total scanning time: 10766 sec (02:59:26)
 
Notes:
[4] Object cannot be opened. It may be in use by another application or operating system.

Now, AdwCleaner:

 

# AdwCleaner v5.201 - Logfile created 16/07/2016 at 14:58:28
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-14.1 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : Kole - MINIONID
# Running from : C:\Users\Kole\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
File Found : C:\WINDOWS\SysWOW64\VisualDiscovery.ini
File Found : C:\WINDOWS\SysWOW64\VisualDiscoveryOff.ini
File Found : C:\WINDOWS\SysNative\VisualDiscoveryOff.ini
 
***** [ DLL ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Classes\pokki
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataContainer
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataContainer.1
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataController
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataController.1
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTable
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTable.1
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableFields
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableFields.1
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableHolder
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableHolder.1
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.LSPLogic
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.LSPLogic.1
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.ReadOnlyManager
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.ReadOnlyManager.1
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.WFPController
Key Found : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.WFPController.1
Key Found : HKU\S-1-5-21-1319957303-986249813-1958357025-1002\Software\Classes\pokki
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Key Found : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Key Found : HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKU\S-1-5-21-1319957303-986249813-1958357025-1002\Software\Conduit
Key Found : HKU\S-1-5-21-1319957303-986249813-1958357025-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Conduit
Value Found : HKU\S-1-5-21-1319957303-986249813-1958357025-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
Value Found : HKU\S-1-5-21-1319957303-986249813-1958357025-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
 
***** [ Web browsers ] *****
 
 
*************************
 
C:\AdwCleaner\AdwCleaner[S1].txt - [4334 bytes] - [16/07/2016 14:28:22]
C:\AdwCleaner\AdwCleaner[S2].txt - [4255 bytes] - [16/07/2016 14:58:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4328 bytes] ##########

Edited by eerik911, 16 July 2016 - 08:03 AM.


#4 eerik911

eerik911
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 16 July 2016 - 08:03 AM

Junk Removal Tool:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64 
Ran by Kole (Administrator) on 16/07/2016 at 15:45:55.83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 1 
 
Successfully deleted: C:\Users\Kole\AppData\Local\crashrpt (Folder) 
 
 
 
Registry: 1 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A4156461-DD3A-4A16-8039-B46885163E00} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/07/2016 at 15:49:21.46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#5 eerik911

eerik911
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 16 July 2016 - 08:05 AM

Antimalwarebytes:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 16/07/2016
Scan Time: 14:23
Logfile: Anti-Malware.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.07.16.03
Rootkit Database: v2016.05.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Kole
 
Scan Type: Threat Scan
Result: Cancelled
Objects Scanned: 55496
Time Elapsed: 3 min, 56 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#6 eerik911

eerik911
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 16 July 2016 - 08:06 AM

At the moment, after restarts, all the cleans and all, the problem seems to be gone. I will update my situation in few days, if anything comes up again.

 

Thank you very very much for your assistance.



#7 buddy215

buddy215

  • Moderator
  • 13,255 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:34 PM

Posted 16 July 2016 - 08:21 AM

Rerun AdwCleaner and be sure to click on Clean after scan is finished. The log doesn't show you deleted what it found.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 eerik911

eerik911
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 16 July 2016 - 01:11 PM

Did a rescan, and it found these and cleaned it.
# AdwCleaner v5.201 - Logfile created 16/07/2016 at 21:03:14
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-16.1 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : Kole - MINIONID
# Running from : C:\Users\Kole\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataContainer
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataContainer.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataController
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataController.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTable
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTable.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableFields
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableFields.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableHolder
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableHolder.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.LSPLogic
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.LSPLogic.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.ReadOnlyManager
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.ReadOnlyManager.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.WFPController
[-] Key Deleted : HKLM\SOFTWARE\Classes\VisualDiscoveryLib.WFPController.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Value Deleted : HKU\S-1-5-21-1319957303-986249813-1958357025-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [3864 bytes] - [16/07/2016 21:03:14]
C:\AdwCleaner\AdwCleaner[S1].txt - [4334 bytes] - [16/07/2016 14:28:22]
C:\AdwCleaner\AdwCleaner[S2].txt - [4407 bytes] - [16/07/2016 14:58:28]
C:\AdwCleaner\AdwCleaner[S3].txt - [4005 bytes] - [16/07/2016 21:01:43]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4156 bytes] ##########


#9 buddy215

buddy215

  • Moderator
  • 13,255 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:34 PM

Posted 16 July 2016 - 01:16 PM

Good....

It would be a good idea to allow me to review the lists mentioned in the instructions below....up to you.

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users