Go Save --- Chrome Extension
- Thread starter skiaholic
- Start date
1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
2. Save notepad as fixlist.txt to your Desktop.
NOTE: => It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait.
[size=8pt]If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.[/size]
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.
Step 2
Please download AdwCleaner by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the tool.
[size=8pt]Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.[/size]
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Code:
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\ProgramData\Microsoft:JnER1nXwxsiHmiUlEeYc
AlternateDataStreams: C:\ProgramData\Microsoft:KpeHW0VTctKn8V0cxJ7JUX
AlternateDataStreams: C:\Users\Eric\Cookies:g4UvP0rGKMZX0cZS9E1xYY6PH4hV
AlternateDataStreams: C:\Users\Eric\Local Settings:aPpDKiTjpasCWmStUMzHPo6w
AlternateDataStreams: C:\Users\Eric\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Eric\AppData\Local:aPpDKiTjpasCWmStUMzHPo6w
AlternateDataStreams: C:\Users\Eric\AppData\Local\Application Data:aPpDKiTjpasCWmStUMzHPo6w
AlternateDataStreams: C:\Users\Eric\AppData\Local\OfxLncTt:LVMPx19jgdpHSYDhMDFKXGUqMI
AlternateDataStreams: C:\Users\Eric\AppData\Local\Temporary Internet Files:szeo1RxfuKAfT1dNmXn4
AlternateDataStreams: C:\Users\Eric\AppData\Local\Temporary Internet Files:ZF73dsDfkPqJH4rkd4IExLsIbX
AlternateDataStreams: C:\Users\Eric\AppData\Local\YAuk397J8UD:OAIDdNJjYhV6ebU8X1KdUQh
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com/?gd=&ctid=CT3321848&octid=EB_ORIGINAL_CTID&ISID=MDD2792FB-B2AC-4C12-A3E2-BF7876D9C930&SearchSource=55&CUI=&UM=6&UP=SP7B01E4A7-726E-4712-AF2A-ED697CCB0B90&SSPV=
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3321848&octid=EB_ORIGINAL_CTID&ISID=MDD2792FB-B2AC-4C12-A3E2-BF7876D9C930&SearchSource=58&CUI=&UM=6&UP=SP7B01E4A7-726E-4712-AF2A-ED697CCB0B90&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3321848&octid=EB_ORIGINAL_CTID&ISID=MDD2792FB-B2AC-4C12-A3E2-BF7876D9C930&SearchSource=58&CUI=&UM=6&UP=SP7B01E4A7-726E-4712-AF2A-ED697CCB0B90&q={searchTerms}&SSPV=
SearchScopes: HKCU - {696323F6-FF16-4A7A-A574-D3BDB2672461} URL =
BHO-x32: GoSave -> {fff82fcc-d871-42ea-b11e-ce6cdba83058} -> C:\Program Files (x86)\GoSave\Ft49exc9HzA1Bd.dll No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
C:\Program Files (x86)\GoSave
CHR Extension: (GoSave) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\oambjajkpkoiflifadajjecffnfmoedj [2014-10-27]
C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\oambjajkpkoiflifadajjecffnfmoedj
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 SPPD; \??\C:\WINDOWS\system32\drivers\SPPD.sys [X]
EmpyTemp:NOTE: => It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait.
[size=8pt]If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.[/size]
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.
Step 2
Please download AdwCleaner by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the tool.
- Click on the Scan button.
- After the scan has finished click on the Clean button.
[size=8pt]Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.[/size]
- After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
- Post logfile will also be saved in the C:\AdwCleaner folder.
You may also like...
-
-
-
-
Google Chrome Extension Can't Be Removed- Started by suthey1
- Replies: 6
-
How to make sure my computer is free from infections?
- Started by ByteSentinel
- Replies: 35