Windows 10: Why I can't create a folder named "a" or "b"?
I was trying to stop services in normal mode which didn't run in safe mode, then I have accidentally solved the problem this morning.
Here in Brazil, a lot of users complain about GBPlugin - a technology most bank companies require users to use in order to access their bank account online. This GBPlugin consumes lots of resources and requires a highly skilled approach to be removed from the OS.
I tried to remove it following this post. Somebody named "DigRam" suggested a scan with AdwCleaner which had shown two suspect services:
- 412f21e02ea37d13c378594fcbac2bd2
- scan
AdwCleaner scan result has no effect on GBPlugin at all but had these two - suspicious. But after the Windows reboot I could finally see, create, change and delete the folders which had been hidden (in normal windows mode).
I can't determine who was the troublemaker and I really don't care right now. Both were killed and the OS is OK now.
Finally:
- I couldn't remove GBPlugin yet, but that is another problem with an existing solution.
- I bought spyHunter which I regret.
Below, is the scanning result
# AdwCleaner v6.000 - Relatório criado 21/08/2016 às 09:08:22
# *Updated on 12/08/2016 by ToolsLib
# Banco de dados : 2016-08-21.1 [Servidor]
# Sistema operacional : Windows 10 Pro (X64)
# Usuário : eduar - MOBISTATION
# Executando de : C:\Users\eduar\Downloads\adwcleaner_6.000.exe
# Limpar
# Apoio : https://toolslib.net/forum
***** [ Serviços ] *****
[-] Políticas do IE excluídas412f21e02ea37d13c378594fcbac2bd2
[-] Políticas do IE excluídasscan
***** [ Pastas ] *****
[-] RestauradoC:\Users\eduar\AppData\Roaming\ParetoLogic
[-] RestauradoC:\ProgramData\ParetoLogic
[-] RestauradoC:\Program Files (x86)\xtex
[-] RestauradoC:\Users\Public\Documents\dmp
[-] RestauradoC:\Users\eduar\AppData\Local\Geckofx
***** [ Arquivos ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Atalhos ] *****
***** [ Tarefas agendadas ] *****
***** [ Registro ] *****
[-] Restaurado[x64] HKLM\SOFTWARE\Classes\CLSID\{65416821-217D-44BD-9C61-F53398FB1B46}
[-] Restaurado[x64] HKLM\SOFTWARE\Classes\CLSID\{6DFC0DC7-FDC5-44C2-8B80-5977BA8F8ACC}
[-] Restaurado[x64] HKLM\SOFTWARE\Classes\CLSID\{E5AFF088-92F8-41a9-8CAB-E9CDCCE967AC}
[-] Restaurado[x64] HKLM\SOFTWARE\Classes\CLSID\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
[-] Restaurado[x64] HKLM\SOFTWARE\Classes\CLSID\{94915A56-4D71-4F85-B59C-CC040F5AC6F0}
[-] Restaurado[x64] HKLM\SOFTWARE\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
[-] Restaurado[x64] HKLM\SOFTWARE\Classes\Interface\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
[-] RestauradoHKLM\SOFTWARE\Classes\Interface\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
[-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{34F4FEAF-4921-4B5D-8BE5-CA384BFFC2CE}
[-] RestauradoHKLM\SOFTWARE\Classes\TypeLib\{39A37965-0A96-43A3-870E-821FE5C84B0B}
[-] Restaurado[x64] HKLM\SOFTWARE\SmartPCFixer
[-] RestauradoHKU\S-1-5-21-3215691145-4218728392-1243681445-1001\Software\IM
[-] RestauradoHKU\S-1-5-21-3215691145-4218728392-1243681445-1001\Software\ParetoLogic
[#] *Key deleted on reboot: HKCU\Software\IM
[#] *Key deleted on reboot: HKCU\Software\ParetoLogic
[-] RestauradoHKLM\SOFTWARE\ParetoLogic
[-] RestauradoHKLM\SOFTWARE\SmartPCFixer
***** [ Navegadores ] *****
[-] [br.ask.com] [Search Provider] Excluídobr.ask.com
*************************
:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2494 *Bytes] - [21/08/2016 09:08:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [2676 *Bytes] - [21/08/2016 09:04:40]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2642 *Bytes] ##########