Jump to content

ophelia_hall

Members
 View Profile  See their activity

  • Posts

    7

  • Joined

  • Last visited

Reputation

0 Neutral
  1. ophelia_hall
    That should be all. Thanks for your help!
  2. ophelia_hall
    I deleted everything and rescanned. Everything appears to be going fine. I have not had anymore pop ups for the moment, so I am hopeful that the problem is now fixed. FRST.txt Addition.txt
  3. ophelia_hall
    It is still the same. I also randomly got the Extreme Blocker extension downloaded at some point today or yesterday (and I did not go to any shady websites). The HappySales tabs (I believe that is it) is still popping up when I click links. Referring to the original reason I posted this, I ran adwcleaner again and there are still the registry keys it wanted me to delete. Should I delete them or are some of them ones I need to keep? I attached the log report for you to look at. AdwCleanerR6.txt
  4. ophelia_hall
    Here is the information given by the program you linked. Sorry for the wait! Zoek.exe v5.0.0.0 Updated 08-April-2015 Tool run by Radio Star on Tue 04/21/2015 at 20:00:46.24. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Radio Star\Downloads\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 4/21/2015 8:03:32 PM Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\epson deleted successfully C:\Program Files\NCWest deleted successfully C:\Program Files\SEGA deleted successfully C:\Program Files\TomTom DesktopSuite deleted successfully C:\Program Files\VideoLAN deleted successfully C:\Program Files\Common Files\Symantec Shared deleted successfully C:\PROGRA~2\Dumps deleted successfully C:\PROGRA~2\Symantec deleted successfully C:\Users\Radio Star\AppData\Roaming\QuickScan deleted successfully C:\Users\Radio Star\AppData\Roaming\uTorrent deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3749791044-2603657649-1157988785-1001\Software\Microsoft\Internet Explorer\SearchScopes\{37498E4A-9119-48EA-A536-90055D041DB9} deleted successfully HKEY_USERS\S-1-5-21-3749791044-2603657649-1157988785-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6C394565-2D87-4640-9DF4-226F331F0B76} deleted successfully HKEY_USERS\S-1-5-21-3749791044-2603657649-1157988785-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E66592B-8E7C-4A14-88A5-8BF21032F651} deleted successfully HKEY_USERS\S-1-5-21-3749791044-2603657649-1157988785-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} deleted successfully HKEY_USERS\S-1-5-21-3749791044-2603657649-1157988785-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully HKEY_USERS\S-1-5-21-3749791044-2603657649-1157988785-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFB06D79-D749-4094-9418-62609762F2F9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\wltrysvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wltrysvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\wltrysvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wltrysvc deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\RADIOS~1\AppData\Roaming\Mozilla\Firefox\Profiles\c3782g0p.default user.js not found ---- Lines extensions.AGM5598RjntnfCcY removed from prefs.js ---- user_pref("extensions.AGM5598RjntnfCcY.epoch", "1426652736"); user_pref("extensions.AGM5598RjntnfCcY.url", "http://transferbookmy.info/sync2/?q=hfZ9oe4MhyhHhdUMCyVUojsFrdU5tMqLDe49CNU0llrMCMlNhd9FqjaHrjwErHwErHaM ---- Lines extensions.Nx9nY8o4N2iHZ6hI removed from prefs.js ---- user_pref("extensions.Nx9nY8o4N2iHZ6hI.epoch", "1426652735"); user_pref("extensions.Nx9nY8o4N2iHZ6hI.url", "http://veterances.net/sync2/?q=hfZ9ofV9CShEAen0rTwEpjYMg708BNmGWj8lkGhGheDUojw8rdrFrjaHrjwHrShIC7n0rjkEr ---- FireFox user.js and prefs.js backups ---- prefs_20150421_0821_.backup ProfilePath: C:\Users\RADIOS~1\AppData\Roaming\TomTom\HOME\Profiles\myflghu4.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20150421_0821_.backup ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\Program Files\epson not found C:\Program Files\NCWest not found C:\Program Files\SEGA not found C:\Program Files\TomTom DesktopSuite not found C:\Program Files\VideoLAN not found C:\PROGRA~2\iemfiemmfbpeodmblmhmkdpaechfbnbb deleted C:\PROGRA~2\{a21eb6eb-a092-c091-a21e-eb6eba09dbae} deleted C:\PROGRA~2\8378752446505119266 deleted C:\PROGRA~2\Overwolf deleted C:\Users\Radio Star\AppData\Roaming\appdataFr3.bin deleted C:\PROGRA~2\UpdaterLog.txt deleted C:\PROGRA~2\SPL3151.tmp deleted C:\PROGRA~2\SPLA211.tmp deleted C:\PROGRA~2\hash.dat deleted C:\PROGRA~2\Yahoo! deleted C:\PROGRA~2\Package Cache deleted C:\Users\Radio Star\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk deleted C:\Users\Radio Star\AppData\LocalLow\bearsharetb deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Security Toolbar deleted C:\Windows\wininit.ini deleted C:\Windows\tasks\iMeshNAG.job deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\System32\AI_RecycleBin deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\RADIOS~1\AppData\Roaming\Mozilla\Firefox\Profiles\c3782g0p.default user_pref("browser.search.defaultenginename", "Yahoo!"); user_pref("browser.search.selectedEngine", "Yahoo!"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [12/24/2013 06:25 PM] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}"="C:\Program Files\Updater By SweetPacks\Firefox" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\RADIOS~1\AppData\Roaming\Mozilla\Firefox\Profiles\c3782g0p.default - RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext ProfilePath: C:\Users\RADIOS~1\AppData\Roaming\TomTom\HOME\Profiles\myflghu4.default - Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Radio Star\AppData\Roaming\Mozilla\Firefox\Profiles\c3782g0p.default D7492728A4C06EC99B10F8219B1F31F5 - C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll - Java Platform SE 8 U40 F47B4F0D0DF0C28759B60CF0B0090A11 - C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.400.25 98137411B9C632095F919E2CE70B288A - C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update 98137411B9C632095F919E2CE70B288A - C:\Users\Radio Star\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update 12B7772C549B1A9A7AC2C0062F1582FF - C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll - Shockwave for Director / Shockwave for Director 3AC6EB13465EE217D715521DB8D1259F - C:\Program Files\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll - ArcPlugin 84FE63868C1AE2005EB0431A6939C8A0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll - DivX Plus Web Player 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 421CB2C1010522B3BF7C00725520B844 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 79039398587F475ADA606D1A3B740A63 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In F6D12679B9112358AC705A1308156F59 - C:\Users\Radio Star\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 3A9E1940B4459CC97FDCBB24FCB69004 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) 0FCEAA7D12B7B0BA825E5C770B1DCA48 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 43BD6F8F1FD22EE1363173D8EDF1A594 - C:\Users\Radio Star\AppData\Roaming\gentek\npthinclient.dll - Thinclient 555E65306A5D3A5978BE74E1DD62CDD9 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks Chrome Background Extension Plug-In (32-bit) E32771B0AE3F18CEFFC12D682025238A - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit) 36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin 6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller B502C8BC301556EC6B3723ACC427933C - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll - WacomTabletPlugin C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery CECCA408E6FE54A9211A7C09A106D9FD - C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll - D'Fusion @Home Web Plug-In (3.10.17859) FADBAA4892BD10FDE52D8546AE03AE2B - C:\Program Files\TabletPlugins\npwacom.dll - Wacom Dynamic Link Library 751D1B9C432A642E1AC0AC3FFF2B2816 - C:\Users\Radio Star\AppData\Roaming\Kalydo\KalydoPlayer\npkalydo.dll - Kalydo Player Plugin for Mozilla AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[08/14/2013 04:24 PM] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Homestuck Trickster - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnnbeficjghlonnjgikbhojafhgemcbe XKit - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd Shield For Chrome - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\gceighgadbamgchioaofojlblndjcggh BetaFish Adblocker - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Mississippi University for Women - MUW - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\kciepkphepmdfljggckklmdlfdcfbblj StayFocusd - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji Google Drive App Launcher - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh MSPA Notifier - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\nclackehnjikcjeijdihkafcefjgnmmi WeatherBug - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco Tumblr Savior - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip ScriptSafe - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf Outlook.com - Radio Star\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge ==== Chromium Startpages ====================== C:\Users\Radio Star\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", ==== Chromium Fix ====================== C:\Users\Radio Star\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage deleted successfully C:\Users\Radio Star\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully C:\Users\Radio Star\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage deleted successfully C:\Users\Radio Star\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3749791044-2603657649-1157988785-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully HKEY_USERS\S-1-5-21-3749791044-2603657649-1157988785-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully HKEY_USERS\S-1-5-21-3749791044-2603657649-1157988785-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2C5E510-BE6D-42CC-9F61-E4F939078474} deleted successfully HKEY_USERS\S-1-5-21-3749791044-2603657649-1157988785-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2C5E510-BE6D-42CC-9F61-E4F939078474} deleted successfully HKEY_CLASSES_ROOT\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{D2C5E510-BE6D-42CC-9F61-E4F939078474} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2C5E510-BE6D-42CC-9F61-E4F939078474} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Radio Star\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Radio Star\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Radio Star\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Radio Star\AppData\Local\Mozilla\Firefox\Profiles\c3782g0p.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Radio Star\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=120 folders=38 40193218 bytes) ==== Empty Temp Folders ====================== C:\Users\Ayumi\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Radio Star\AppData\Local\Temp will be emptied at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\RADIOS~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Radio Star\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on Tue 04/21/2015 at 21:27:49.71 ======================
  5. ophelia_hall
    (I will be getting the information to you later today (it is currently 1am) after classes and work. Sorry for the late responses!)
  6. ophelia_hall
    Not quite the reply I was expecting, but I will attach the .txt files you want. Thank you for your time. FRST.txt Addition.txt
  7. ophelia_hall
    So, after researching it appears as if I have the HappySales extension, and possibly other Malware issues. I had already deleted others prior to this, but I was unable to delete the current program. Malwarebytes helped clean up a few issues, but even after a full scan which lasted several hours it could not find anymore issues. I currently have AdwCleaner installed and it claims that various keys are in need of deletion. I am not knowledgeable enough to know which keys should be deleted or saved. I was hoping to get some answers from people who were more familiar with these issues. Here is a copy of my Registry keys Adw wants to get rid of: ***** [ Registry ] ***** Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;192.168.*.*Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4820778D-AB0D-6D18-C316-52A6A0E1D507}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngineKey Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0974BA1E-64EC-11DE-B2A5-E43756D89593}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}Key Found : HKLM\SOFTWARE\cdba62c5-eb56-6ee5-0fa3-4738d70c4397Key Found : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Found : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLLKey Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}Key Found : HKLM\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}Key Found : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}Key Found : HKLM\SOFTWARE\Classes\Prod.capKey Found : HKLM\SOFTWARE\Classes\Toolbar.CT2418376Key Found : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}Key Found : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelperKey Found : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper.1Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82EKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FAKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CCKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EAKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0EKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDFKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65EKey Found : HKU\.DEFAULT\Software\ImInstaller If anyone can tell me what I should or shouldn't get rid of, I would be deeply grateful. If this fails to fix the issue, then I will create a separate topic involving the Farbar reports.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.