ihateverything
Members-
Posts
15 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by ihateverything
-
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
I uninstalled globalupdate helper I can end task on wnavga.exe but it comes back 3 seconds later, I found out that if i end task on this thing called usinjector service which is running windows graphics accelerator the wnavga.exe process goes away permanently, however i dont think this is the problem as doing this totally breaks chrome and it gives me a proxy error message and doesnt work at all (have to restart to get chrome to work after that it seems) I did zoek, here are results zoek-results.txt still getting the popups though -
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
yes chrome was reset -
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
FRST.txtAddition.txt -
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
damn, i ran both and both of them found nothing -
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
after the adwcleaner + all extensions disabled the popups are still there its weird here are screenshots of some -
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
# AdwCleaner v5.007 - Logfile created 14/09/2015 at 14:32:15 # Updated 08/09/2015 by Xplode # Database : 2015-09-10.1 [server] # Operating system : Windows 10 Home (x64) # Username : MDEWMAN - KOOLMAN # Running from : C:\Users\MDEWMAN\Downloads\AdwCleaner (2).exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder Deleted : C:\Program Files (x86)\globalUpdate [-] Folder Deleted : C:\Program Files (x86)\Lightspark 0.5.3-git [-] Folder Deleted : C:\Program Files (x86)\predm [-] Folder Deleted : C:\Program Files (x86)\StartPoint [-] Folder Deleted : C:\Program Files (x86)\OLBPre [-] Folder Deleted : C:\Program Files (x86)\Music App [-] Folder Deleted : C:\ProgramData\BoostSoftware [-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git [-] Folder Deleted : C:\Users\MDEWMAN\AppData\Local\globalUpdate [-] Folder Deleted : C:\Users\MDEWMAN\AppData\Local\Updater [-] Folder Deleted : C:\Users\MDEWMAN\AppData\Local\BrowserHelper [-] Folder Deleted : C:\Users\MDEWMAN\AppData\Local\StormFall [-] Folder Deleted : C:\Users\MDEWMAN\AppData\LocalLow\imeshmusicboxtoolbarnew [-] Folder Deleted : C:\Users\MDEWMAN\AppData\Roaming\DigitalSites [-] Folder Deleted : C:\Users\MDEWMAN\AppData\Roaming\Search Protection [-] Folder Deleted : C:\Users\MDEWMAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games Bot [-] Folder Deleted : C:\Users\Public\Documents\Goobzo ***** [ Files ] ***** [-] File Deleted : C:\WINDOWS\mlwps.exe ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL [-] Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD [-] Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL [-] Key Deleted : HKLM\SOFTWARE\Classes\pc-mechanic [-] Key Deleted : HKLM\SOFTWARE\Classes\ChromaticHTM [-] Key Deleted : HKLM\SOFTWARE\56c262d7-8bab-4a8c-a3b0-76db8616fec0 [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5} [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} [-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6} [-] Key Deleted : HKU\.DEFAULT\Software\Goobzo [-] Key Deleted : HKU\.DEFAULT\Software\PennyBee [-] Key Deleted : HKU\.DEFAULT\Software\GeekBuddyRSP [-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Compete [-] Key Deleted : HKCU\Software\Brothersoft [-] Key Deleted : HKCU\Software\GlobalUpdate [-] Key Deleted : HKCU\Software\Goobzo [-] Key Deleted : HKCU\Software\Imesh [-] Key Deleted : HKCU\Software\InstalledBrowserExtensions [-] Key Deleted : HKCU\Software\Chromatic [-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_ [-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate [-] Key Deleted : HKLM\SOFTWARE\Goobzo [-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions [-] Key Deleted : HKLM\SOFTWARE\Lightspark Team [-] Key Deleted : HKLM\SOFTWARE\Uniblue [-] Key Deleted : HKLM\SOFTWARE\BoostSoftware [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lightspark [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC} [!] Key Not Deleted : [x64] HKCU\Software\Brothersoft [!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate [!] Key Not Deleted : [x64] HKCU\Software\Goobzo [!] Key Not Deleted : [x64] HKCU\Software\Imesh [!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions [!] Key Not Deleted : [x64] HKCU\Software\Chromatic [-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions [-] Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader [!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Compete [!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\Compete ***** [ Web browsers ] ***** [-] [C:\Users\MDEWMAN\AppData\Roaming\Mozilla\Firefox\Profiles\69h66f3e.default\prefs.js] [Preference] Deleted : user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A980195%2C%22ver%22%3A1%2C%22status%22%3A1%2[...] [-] [C:\Users\MDEWMAN\AppData\Roaming\Mozilla\Firefox\Profiles\69h66f3e.default\prefs.js] [Preference] Deleted : user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.internaldb.Resources_resource_980204.value", "%22function%20startAskCom%28e%2Ct%2Cr%29%7Bfunction%20a%28e%29%7Bvar%20[...] [-] [C:\Users\MDEWMAN\AppData\Roaming\Mozilla\Firefox\Profiles\69h66f3e.default\prefs.js] [Preference] Deleted : user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2[...] ************************* :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9110 bytes] ########## -
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
Im getting weird like popups that open new tabs when i start chrome or search things and my netflix doesnt work in chrome either (followed the netflix error code guide but it didnt fix it) but it was working before all this Im going to try to get screenshots of these windows next time it happens -
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
https://www.virustotal.com/en/file/263a9dfec5ed62dc0f69caf5e39ce2775e8ad8bd791150d154d043b135d7f48f/analysis/1442110254/ these links dont work well -
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
https://www.virustotal.com/en/file/263a9dfec5ed62dc0f69caf5e39ce2775e8ad8bd791150d154d043b135d7f48f/analysis/1442105876/ Fixlog.txt FRST.txt Addition.txt -
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
that worked FRST.txt Addition.txt -
adware i cant get rid of
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
I cant get it to create the addition file This error keeps coming up and I cant find a fix for this error online anywhere either -
when running frst64 i get an error that says "Subscript used on non-accessible variable." it doesnt create the addition text file FRST.txt
-
malware infection HALP
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
it seems fixed! thanks! -
malware infection HALP
ihateverything replied to ihateverything's topic in Resolved Malware Removal Logs
i completed the tasks, here is the fix log! Fixlog.txt -
clean me please!! thanks! FRST.txt Addition.txt