UnlikePaladin98

CLOSED Application.AdReg. What is this and how to remove?

Recommended Posts

Help please. I scanned Emsisoft Emergency Kit and it detected this Application.AdReg and it can't be removed, it says the following object can't be removed for your own security. Can I be helped I have saw other people with this problem but it said fix would work only for them, so fix for me please?

 

The files are found below

Addition.txt

FRST.txt

Share this post


Link to post
Share on other sites

I need the scan report from EEK, because Application.AdReg does not tell me what was actually detected.

Share this post


Link to post
Share on other sites

Copy the below code to Notepad; Save As fixlist.txt to your Desktop.

() C:\Users\Netogb14\AppData\Local\Temp\wps\~425a937\Au_.exe
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1307846589-19793140-4240974949-1006\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1307846589-19793140-4240974949-1006\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1307846589-19793140-4240974949-1006\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1307846589-19793140-4240974949-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312017212056684\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1307846589-19793140-4240974949-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312017212056684\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1307846589-19793140-4240974949-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312017212056684\...\Policies\Explorer: [NoLogoff] 0
GroupPolicy: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1307846589-19793140-4240974949-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1307846589-19793140-4240974949-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312017212056043 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2017-10-03 18:00 - 2017-10-03 18:09 - 000000000 ____D C:\Program Files (x86)\AVG
2017-10-03 17:58 - 2017-10-05 16:07 - 000000000 ____D C:\ProgramData\Avg
2017-10-03 17:58 - 2017-10-03 18:09 - 000000000 ____D C:\Users\Netogb14\AppData\Local\AvgSetupLog
2017-10-03 17:58 - 2017-10-03 17:58 - 000000000 ____D C:\Users\Netogb14\AppData\Local\Avg
2017-11-01 16:39 - 2017-11-01 16:39 - 000000242 _____ () C:\Users\Netogb14\AppData\Local\tempuninstall.ini
2016-04-10 02:45 - 2016-04-10 02:45 - 000000000 _____ () C:\Users\Netogb14\AppData\Local\{21734DE9-EBD7-4763-8CAE-1E5BE1742E9E}
2016-04-10 02:46 - 2016-04-10 02:46 - 000000000 _____ () C:\Users\Netogb14\AppData\Local\{91D160F2-8D74-4515-ACE5-30872039264E}
2017-10-25 22:08 - 2017-10-25 22:15 - 486548088 _____ (AMD Inc.) C:\Users\Netogb14\AppData\Local\Temp\tmp90EB.exe
C:\Users\Netogb14\AppData\Local\Temp\wps\~425a937\Au_.exe
C:\Users\Netogb14\AppData\Local\Temp\wps\~425a937
C:\Users\Netogb14\AppData\Local\Temp\wps
CustomCLSID: HKU\S-1-5-21-1307846589-19793140-4240974949-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312017212056684_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Netogb14\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1307846589-19793140-4240974949-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312017212056684_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Netogb14\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1307846589-19793140-4240974949-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312017212056684_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Netogb14\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1307846589-19793140-4240974949-1006_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Netogb14\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1307846589-19793140-4240974949-1006_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Netogb14\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1307846589-19793140-4240974949-1006_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Netogb14\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
2017-11-01 16:38 - 2015-12-21 12:08 - 000718312 _____ () C:\Users\Netogb14\AppData\Local\Temp\wps\~425a937\Au_.exe
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}" /f

Close Notepad.

NOTE: It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 and press the Fix button just once and wait.

If the tool needed a restart please make sure you let the system restart normally and let the tool complete its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Attach it to your reply.

Note: If the tool warns you about an outdated version please download and run the updated version.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.