Windows 10: Strange Registry Key- Possible spyware Solved

Page 1 of 2 12 LastLast
  1.    21 Jun 2016 #1

    Strange Registry Key- Possible spyware


    I was looking through regedit and was this key

    HKEY_CURRENT_USER\SOFTWARE\로컬 응용 프로그램 마법사에* 생성한 응용 프로그램

    I believe its some spyware. I need advice on how to deal with it
    Thank you
      My ComputerSystem Spec


  2. Posts : 474
    Windows 10 Pro (Mix of Builds) / Linux Mint
       21 Jun 2016 #2

    Scan the system with antispyware / antivirus.

    Report back findings.
      My ComputerSystem Spec


  3. Posts : 14,914
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       21 Jun 2016 #3

    Recommended malware scanners:

    Malwarebytes (Free version will work well)

    AdwCleaner

    TDSSKiller (To rule out the possibility of rootkits)
    Note   Note

    When running TDSSKiller, launch the program, click on the blue text "Change Parameters" & check the box marked "Detect TDLFS File system." Click OK & then run the scan.
      My ComputerSystem Spec

  4.    21 Jun 2016 #4

    RWOne said: View Post
    Scan the system with antispyware / antivirus.

    Report back findings.
    I did a full system scan with malewarebytes and Avast and both found nothing
      My ComputerSystem Spec

  5.    21 Jun 2016 #5

    Borg 386 said: View Post
    Recommended malware scanners:

    Malwarebytes (Free version will work well)

    AdwCleaner

    TDSSKiller (To rule out the possibility of rootkits)
    Note   Note

    When running TDSSKiller, launch the program, click on the blue text "Change Parameters" & check the box marked "Detect TDLFS File system." Click OK & then run the scan.
    Malwarebytes and TSDDKILLER found nothing. Doing AdwCleaner right now

    Edit: AdwCleaner found nothing
      My ComputerSystem Spec


  6. Posts : 12,181
    W10Prox64
       21 Jun 2016 #6

    Hi.
    That's definitely an odd entry. I am surprised that none of the scans returned anything at all.
    Please try running an ESET Online Scan. You can find detailed instructions in the thread below on how to manipulate it.
    BSOD after boot up, during login or right after, (bad spool header?) Solved - Page 3 - Windows 7 Help Forums

    .
      My ComputerSystem Spec


  7. Posts : 12,181
    W10Prox64
       21 Jun 2016 #7

    Has the system been cleaned from infection in the past? Could be a leftover?
    Have you run CCleaner Free on the registry to see if that particular key is flagged as broken?
      My ComputerSystem Spec

  8.    21 Jun 2016 #8

    simrick said: View Post
    Hi.
    That's definitely an odd entry. I am surprised that none of the scans returned anything at all.
    Please try running an ESET Online Scan. You can find detailed instructions in the thread below on how to manipulate it.
    BSOD after boot up, during login or right after, (bad spool header?) Solved - Page 3 - Windows 7 Help Forums

    .
    It didn't come up in CCleaner, and i do not believe that this is a leftover infection that was cleaned. (The only infection that avast has picked up are tracking cookies)

    ESET Scanner flagged the following
    C:\$Recycle.Bin\S-1-5-21-550920438-923572385-2769641918-1001\$RZL59UK.exe a variant of Win32/Adware.Coupons.AA application

    Should i go ahead an clean it. Dunno if it'll solve what that registry key is tho.
      My ComputerSystem Spec


  9. Posts : 12,181
    W10Prox64
       21 Jun 2016 #9

    jman1505 said: View Post
    It didn't come up in CCleaner, and i do not believe that this is a leftover infection that was cleaned. (The only infection that avast has picked up are tracking cookies)

    ESET Scanner flagged the following
    C:\$Recycle.Bin\S-1-5-21-550920438-923572385-2769641918-1001\$RZL59UK.exe a variant of Win32/Adware.Coupons.AA application

    Should i go ahead an clean it. Dunno if it'll solve what that registry key is tho.
    Hi. Sorry for the delay in responding. Yes, I would go ahead and clean that - it's something to do with coupon printers, which are considered adware/spyware.

    Please see my post #7 above.
      My ComputerSystem Spec

  10.    21 Jun 2016 #10

    simrick said: View Post
    Hi. Sorry for the delay in responding. Yes, I would go ahead and clean that - it's something to do with coupon printers, which are considered adware/spyware.

    Please see my post #7 above.
    Cleaned the adware out, but the registry key is still there. I didn't get the exact thing in CCleaner when i scanned the registry, but something similar
    Click image for larger version. 

Name:	2016_06_22_01_04_411.png 
Views:	11 
Size:	202.3 KB 
ID:	86219
      My ComputerSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
So like I said I obviously have a virus it started telling me that. I powered off my PC and when I tried to log back on it said something about an invalid handle.
Quick Anti-Spyware Question in Chillout Room
Just Updated to 14328 and was wondering what anti-malware apps you folks have been having good luck with. I have had problems with some IoBit programs so any suggestions would help a lot. Thanks
I am building a Custom Image using Dism.exe and install_wim_tweak.exe using a batch file. Almost finished but i am stuck with REG ADD "HKEY_LOCAL_MACHINE\TEST\SOFTWARE\Control Panel\Colors" /V Window /T REG_SZ /D "255 255 200" /F want to integrate...
This keeps showing up as spyware (?) in AntiVirus, Firewalls and System Security
ADWcleaner keeps showing the following as spyware or something that needs to be "cleaned" (sorry if the terminology is wrong): HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36} ADWcleaner removes...
Anti-Spyware help in AntiVirus, Firewalls and System Security
I've always run SuperAntiSyware on my previous Windows XP & 7. Since upgrading to Windows 10, the application has reported in excess of 700 hits, today it was 1,138. I've never had that many! I'm using Firefox Developer Edition, might that...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 16:53.
Find Us