Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #16  
Old November 21st, 2018, 09:25 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 2,029
Quote:
Can I disable windows firewall?
Yes,please. That would be great.

Quote:
The programs you want me to remove are programs I use often. Is there a problem with them?
If you are using as licensed,do not remove them. If not, I suggest you remove it. There seems to be a problem. Did you install these softwares from their sites?

Also, I recommend that you never use the Glary Utilities software for cleaning the registry.


My suggest are just these.


Have a nice day.
Reply With Quote


  #17  
Old November 22nd, 2018, 04:29 AM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
How do I disable windows firewall. Yes I downloaded them all from their websites and I have licenses for all except glaries. What software do you suggest for cleaning registry?
I will remove Glarys and do what you suggested above as soon as I know how to disable windows firewall.

Thank you
kuzzz

Happy Thanksgiving.
Reply With Quote
  #18  
Old November 22nd, 2018, 01:23 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 2,029
Quote:
How do I disable windows firewall.
Please read,tehere is here:
https://www.lifewire.com/how-to-disa...rewall-2624505
https://www.wikihow.com/Disable-Windows-7-Firewall

Quote:
What software do you suggest for cleaning registry?
We, as malware removal experts, do not recommend any software for cleaning registry.
Quote:
Yes I downloaded them all from their websites and I have licenses for all except glaries.
Let's try to solve the cleaning work with softwares.


Regards.
Reply With Quote
  #19  
Old November 23rd, 2018, 06:30 PM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-19.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-23-2018
# Duration: 00:00:02
# OS: Windows 7 Professional
# Cleaned: 49
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Premium

***** [ Files ] *****

Deleted C:\Users\Dodi's\Downloads\ReimageRepair.exe
Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\Trymedia Systems
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ProductUpdater
Deleted HKCU\Software\APN PIP
Deleted HKLM\Software\Wow6432Node\Classes\AppID\NCTAudioFo rmatSettings3.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings 3.DLL
Deleted HKLM\Software\Wow6432Node\Classes\AppID\NCTAudioCo mpress3.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Deleted HKLM\Software\Wow6432Node\Classes\AppID\REI_AxCont rol.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{FE027 3D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Deleted HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Deleted HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{93E3D79 C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{84B9B04 4-17C0-48FB-A300-C9747D5DF29C}
Deleted HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{6C9945B 7-1D19-46CB-88C0-45A24DF6CD6E}
Deleted HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3F607 E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{FA6468D 2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD51A 48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9BB31 AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Deleted HKCU\Software\Reimage
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5959 octets] - [23/11/2018 09:21:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Reply With Quote
  #20  
Old November 24th, 2018, 05:15 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 2,029
Greetings kuzzz,

Please do this,

Run FRST fixlist:
Note:Run the tool (FRST) from your DeskTop based on the instructions given.Farbar Recovery Scan Tool and Fixlist file should be on the desktop.

Please open notepad (Start > All Programs > Accessories > Notepad)
Copy the entire contents of the code box below (Do not copy the word 'code') to Notepad.
Save it to the Desktop, and name it: fixlist.txt

Code:
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: P - P:\LaunchU3.exe -a
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: {2655fc3f-12fb-11e8-bdb9-74d435fad756} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: {5a449b2c-9818-11e4-a2ef-74d435fad756} - O:\LaunchU3.exe
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: {60b81029-a526-11e8-bbc0-74d435fad756} - F:\INSTALL_ADB_RNDIS.exe
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: {6b4e4aa6-0d2c-11e8-b770-74d435fad756} - F:\TLBootstrap_WPP.exe
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: {cfb0bf8c-75c1-11e4-8335-806e6f6e6963} - E:\ASRSetup.exe

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - \Microsoft\Windows\Time Synchronization\SynchronizeTime -> No File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION
Task: {0AEF1FEE-C9A7-4D0E-82D1-4D3FC567AC06} - \Microfast_LogOn -> No File <==== ATTENTION
Task: {19D1D4DF-E129-4705-90C0-1BB502858969} - \GU5SkipUAC -> No File <==== ATTENTION
Task: {25115677-C08B-4509-9B0A-6C55A4E8C27E} - \Microfast_Daily -> No File <==== ATTENTION
Task: {2470470F-2634-478E-B181-571E98A789BB} - \Microsoft\Windows\Multimedia\SystemSoundsService -> No File <==== ATTENTION
Task: {256CA376-8E8D-4C95-9B45-148DBD715A8A} - \Microsoft\Windows\Wininet\CacheTask -> No File <==== ATTENTION
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> No File <==== ATTENTION
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - \Microsoft\Windows\Task Manager\Interactive -> No File <==== ATTENTION
Task: {290424EE-1EE1-4962-B42B-07642E4D5D84} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION
Task: {2CB288FE-2A30-4785-A30E-45CE1D05E3B1} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION
Task: {2CF16334-3A51-4319-8570-50E395D00CB4} - \Remediation\AntimalwareMigrationTask -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotificatio n -> No File <==== ATTENTION
Task: {36104896-F4A6-41E0-A9B5-ED1BB8D11832} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION
Task: {39DDEE03-74DF-44B4-8AD0-74CA04A6D451} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {3E6CCC59-7466-418C-AE9D-89BCB23A7795} - \{C5E2AAA3-DF26-4687-ABA8-E83773E6F2A2} -> No File <==== ATTENTION
Task: {420C72F7-26C8-46F8-BD8C-D5C15AC551C8} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION
Task: {4543A56A-960C-4903-8C66-F2B0F6A3BABC} - \NCH Swift Sound\expressburnShakeIcon -> No File <==== ATTENTION
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> No File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMi gration -> No File <==== ATTENTION
Task: {59E15675-B806-4ADB-9D56-7D8A6AD9D001} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - \Microsoft\Windows\UPnP\UPnPHostConfig -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION
Task: {5BCE22D8-AE05-4922-AA51-EF16418C9818} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - \Microsoft\Windows\Defrag\ScheduledDefrag -> No File <==== ATTENTION
Task: {5C30A767-9CB7-48FA-B8BE-94228CC5706A} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - \Microsoft\Windows\CertificateServicesClient\SystemTask -> No File <==== ATTENTION
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) -> No File <==== ATTENTION
Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - \Microsoft\Windows\User Profile Service\HiveUploadTask -> No File <==== ATTENTION
Task: {715FC70E-8160-4CA0-B979-B5296E94B8FC} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> No File <==== ATTENTION
Task: {724DCF8A-DBBE-4E84-9651-CAE4DE0F5E3E} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - \Microsoft\Windows\AppID\VerifiedPublisherCertStor eCheck -> No File <==== ATTENTION
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> No File <==== ATTENTION
Task: {7630734D-7D2C-4BBB-96F9-84303F9F8694} - \{B91172FD-CA38-4380-8712-5F507910EF8A} -> No File <==== ATTENTION
Task: {775C3383-1395-4905-803F-0510EDF5BF41} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> No File <==== ATTENTION
Task: {794C0FEB-B41B-4C88-A07C-0B5ED184365D} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - \Microsoft\Windows\CertificateServicesClient\UserT ask -> No File <==== ATTENTION
Task: {7BE5A07E-1900-4615-805E-068D18F1688E} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - \Microsoft\Windows\NetTrace\GatherNetworkInfo -> No File <==== ATTENTION
Task: {85E3CEFA-0789-46D6-BC2C-6AAF2EFC69C0} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION
Task: {89B96F87-6427-412B-A1D8-6226F02CB8F4} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION
Task: {8B71E293-842F-4442-BBAC-CA56DEFC559D} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION
Task: {9137A693-E53E-4790-AC0E-BD2A1A905788} - \{901B6470-AB4A-4645-92B8-FCC438C39928} -> No File <==== ATTENTION
Task: {93E065C4-DE1E-4AE0-98C6-EEFE74516A3F} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - \Microsoft\Windows\WDI\ResolutionHost -> No File <==== ATTENTION
Task: {95017125-A862-47E8-B6CF-2EB0F5BE7AA4} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION
Task: {978B0363-CB7D-46C3-971F-BCB99F62C5EA} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - \Microsoft\Windows\SystemRestore\SR -> No File <==== ATTENTION
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - \Microsoft\Windows\CertificateServicesClient\UserT ask-Roam -> No File <==== ATTENTION
Task: {9A29CD70-763E-42E4-A376-61419D3CFC2E} - \{C8180D84-7F2E-4530-9F64-58CF6EA79A8A} -> No File <==== ATTENTION
Task: {9ED2D6C4-5DC1-4025-A8FC-3B72BCAC41F4} - \{8D1BC1C9-41A0-43B9-A906-3D5F5FADDB5C} -> No File <==== ATTENTION
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - \Microsoft\Windows\TextServicesFramework\MsCtfMoni tor -> No File <==== ATTENTION
Task: {A0C88055-34FF-4BA7-A431-50C2C41E926E} - \Microsoft\Windows\Offline Files\Logon Synchronization -> No File <==== ATTENTION
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader -> No File <==== ATTENTION
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - \Microsoft\Windows\AppID\PolicyConverter -> No File <==== ATTENTION
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - \Microsoft\Windows\Location\Notifications -> No File <==== ATTENTION
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - \Microsoft\Windows\Application Experience\ProgramDataUpdater -> No File <==== ATTENTION
Task: {AA83DE6A-DEB7-4EB5-8C0E-B3E4A4F2146E} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - \Microsoft\Windows\Ras\MobilityManager -> No File <==== ATTENTION
Task: {AD6C2096-768E-4C1E-92EE-9DB7D133B0D5} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurve yor -> No File <==== ATTENTION
Task: {B20E9254-39C4-46F7-9694-28B5A6E55DBA} - \{12DDAC5F-67F6-4F49-AA07-961BBFBED07C} -> No File <==== ATTENTION
Task: {B37E1428-1811-40E4-AB54-BF5AF8EAE01B} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION
Task: {B76904BA-2B42-4F56-BFB2-8F2EA8B7CEFA} - \{5658B426-B035-4EAA-B7D8-1908942CF100} -> No File <==== ATTENTION
Task: {B7EAC58B-516E-4E9B-B7DE-11A939D66138} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - \Microsoft\Windows\Diagnosis\Scheduled -> No File <==== ATTENTION
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator -> No File <==== ATTENTION
Task: {C44A232A-F234-4F26-B0A7-44CB94DBBA1D} - \{93AC9CFC-90AA-4F43-8308-7CE57FDC05D4} -> No File <==== ATTENTION
Task: {C64085A8-6C7E-40AD-8848-E8230B192104} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - \Microsoft\Windows\Registry\RegIdleBackup -> No File <==== ATTENTION
Task: {CAF19895-BB0C-4968-B734-BF1152F0CB03} - \Adobe Flash Player NPAPI Notifier -> No File <==== ATTENTION
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - \Microsoft\Windows\RemoteAssistance\RemoteAssistan ceTask -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDete ctor -> No File <==== ATTENTION
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - \Microsoft\Windows\Windows Error Reporting\QueueReporting -> No File <==== ATTENTION
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - \Microsoft\Windows\Autochk\Proxy -> No File <==== ATTENTION
Task: {D9A3A411-C3E9-4152-B2D2-C9A5086A6E9F} - \Microsoft\Windows\Offline Files\Background Synchronization -> No File <==== ATTENTION
Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - \Microsoft\Windows\Maintenance\WinSAT -> No File <==== ATTENTION
Task: {DDA58BFF-AB5E-4BDD-96C1-247AC9911471} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTION
Task: {E0DF1605-B4BE-403E-AEC2-2BE082C64AAE} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange -> No File <==== ATTENTION
Task: {E25FDC01-57CE-4B67-BAFB-1CBBB2674D47} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask -> No File <==== ATTENTION
Task: {E65AA424-C97E-4D12-A6E2-86192DDF9115} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION
Task: {E736E4C5-73F3-456D-AADD-0FF40F50AF96} - \{8AE2DEE4-5CB3-4066-9A49-65DEB998820F} -> No File <==== ATTENTION
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask -> No File <==== ATTENTION
Task: {EADF975F-0A68-41EA-B96B-8C8C27839A42} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {F1975A69-7E40-45B1-AE7B-1D7882A38A29} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task -> No File <==== ATTENTION
Task: {F1E838E0-A6B3-474E-B4AF-0BCDBC6D2F22} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION
Task: {F3B30D71-2B39-4789-8AFF-1898BB47B978} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION
Task: {F4AE92F8-25F1-40C6-900F-20F08AB375BC} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionF ailureDetector -> No File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem -> No File <==== ATTENTION
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> No File <==== ATTENTION
Task: {1E42170C-F264-401B-9A2E-89D274CC19BE} - \{0844D64B-2CAA-4F7B-AC2D-1D66AF769293} -> No File <==== ATTENTION
Task: {07A7D6A4-06B2-437E-AA89-578133117BCA} - \{6A63DF07-AD38-4C28-97E3-7F3CF70C383E} -> No File <==== ATTENTION
Task: {0F19A080-3492-4772-B2F3-292B6EFBC2C8} - \{FFD70A7F-ACCB-4719-A351-0349BA83F5F1} -> No File <==== ATTENTION
Task: {1069B48C-4980-4F0B-9048-F8AAB650CC16} - \{E943DD1B-8C0E-4271-8F0F-89FA2887C16D} -> No File <==== ATTENTION
Task: {25286D0C-D7DA-448F-AB13-FEB5CDC4CE93} - \{46337A3E-36D6-4191-B8FC-89B0B59E720C} -> No File <==== ATTENTION
Task: {25CAD4AF-D7BF-400E-8249-2092EA19C81E} - \{18093C1E-FA09-4256-8FA6-BE0BBAC6028B} -> No File <==== ATTENTION
Task: {27C4EB88-2B2B-43BC-A288-B6795750BA2B} - \{0E16EE80-C450-461F-B2AC-2C21308145D7} -> No File <==== ATTENTION
Task: {2B719A43-E6BD-4754-88F0-FF8AB117136F} - \{DA43DC7E-6510-4279-9D59-68D0B48AF1FE} -> No File <==== ATTENTION
Task: {37074C8A-0A84-4879-89E5-CE9BE446AF89} - \{EE61E5FD-C6E3-4DED-9210-9DDAB2794039} -> No File <==== ATTENTION
Task: {464BC0A1-7880-4EB9-84D6-8A8ABDF54657} - \{81C1E6AD-D574-4BA9-AF18-829B00D13AAE} -> No File <==== ATTENTION
Task: {6C553EDD-6666-49EA-81FD-F88505257E48} - \{FB8360C3-B6FA-43EB-ACBA-4E21D95908DD} -> No File <==== ATTENTION
FirewallRules: [{584DA3A7-502D-4DA7-B9AF-7F7F11903181}] => (Allow) LPort=2869
FirewallRules: [{AFC6DDF7-F70A-4796-9C4D-3CD2072ABB32}] => (Allow) LPort=1900
FirewallRules: [{D6E2C2AB-0C72-44BD-B090-C622149CB17E}] => (Allow) C:\Users\Dodi's\AppData\Local\Chromium\Application \chrome.exe
AlternateDataStreams: C:\ProgramData\TEMP:036B81D9 [184]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:58515F92 [262]
AlternateDataStreams: C:\ProgramData\TEMP:72F57408 [129]
AlternateDataStreams: C:\ProgramData\TEMP:743A8968 [98]
AlternateDataStreams: C:\ProgramData\TEMP:84098FD3 [268]
AlternateDataStreams: C:\ProgramData\TEMP:98BBF151 [118]
AlternateDataStreams: C:\ProgramData\TEMP:EA75C0D4 [145]
AlternateDataStreams: C:\ProgramData\TEMP:EFE756E0 [117]
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-1448708669-323945309-3416342945-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-1448708669-323945309-3416342945-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=OTH&chn=1 000&geo=US&ver=22.16.0.247&locale=en_US&guid=17D0C CAD-B61B-496F-BFEB-0346D53466F7&doi=2016-09-01&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-1448708669-323945309-3416342945-1000 -> {D031C66A-A96E-40a8-BAE9-D4F0FF1E019A} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3F cx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-22] (Oracle Corporation)
FF Homepage: Mozilla\Firefox\Profiles\9d6byt1y.default-1538116312109 -> hxxps://www.startpage.com/eng/?hbp=1#hmb
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1 .dll [2018-07-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-22] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.16.2.22\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.16.2.22\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
C:\Users\Dodi's\Downloads\ReimageRepair(1).exe
C:\Users\Dodi's\Downloads\Support-LogMeInRescue(1).exe
C:\Windows\Reimage.ini
C:\Users\Dodi's\AppData\Local\resmon.resmoncfg
C:\Users\Dodi's\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Dodi's\AppData\Roaming\trace_FilterInstal ler.txt-CRT.txt
C:\Users\Dodi's\AppData\Roaming\trace_FilterInstal ler.txt
C:\Users\Dodi's\AppData\Roaming\trace_FilterInstal ler.1.txt
C:\Users\Dodi's\AppData\Roaming\pcouffin.cat
C:\Users\Dodi's\AppData\Roaming\pcouffin.inf
C:\Users\Dodi's\AppData\Roaming\pcouffin.log
C:\Users\Dodi's\AppData\Roaming\pcouffin.sys
cmd: type "C:\Users\Dodi's\AppData\Roaming\.backup.dm"
cmd: type "C:\Users\Dodi's\AppData\Roaming\MycoPref4.txt"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
C:\Program Files (x86)\Glary Utilities 5
C:\Users\Dodi's\Downloads\Glary_Utilities_v5.107.0 .132.exe
C:\Windows\system32\Drivers\GUBootStartup.sys
C:\Windows\System32\Tasks\GlaryInitialize 5
C:\Users\Dodi's\AppData\Roaming\DiskDefrag
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
C:\Users\Dodi's\Downloads\Glary_Utilities_v5.109.0 .134.exe
C:\Users\Dodi's\AppData\Roaming\GlarySoft
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-11-15] (Glarysoft Ltd)
Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
Task: {40701FC9-89E7-4515-BAE7-F1C862673338} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2018-11-11] (Glarysoft Ltd)
Task: {4543A56A-960C-4903-8C66-F2B0F6A3BABC} - \NCH Swift Sound\expressburnShakeIcon -> No File <==== ATTENTION
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: MalTray => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> No File <==== ATTENTION
cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
EmptyTemp:
NOTICE: This script is written specifically for this computer!!!
Running this on another computer may cause damage to the Operating System.

Now, please run FRST, and press theFix button, just once, and wait.

When done, the tool creates a report on the Desktop called: Fixlog.txt

>> Please post the Fixlog.txt in your reply.

------------------------------------------------------

Please let me know if you have any question or problem. Did it cause any problem ?

Regards
Reply With Quote
  #21  
Old November 24th, 2018, 10:10 PM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
I don't have Farbar Recovery Scan tool on my desktop. Should I get it before I proceed? never mind I found it. proceeding

kuzzz

Last edited by kuzzz; November 25th, 2018 at 04:45 AM.
Reply With Quote
  #22  
Old November 25th, 2018, 04:36 AM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: P - P:\LaunchU3.exe -a
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: {2655fc3f-12fb-11e8-bdb9-74d435fad756} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: {5a449b2c-9818-11e4-a2ef-74d435fad756} - O:\LaunchU3.exe
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: {60b81029-a526-11e8-bbc0-74d435fad756} - F:\INSTALL_ADB_RNDIS.exe
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: {6b4e4aa6-0d2c-11e8-b770-74d435fad756} - F:\TLBootstrap_WPP.exe
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\...\MountPoints2: {cfb0bf8c-75c1-11e4-8335-806e6f6e6963} - E:\ASRSetup.exe

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - \Microsoft\Windows\Time Synchronization\SynchronizeTime -> No File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION
Task: {0AEF1FEE-C9A7-4D0E-82D1-4D3FC567AC06} - \Microfast_LogOn -> No File <==== ATTENTION
Task: {19D1D4DF-E129-4705-90C0-1BB502858969} - \GU5SkipUAC -> No File <==== ATTENTION
Task: {25115677-C08B-4509-9B0A-6C55A4E8C27E} - \Microfast_Daily -> No File <==== ATTENTION
Task: {2470470F-2634-478E-B181-571E98A789BB} - \Microsoft\Windows\Multimedia\SystemSoundsService -> No File <==== ATTENTION
Task: {256CA376-8E8D-4C95-9B45-148DBD715A8A} - \Microsoft\Windows\Wininet\CacheTask -> No File <==== ATTENTION
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> No File <==== ATTENTION
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - \Microsoft\Windows\Task Manager\Interactive -> No File <==== ATTENTION
Task: {290424EE-1EE1-4962-B42B-07642E4D5D84} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION
Task: {2CB288FE-2A30-4785-A30E-45CE1D05E3B1} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION
Task: {2CF16334-3A51-4319-8570-50E395D00CB4} - \Remediation\AntimalwareMigrationTask -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotificatio n -> No File <==== ATTENTION
Task: {36104896-F4A6-41E0-A9B5-ED1BB8D11832} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION
Task: {39DDEE03-74DF-44B4-8AD0-74CA04A6D451} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {3E6CCC59-7466-418C-AE9D-89BCB23A7795} - \{C5E2AAA3-DF26-4687-ABA8-E83773E6F2A2} -> No File <==== ATTENTION
Task: {420C72F7-26C8-46F8-BD8C-D5C15AC551C8} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION
Task: {4543A56A-960C-4903-8C66-F2B0F6A3BABC} - \NCH Swift Sound\expressburnShakeIcon -> No File <==== ATTENTION
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> No File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMi gration -> No File <==== ATTENTION
Task: {59E15675-B806-4ADB-9D56-7D8A6AD9D001} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - \Microsoft\Windows\UPnP\UPnPHostConfig -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION
Task: {5BCE22D8-AE05-4922-AA51-EF16418C9818} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - \Microsoft\Windows\Defrag\ScheduledDefrag -> No File <==== ATTENTION
Task: {5C30A767-9CB7-48FA-B8BE-94228CC5706A} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - \Microsoft\Windows\CertificateServicesClient\Syste mTask -> No File <==== ATTENTION
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) -> No File <==== ATTENTION
Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - \Microsoft\Windows\User Profile Service\HiveUploadTask -> No File <==== ATTENTION
Task: {715FC70E-8160-4CA0-B979-B5296E94B8FC} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> No File <==== ATTENTION
Task: {724DCF8A-DBBE-4E84-9651-CAE4DE0F5E3E} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - \Microsoft\Windows\AppID\VerifiedPublisherCertStor eCheck -> No File <==== ATTENTION
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> No File <==== ATTENTION
Task: {7630734D-7D2C-4BBB-96F9-84303F9F8694} - \{B91172FD-CA38-4380-8712-5F507910EF8A} -> No File <==== ATTENTION
Task: {775C3383-1395-4905-803F-0510EDF5BF41} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> No File <==== ATTENTION
Task: {794C0FEB-B41B-4C88-A07C-0B5ED184365D} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - \Microsoft\Windows\CertificateServicesClient\UserT ask -> No File <==== ATTENTION
Task: {7BE5A07E-1900-4615-805E-068D18F1688E} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - \Microsoft\Windows\NetTrace\GatherNetworkInfo -> No File <==== ATTENTION
Task: {85E3CEFA-0789-46D6-BC2C-6AAF2EFC69C0} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION
Task: {89B96F87-6427-412B-A1D8-6226F02CB8F4} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION
Task: {8B71E293-842F-4442-BBAC-CA56DEFC559D} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION
Task: {9137A693-E53E-4790-AC0E-BD2A1A905788} - \{901B6470-AB4A-4645-92B8-FCC438C39928} -> No File <==== ATTENTION
Task: {93E065C4-DE1E-4AE0-98C6-EEFE74516A3F} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - \Microsoft\Windows\WDI\ResolutionHost -> No File <==== ATTENTION
Task: {95017125-A862-47E8-B6CF-2EB0F5BE7AA4} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION
Task: {978B0363-CB7D-46C3-971F-BCB99F62C5EA} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - \Microsoft\Windows\SystemRestore\SR -> No File <==== ATTENTION
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - \Microsoft\Windows\CertificateServicesClient\UserT ask-Roam -> No File <==== ATTENTION
Task: {9A29CD70-763E-42E4-A376-61419D3CFC2E} - \{C8180D84-7F2E-4530-9F64-58CF6EA79A8A} -> No File <==== ATTENTION
Task: {9ED2D6C4-5DC1-4025-A8FC-3B72BCAC41F4} - \{8D1BC1C9-41A0-43B9-A906-3D5F5FADDB5C} -> No File <==== ATTENTION
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - \Microsoft\Windows\TextServicesFramework\MsCtfMoni tor -> No File <==== ATTENTION
Task: {A0C88055-34FF-4BA7-A431-50C2C41E926E} - \Microsoft\Windows\Offline Files\Logon Synchronization -> No File <==== ATTENTION
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader -> No File <==== ATTENTION
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - \Microsoft\Windows\AppID\PolicyConverter -> No File <==== ATTENTION
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - \Microsoft\Windows\Location\Notifications -> No File <==== ATTENTION
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - \Microsoft\Windows\Application Experience\ProgramDataUpdater -> No File <==== ATTENTION
Task: {AA83DE6A-DEB7-4EB5-8C0E-B3E4A4F2146E} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - \Microsoft\Windows\Ras\MobilityManager -> No File <==== ATTENTION
Task: {AD6C2096-768E-4C1E-92EE-9DB7D133B0D5} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurve yor -> No File <==== ATTENTION
Task: {B20E9254-39C4-46F7-9694-28B5A6E55DBA} - \{12DDAC5F-67F6-4F49-AA07-961BBFBED07C} -> No File <==== ATTENTION
Task: {B37E1428-1811-40E4-AB54-BF5AF8EAE01B} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION
Task: {B76904BA-2B42-4F56-BFB2-8F2EA8B7CEFA} - \{5658B426-B035-4EAA-B7D8-1908942CF100} -> No File <==== ATTENTION
Task: {B7EAC58B-516E-4E9B-B7DE-11A939D66138} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - \Microsoft\Windows\Diagnosis\Scheduled -> No File <==== ATTENTION
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator -> No File <==== ATTENTION
Task: {C44A232A-F234-4F26-B0A7-44CB94DBBA1D} - \{93AC9CFC-90AA-4F43-8308-7CE57FDC05D4} -> No File <==== ATTENTION
Task: {C64085A8-6C7E-40AD-8848-E8230B192104} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - \Microsoft\Windows\Registry\RegIdleBackup -> No File <==== ATTENTION
Task: {CAF19895-BB0C-4968-B734-BF1152F0CB03} - \Adobe Flash Player NPAPI Notifier -> No File <==== ATTENTION
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - \Microsoft\Windows\RemoteAssistance\RemoteAssistan ceTask -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDete ctor -> No File <==== ATTENTION
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - \Microsoft\Windows\Windows Error Reporting\QueueReporting -> No File <==== ATTENTION
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - \Microsoft\Windows\Autochk\Proxy -> No File <==== ATTENTION
Task: {D9A3A411-C3E9-4152-B2D2-C9A5086A6E9F} - \Microsoft\Windows\Offline Files\Background Synchronization -> No File <==== ATTENTION
Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - \Microsoft\Windows\Maintenance\WinSAT -> No File <==== ATTENTION
Task: {DDA58BFF-AB5E-4BDD-96C1-247AC9911471} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTION
Task: {E0DF1605-B4BE-403E-AEC2-2BE082C64AAE} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange -> No File <==== ATTENTION
Task: {E25FDC01-57CE-4B67-BAFB-1CBBB2674D47} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask -> No File <==== ATTENTION
Task: {E65AA424-C97E-4D12-A6E2-86192DDF9115} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION
Task: {E736E4C5-73F3-456D-AADD-0FF40F50AF96} - \{8AE2DEE4-5CB3-4066-9A49-65DEB998820F} -> No File <==== ATTENTION
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask -> No File <==== ATTENTION
Task: {EADF975F-0A68-41EA-B96B-8C8C27839A42} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {F1975A69-7E40-45B1-AE7B-1D7882A38A29} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task -> No File <==== ATTENTION
Task: {F1E838E0-A6B3-474E-B4AF-0BCDBC6D2F22} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION
Task: {F3B30D71-2B39-4789-8AFF-1898BB47B978} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION
Task: {F4AE92F8-25F1-40C6-900F-20F08AB375BC} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionF ailureDetector -> No File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem -> No File <==== ATTENTION
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> No File <==== ATTENTION
Task: {1E42170C-F264-401B-9A2E-89D274CC19BE} - \{0844D64B-2CAA-4F7B-AC2D-1D66AF769293} -> No File <==== ATTENTION
Task: {07A7D6A4-06B2-437E-AA89-578133117BCA} - \{6A63DF07-AD38-4C28-97E3-7F3CF70C383E} -> No File <==== ATTENTION
Task: {0F19A080-3492-4772-B2F3-292B6EFBC2C8} - \{FFD70A7F-ACCB-4719-A351-0349BA83F5F1} -> No File <==== ATTENTION
Task: {1069B48C-4980-4F0B-9048-F8AAB650CC16} - \{E943DD1B-8C0E-4271-8F0F-89FA2887C16D} -> No File <==== ATTENTION
Task: {25286D0C-D7DA-448F-AB13-FEB5CDC4CE93} - \{46337A3E-36D6-4191-B8FC-89B0B59E720C} -> No File <==== ATTENTION
Task: {25CAD4AF-D7BF-400E-8249-2092EA19C81E} - \{18093C1E-FA09-4256-8FA6-BE0BBAC6028B} -> No File <==== ATTENTION
Task: {27C4EB88-2B2B-43BC-A288-B6795750BA2B} - \{0E16EE80-C450-461F-B2AC-2C21308145D7} -> No File <==== ATTENTION
Task: {2B719A43-E6BD-4754-88F0-FF8AB117136F} - \{DA43DC7E-6510-4279-9D59-68D0B48AF1FE} -> No File <==== ATTENTION
Task: {37074C8A-0A84-4879-89E5-CE9BE446AF89} - \{EE61E5FD-C6E3-4DED-9210-9DDAB2794039} -> No File <==== ATTENTION
Task: {464BC0A1-7880-4EB9-84D6-8A8ABDF54657} - \{81C1E6AD-D574-4BA9-AF18-829B00D13AAE} -> No File <==== ATTENTION
Task: {6C553EDD-6666-49EA-81FD-F88505257E48} - \{FB8360C3-B6FA-43EB-ACBA-4E21D95908DD} -> No File <==== ATTENTION
FirewallRules: [{584DA3A7-502D-4DA7-B9AF-7F7F11903181}] => (Allow) LPort=2869
FirewallRules: [{AFC6DDF7-F70A-4796-9C4D-3CD2072ABB32}] => (Allow) LPort=1900
FirewallRules: [{D6E2C2AB-0C72-44BD-B090-C622149CB17E}] => (Allow) C:\Users\Dodi's\AppData\Local\Chromium\Application \chrome.exe
AlternateDataStreams: C:\ProgramData\TEMP:036B81D9 [184]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:58515F92 [262]
AlternateDataStreams: C:\ProgramData\TEMP:72F57408 [129]
AlternateDataStreams: C:\ProgramData\TEMP:743A8968 [98]
AlternateDataStreams: C:\ProgramData\TEMP:84098FD3 [268]
AlternateDataStreams: C:\ProgramData\TEMP:98BBF151 [118]
AlternateDataStreams: C:\ProgramData\TEMP:EA75C0D4 [145]
AlternateDataStreams: C:\ProgramData\TEMP:EFE756E0 [117]
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-1448708669-323945309-3416342945-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-1448708669-323945309-3416342945-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=OTH&chn=1 000&geo=US&ver=22.16.0.247&locale=en_US&guid=17D0C CAD-B61B-496F-BFEB-0346D53466F7&doi=2016-09-01&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-1448708669-323945309-3416342945-1000 -> {D031C66A-A96E-40a8-BAE9-D4F0FF1E019A} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome% 3F cx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-22] (Oracle Corporation)
FF Homepage: Mozilla\Firefox\Profiles\9d6byt1y.default-1538116312109 -> hxxps://www.startpage.com/eng/?hbp=1#hmb
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1 .dll [2018-07-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-22] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.16.2.22\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.16.2.22\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
C:\Users\Dodi's\Downloads\ReimageRepair(1).exe
C:\Users\Dodi's\Downloads\Support-LogMeInRescue(1).exe
C:\Windows\Reimage.ini
C:\Users\Dodi's\AppData\Local\resmon.resmoncfg
C:\Users\Dodi's\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Dodi's\AppData\Roaming\trace_FilterInstal ler.txt-CRT.txt
C:\Users\Dodi's\AppData\Roaming\trace_FilterInstal ler.txt
C:\Users\Dodi's\AppData\Roaming\trace_FilterInstal ler.1.txt
C:\Users\Dodi's\AppData\Roaming\pcouffin.cat
C:\Users\Dodi's\AppData\Roaming\pcouffin.inf
C:\Users\Dodi's\AppData\Roaming\pcouffin.log
C:\Users\Dodi's\AppData\Roaming\pcouffin.sys
cmd: type "C:\Users\Dodi's\AppData\Roaming\.backup.dm"
cmd: type "C:\Users\Dodi's\AppData\Roaming\MycoPref4.txt "
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
C:\Program Files (x86)\Glary Utilities 5
C:\Users\Dodi's\Downloads\Glary_Utilities_v5.107.0 .132.exe
C:\Windows\system32\Drivers\GUBootStartup.sys
C:\Windows\System32\Tasks\GlaryInitialize 5
C:\Users\Dodi's\AppData\Roaming\DiskDefrag
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
C:\Users\Dodi's\Downloads\Glary_Utilities_v5.109.0 .134.exe
C:\Users\Dodi's\AppData\Roaming\GlarySoft
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-11-15] (Glarysoft Ltd)
Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
Reply With Quote
  #23  
Old November 25th, 2018, 04:37 AM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
Task: {40701FC9-89E7-4515-BAE7-F1C862673338} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2018-11-11] (Glarysoft Ltd)
Task: {4543A56A-960C-4903-8C66-F2B0F6A3BABC} - \NCH Swift Sound\expressburnShakeIcon -> No File <==== ATTENTION
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: MalTray => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> No File <==== ATTENTION
cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\P => removed successfully
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{2655fc3f-12fb-11e8-bdb9-74d435fad756} => removed successfully
HKLM\Software\Classes\CLSID\{2655fc3f-12fb-11e8-bdb9-74d435fad756} => not found
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{5a449b2c-9818-11e4-a2ef-74d435fad756} => removed successfully
HKLM\Software\Classes\CLSID\{5a449b2c-9818-11e4-a2ef-74d435fad756} => not found
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{60b81029-a526-11e8-bbc0-74d435fad756} => removed successfully
HKLM\Software\Classes\CLSID\{60b81029-a526-11e8-bbc0-74d435fad756} => not found
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{6b4e4aa6-0d2c-11e8-b770-74d435fad756} => removed successfully
HKLM\Software\Classes\CLSID\{6b4e4aa6-0d2c-11e8-b770-74d435fad756} => not found
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{cfb0bf8c-75c1-11e4-8335-806e6f6e6963} => removed successfully
HKLM\Software\Classes\CLSID\{cfb0bf8c-75c1-11e4-8335-806e6f6e6963} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{044A67 34-E90E-4F8F-B357-B2DC8AB3B5EC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A67 34-E90E-4F8F-B357-B2DC8AB3B5EC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Time Synchronization\SynchronizeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{088482 FA-65B8-4E17-9ABF-1DCD48E8D373}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482 FA-65B8-4E17-9ABF-1DCD48E8D373}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Tcpip\IpAddressConflict1" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09F06B FE-A3C8-40E3-846A-6E6F4000C238}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06B FE-A3C8-40E3-846A-6E6F4000C238}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Tcpip\IpAddressConflict2" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0AEF1F EE-C9A7-4D0E-82D1-4D3FC567AC06}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AEF1F EE-C9A7-4D0E-82D1-4D3FC567AC06}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microfas t_LogOn" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19D1D4 DF-E129-4705-90C0-1BB502858969}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19D1D4 DF-E129-4705-90C0-1BB502858969}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GU5SkipU AC" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{251156 77-C08B-4509-9B0A-6C55A4E8C27E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{251156 77-C08B-4509-9B0A-6C55A4E8C27E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microfas t_Daily" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{247047 0F-2634-478E-B181-571E98A789BB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{247047 0F-2634-478E-B181-571E98A789BB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Multimedia\SystemSoundsService" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{256CA3 76-8E8D-4C95-9B45-148DBD715A8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{256CA3 76-8E8D-4C95-9B45-148DBD715A8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Wininet\CacheTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{280111 08-68DF-4C73-B91B-57427D501BBA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{280111 08-68DF-4C73-B91B-57427D501BBA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F7B72 21-AE8F-44F3-BA82-F7D260F51964}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B72 21-AE8F-44F3-BA82-F7D260F51964}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Task Manager\Interactive" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{290424 EE-1EE1-4962-B42B-07642E4D5D84}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{290424 EE-1EE1-4962-B42B-07642E4D5D84}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\SideShow\SessionAgent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CB288 FE-2A30-4785-A30E-45CE1D05E3B1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CB288 FE-2A30-4785-A30E-45CE1D05E3B1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\DispatchRecoveryTasks" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2CF163 34-3A51-4319-8570-50E395D00CB4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CF163 34-3A51-4319-8570-50E395D00CB4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Remediat ion\AntimalwareMigrationTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F5726 9B-1E09-4E2D-AB1E-B0FDAC7D279C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F5726 9B-1E09-4E2D-AB1E-B0FDAC7D279C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\WindowsBackup\ConfigNotificatio n" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{361048 96-F4A6-41E0-A9B5-ED1BB8D11832}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{361048 96-F4A6-41E0-A9B5-ED1BB8D11832}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\OCURActivate" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39DDEE 03-74DF-44B4-8AD0-74CA04A6D451}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39DDEE 03-74DF-44B4-8AD0-74CA04A6D451}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E6CCC 59-7466-418C-AE9D-89BCB23A7795}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E6CCC 59-7466-418C-AE9D-89BCB23A7795}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C5E2AAA 3-DF26-4687-ABA8-E83773E6F2A2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{420C72 F7-26C8-46F8-BD8C-D5C15AC551C8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{420C72 F7-26C8-46F8-BD8C-D5C15AC551C8}" => removed successfully
Reply With Quote
  #24  
Old November 25th, 2018, 04:38 AM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\SideShow\AutoWake" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4543A5 6A-960C-4903-8C66-F2B0F6A3BABC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4543A5 6A-960C-4903-8C66-F2B0F6A3BABC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NCH Swift Sound\expressburnShakeIcon" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47536D 45-EEEC-4BDC-8183-A4DC1F8DA9E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D 45-EEEC-4BDC-8183-A4DC1F8DA9E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Customer Experience Improvement Program\UsbCeip" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{486D71 5E-6AA2-44CF-BC48-B6990CBB53C6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D71 5E-6AA2-44CF-BC48-B6990CBB53C6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Shell\WindowsParentalControlsMi gration" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59E156 75-B806-4ADB-9D56-7D8A6AD9D001}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59E156 75-B806-4ADB-9D56-7D8A6AD9D001}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\PvrRecoveryTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A40E9 26-9E86-4B89-9CFD-B12311724371}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E9 26-9E86-4B89-9CFD-B12311724371}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\UPnP\UPnPHostConfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B42DD 9C-5A26-4F27-BB95-34603F0997E5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD 9C-5A26-4F27-BB95-34603F0997E5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Shell\WindowsParentalControls" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5BCE22 D8-AE05-4922-AA51-EF16418C9818}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BCE22 D8-AE05-4922-AA51-EF16418C9818}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C0AEE EA-C154-45BE-8499-BEA5F11BAFF6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEE EA-C154-45BE-8499-BEA5F11BAFF6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Defrag\ScheduledDefrag" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C30A7 67-9CB7-48FA-B8BE-94228CC5706A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C30A7 67-9CB7-48FA-B8BE-94228CC5706A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\MobilePC\HotStart" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5F5A18E B-DC73-4E45-A11C-B59043598412}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18 EB-DC73-4E45-A11C-B59043598412}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\CertificateServicesClient\SystemTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{613612 BA-897D-44CE-8DC1-8FC283F9FD51}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612 BA-897D-44CE-8DC1-8FC283F9FD51}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6738BA 6E-EA75-4B6B-B8B8-71F0336DD8EF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA 6E-EA75-4B6B-B8B8-71F0336DD8EF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\User Profile Service\HiveUploadTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{715FC7 0E-8160-4CA0-B979-B5296E94B8FC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{715FC7 0E-8160-4CA0-B979-B5296E94B8FC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{724DCF 8A-DBBE-4E84-9651-CAE4DE0F5E3E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{724DCF 8A-DBBE-4E84-9651-CAE4DE0F5E3E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\StartRecording" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{72DB746 5-BC54-491B-A92A-4637A28C9BBF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB74 65-BC54-491B-A92A-4637A28C9BBF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\AppID\VerifiedPublisherCertStor eCheck" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{753C47 AE-EC5E-44B3-95A9-2C8E553F0E39}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47 AE-EC5E-44B3-95A9-2C8E553F0E39}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Windows Media Sharing\UpdateLibrary" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{763073 4D-7D2C-4BBB-96F9-84303F9F8694}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{763073 4D-7D2C-4BBB-96F9-84303F9F8694}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B91172F D-CA38-4380-8712-5F507910EF8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{775C33 83-1395-4905-803F-0510EDF5BF41}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{775C33 83-1395-4905-803F-0510EDF5BF41}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{794C0F EB-B41B-4C88-A07C-0B5ED184365D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{794C0F EB-B41B-4C88-A07C-0B5ED184365D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\mcupdate" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7AFCC0 CA-7121-422A-AB45-B0E8D599FF08}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0 CA-7121-422A-AB45-B0E8D599FF08}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\CertificateServicesClient\UserT ask" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BE5A0 7E-1900-4615-805E-068D18F1688E}" => removed successfully
Reply With Quote
  #25  
Old November 25th, 2018, 04:39 AM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BE5A0 7E-1900-4615-805E-068D18F1688E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\RegisterSearch" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81540B 9F-B5BF-47EB-9C95-BE195BF2C664}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B 9F-B5BF-47EB-9C95-BE195BF2C664}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\NetTrace\GatherNetworkInfo" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85E3CE FA-0789-46D6-BC2C-6AAF2EFC69C0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85E3CE FA-0789-46D6-BC2C-6AAF2EFC69C0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\ObjectStoreRecoveryTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89B96F 87-6427-412B-A1D8-6226F02CB8F4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89B96F 87-6427-412B-A1D8-6226F02CB8F4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\PBDADiscoveryW1" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B71E2 93-842F-4442-BBAC-CA56DEFC559D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B71E2 93-842F-4442-BBAC-CA56DEFC559D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\PvrScheduleTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9137A6 93-E53E-4790-AC0E-BD2A1A905788}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9137A6 93-E53E-4790-AC0E-BD2A1A905788}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{901B647 0-AB4A-4645-92B8-FCC438C39928}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93E065 C4-DE1E-4AE0-98C6-EEFE74516A3F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93E065 C4-DE1E-4AE0-98C6-EEFE74516A3F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\ehDRMInit" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9435F8 17-FED2-454E-88CD-7F78FDA62C48}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F8 17-FED2-454E-88CD-7F78FDA62C48}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\WDI\ResolutionHost" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{950171 25-A862-47E8-B6CF-2EB0F5BE7AA4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{950171 25-A862-47E8-B6CF-2EB0F5BE7AA4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\SideShow\SystemDataProviders" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{978B03 63-CB7D-46C3-971F-BCB99F62C5EA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{978B03 63-CB7D-46C3-971F-BCB99F62C5EA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\SideShow\GadgetManager" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{994C86A D-A929-4B2C-88A0-4E25A107A029}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86 AD-A929-4B2C-88A0-4E25A107A029}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\SystemRestore\SR" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9979CB 83-103A-4105-9E5D-C74B0AF6D198}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9979CB 83-103A-4105-9E5D-C74B0AF6D198}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\CertificateServicesClient\UserT ask-Roam" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A29CD 70-763E-42E4-A376-61419D3CFC2E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A29CD 70-763E-42E4-A376-61419D3CFC2E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C8180D8 4-7F2E-4530-9F64-58CF6EA79A8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9ED2D6 C4-5DC1-4025-A8FC-3B72BCAC41F4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9ED2D6 C4-5DC1-4025-A8FC-3B72BCAC41F4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8D1BC1C 9-41A0-43B9-A906-3D5F5FADDB5C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C8B01 A2-11FF-4C41-848F-508EF4F00CF7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01 A2-11FF-4C41-848F-508EF4F00CF7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\TextServicesFramework\MsCtfMoni tor" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0C880 55-34FF-4BA7-A431-50C2C41E926E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0C880 55-34FF-4BA7-A431-50C2C41E926E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Offline Files\Logon Synchronization" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A35BB7 A6-5F0C-4C9F-8450-2B3BED532D51}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7 A6-5F0C-4C9F-8450-2B3BED532D51}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\WindowsColorSystem\Calibration Loader" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A48CAB BF-24C8-4B87-B00F-9261807C3B43}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A48CAB BF-24C8-4B87-B00F-9261807C3B43}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\AppID\PolicyConverter" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6AF93 77-77CE-47AB-AD7D-EC32CAD0C82D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6AF93 77-77CE-47AB-AD7D-EC32CAD0C82D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Location\Notifications" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7C737 32-9F11-4281-8D19-764D4EC9D94D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7C737 32-9F11-4281-8D19-764D4EC9D94D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Application Experience\ProgramDataUpdater" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA83DE 6A-DEB7-4EB5-8C0E-B3E4A4F2146E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA83DE 6A-DEB7-4EB5-8C0E-B3E4A4F2146E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\PBDADiscoveryW2" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5A CF-89F7-4220-BA21-81EE183975E2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5A CF-89F7-4220-BA21-81EE183975E2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Application Experience\AitAgent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC6680 97-4D6B-4093-AC14-014C09DBF820}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC6680 97-4D6B-4093-AC14-014C09DBF820}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Ras\MobilityManager" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD6C20 96-768E-4C1E-92EE-9DB7D133B0D5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD6C20 96-768E-4C1E-92EE-9DB7D133B0D5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\OCURDiscovery" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0CBAB 43-44FC-469B-A4CE-87426761FDCE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB 43-44FC-469B-A4CE-87426761FDCE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\PerfTrack\BackgroundConfigSurve yor" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B20E92 54-39C4-46F7-9694-28B5A6E55DBA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B20E92 54-39C4-46F7-9694-28B5A6E55DBA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{12DDAC5 F-67F6-4F49-AA07-961BBFBED07C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B37E14 28-1811-40E4-AB54-BF5AF8EAE01B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B37E14 28-1811-40E4-AB54-BF5AF8EAE01B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\InstallPlayReady" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B76904 BA-2B42-4F56-BFB2-8F2EA8B7CEFA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B76904 BA-2B42-4F56-BFB2-8F2EA8B7CEFA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5658B42 6-B035-4EAA-B7D8-1908942CF100}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7EAC5 8B-516E-4E9B-B7DE-11A939D66138}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7EAC5 8B-516E-4E9B-B7DE-11A939D66138}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\PBDADiscovery" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE669C 13-8165-4536-96D0-6D6C39292AAE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE669C 13-8165-4536-96D0-6D6C39292AAE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Diagnosis\Scheduled" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C01636 6B-7126-46CA-B36B-592A3D95A60B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C01636 6B-7126-46CA-B36B-592A3D95A60B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Customer Experience Improvement Program\Consolidator" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C44A23 2A-F234-4F26-B0A7-44CB94DBBA1D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C44A23 2A-F234-4F26-B0A7-44CB94DBBA1D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{93AC9CF C-90AA-4F43-8308-7CE57FDC05D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C64085 A8-6C7E-40AD-8848-E8230B192104}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C64085 A8-6C7E-40AD-8848-E8230B192104}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\ActivateWindowsSearch" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA4B8F F2-A4D2-4D88-A52E-3A5BDAF7F56E}" => removed successfully
Reply With Quote
  #26  
Old November 25th, 2018, 04:40 AM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4B8F F2-A4D2-4D88-A52E-3A5BDAF7F56E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Registry\RegIdleBackup" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CAF198 95-BB0C-4968-B734-BF1152F0CB03}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAF198 95-BB0C-4968-B734-BF1152F0CB03}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player NPAPI Notifier" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB3D64 BF-C0C9-45FF-BFB0-FF1A8F680186}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB3D64 BF-C0C9-45FF-BFB0-FF1A8F680186}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\RemoteAssistance\RemoteAssistan ceTask" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE645 58-E1A7-4D9D-80A7-2001912BE5B5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE645 58-E1A7-4D9D-80A7-2001912BE5B5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\MemoryDiagnostic\CorruptionDete ctor" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0250F 3F-6480-484F-B719-42F659AC64D5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F 3F-6480-484F-B719-42F659AC64D5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Windows Error Reporting\QueueReporting" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D7B6E81 D-3CF4-432C-84D2-24213F4316E6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E8 1D-3CF4-432C-84D2-24213F4316E6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Autochk\Proxy" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9A3A4 11-C3E9-4152-B2D2-C9A5086A6E9F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9A3A4 11-C3E9-4152-B2D2-C9A5086A6E9F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Offline Files\Background Synchronization" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA41DE 71-8431-42FB-9DB0-EB64A961DEAD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA41DE 71-8431-42FB-9DB0-EB64A961DEAD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Maintenance\WinSAT" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDA58B FF-AB5E-4BDD-96C1-247AC9911471}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDA58B FF-AB5E-4BDD-96C1-247AC9911471}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\PeriodicScanRetry" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0DF16 05-B4BE-403E-AEC2-2BE082C64AAE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0DF16 05-B4BE-403E-AEC2-2BE082C64AAE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\MediaCenterRecoveryTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E22A86 67-F75B-4BA9-BA46-067ED4429DE8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E22A86 67-F75B-4BA9-BA46-067ED4429DE8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E25FDC 01-57CE-4B67-BAFB-1CBBB2674D47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E25FDC 01-57CE-4B67-BAFB-1CBBB2674D47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\ReindexSearchRoot" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3163C 33-301D-4730-A266-5518C5ED3967}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3163C 33-301D-4730-A266-5518C5ED3967}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Bluetooth\UninstallDeviceTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E65AA4 24-C97E-4D12-A6E2-86192DDF9115}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E65AA4 24-C97E-4D12-A6E2-86192DDF9115}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\Ap pleSoftwareUpdate" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E736E4 C5-73F3-456D-AADD-0FF40F50AF96}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E736E4 C5-73F3-456D-AADD-0FF40F50AF96}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8AE2DEE 4-5CB3-4066-9A49-65DEB998820F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EACA24 FF-236C-401D-A1E7-B3D5267B8A50}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EACA24 FF-236C-401D-A1E7-B3D5267B8A50}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\RAC\RacTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EADF97 5F-0A68-41EA-B96B-8C8C27839A42}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EADF97 5F-0A68-41EA-B96B-8C8C27839A42}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\SqlLiteRecoveryTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EB02381 F-D652-4B1C-894A-712498C62C51}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB0238 1F-D652-4B1C-894A-712498C62C51}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\MUI\LPRemove" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F1975A 69-7E40-45B1-AE7B-1D7882A38A29}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1975A 69-7E40-45B1-AE7B-1D7882A38A29}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows Live\SOXE\Extractor Definitions Update Task" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1E838 E0-A6B3-474E-B4AF-0BCDBC6D2F22}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1E838 E0-A6B3-474E-B4AF-0BCDBC6D2F22}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\UpdateRecordPath" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F3B30D7 1-2B39-4789-8AFF-1898BB47B978}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3B30D 71-2B39-4789-8AFF-1898BB47B978}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\RecordingRestart" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4AE92 F8-25F1-40C6-900F-20F08AB375BC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4AE92 F8-25F1-40C6-900F-20F08AB375BC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Media Center\ConfigureInternetTimeService" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0 A6-8D4B-458A-85C8-2B8C72487513}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0 A6-8D4B-458A-85C8-2B8C72487513}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\MemoryDiagnostic\DecompressionF ailureDetector" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB3C35 4D-297A-4EB2-9B58-090F6361906B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB3C35 4D-297A-4EB2-9B58-090F6361906B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Power Efficiency Diagnostics\AnalyzeSystem" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDD56C 73-F0D5-41B6-B767-6EFFD7966428}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDD56C 73-F0D5-41B6-B767-6EFFD7966428}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Customer Experience Improvement Program\KernelCeipTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E4217 0C-F264-401B-9A2E-89D274CC19BE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E4217 0C-F264-401B-9A2E-89D274CC19BE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0844D64 B-2CAA-4F7B-AC2D-1D66AF769293}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07A7D6 A4-06B2-437E-AA89-578133117BCA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07A7D6 A4-06B2-437E-AA89-578133117BCA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6A63DF0 7-AD38-4C28-97E3-7F3CF70C383E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F19A0 80-3492-4772-B2F3-292B6EFBC2C8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F19A0 80-3492-4772-B2F3-292B6EFBC2C8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FFD70A7 F-ACCB-4719-A351-0349BA83F5F1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1069B4 8C-4980-4F0B-9048-F8AAB650CC16}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1069B4 8C-4980-4F0B-9048-F8AAB650CC16}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E943DD1 B-8C0E-4271-8F0F-89FA2887C16D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25286D 0C-D7DA-448F-AB13-FEB5CDC4CE93}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25286D 0C-D7DA-448F-AB13-FEB5CDC4CE93}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{46337A3 E-36D6-4191-B8FC-89B0B59E720C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25CAD4 AF-D7BF-400E-8249-2092EA19C81E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25CAD4 AF-D7BF-400E-8249-2092EA19C81E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{18093C1 E-FA09-4256-8FA6-BE0BBAC6028B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27C4EB 88-2B2B-43BC-A288-B6795750BA2B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27C4EB 88-2B2B-43BC-A288-B6795750BA2B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0E16EE8 0-C450-461F-B2AC-2C21308145D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B719A 43-E6BD-4754-88F0-FF8AB117136F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B719A 43-E6BD-4754-88F0-FF8AB117136F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DA43DC7 E-6510-4279-9D59-68D0B48AF1FE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37074C 8A-0A84-4879-89E5-CE9BE446AF89}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37074C 8A-0A84-4879-89E5-CE9BE446AF89}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EE61E5F D-C6E3-4DED-9210-9DDAB2794039}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{464BC0 A1-7880-4EB9-84D6-8A8ABDF54657}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{464BC0 A1-7880-4EB9-84D6-8A8ABDF54657}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{81C1E6A D-D574-4BA9-AF18-829B00D13AAE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C553E DD-6666-49EA-81FD-F88505257E48}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C553E DD-6666-49EA-81FD-
Reply With Quote
  #27  
Old November 25th, 2018, 04:40 AM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
F88505257E48}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FB8360C 3-B6FA-43EB-ACBA-4E21D95908DD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\\{584DA 3A7-502D-4DA7-B9AF-7F7F11903181}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\\{AFC6D DF7-F70A-4796-9C4D-3CD2072ABB32}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\\{D6E2C 2AB-0C72-44BD-B090-C622149CB17E}" => removed successfully
C:\ProgramData\TEMP => ":036B81D9" ADS removed successfully
C:\ProgramData\TEMP => ":2CB9631F" ADS removed successfully
C:\ProgramData\TEMP => ":58515F92" ADS removed successfully
C:\ProgramData\TEMP => ":72F57408" ADS removed successfully
C:\ProgramData\TEMP => ":743A8968" ADS removed successfully
C:\ProgramData\TEMP => ":84098FD3" ADS removed successfully
C:\ProgramData\TEMP => ":98BBF151" ADS removed successfully
C:\ProgramData\TEMP => ":EA75C0D4" ADS removed successfully
C:\ProgramData\TEMP => ":EFE756E0" ADS removed successfully
"HKU\S-1-5-21-1448708669-323945309-3416342945-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => removed successfully
HKLM\Software\Classes\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => removed successfully
HKLM\Software\Classes\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => not found
HKLM\Software\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => not found
HKU\S-1-5-21-1448708669-323945309-3416342945-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D031C66A-A96E-40a8-BAE9-D4F0FF1E019A} => removed successfully
HKLM\Software\Classes\CLSID\{D031C66A-A96E-40a8-BAE9-D4F0FF1E019A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
"Firefox homepage" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.181.2 => removed successfully
"C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1 .dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.181.2 => removed successfully
C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan .org/vlc,version=2.1.5 => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcf dmffimndhafhblfmpjdpe => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanbl ccfahdhdonehdalibjnif => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions \cjabmdjcfcfdmffimndhafhblfmpjdpe => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions \efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions \iikflkcanblccfahdhdonehdalibjnif => removed successfully
"C:\Users\Dodi's\Downloads\ReimageRepair(1).ex e" => not found
C:\Users\Dodi's\Downloads\Support-LogMeInRescue(1).exe => moved successfully
"C:\Windows\Reimage.ini" => not found
C:\Users\Dodi's\AppData\Local\resmon.resmoncfg => moved successfully
C:\Users\Dodi's\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"C:\Users\Dodi's\AppData\Roaming\trace_FilterInsta l ler.txt-CRT.txt" => not found
"C:\Users\Dodi's\AppData\Roaming\trace_FilterInsta l ler.txt" => not found
"C:\Users\Dodi's\AppData\Roaming\trace_FilterInsta l ler.1.txt" => not found
C:\Users\Dodi's\AppData\Roaming\pcouffin.cat => moved successfully
C:\Users\Dodi's\AppData\Roaming\pcouffin.inf => moved successfully
C:\Users\Dodi's\AppData\Roaming\pcouffin.log => moved successfully
C:\Users\Dodi's\AppData\Roaming\pcouffin.sys => moved successfully

========= type "C:\Users\Dodi's\AppData\Roaming\.backup.dm" =========

y¹)¤Í{/]ê¡j[*õ¡üš‘wo|å»*œv€Žš]¥C€²¿L@„?Žý€ž§h‚\ñ€\óý+“‘*#š 
OkE7ž|ၪg&g˜¯«ŸÍ¥²€ 7a¦ZüŽ »2úAê*fôÿWE;J/R’䀓ý´~’Á£ï#œ_8~aS8‘sœJYG„€ 4ãYŸ¢Ð™‰€™5pþ‚Œ9$c€Ï
ý*&i*A³·ª”Qœ†%ˆCix£Måy€œ$™V ‹)¢f#xÏR$¬K #¥ªPÁ€€*.<©Cª¡ª ÿ’ž*ú
pc=‚˜x¿G“*?t‘›(€80’`ð˜0Љ_kt*’„ €šP
2‚ÁH„jU
x

========= End of CMD: =========


========= type "C:\Users\Dodi's\AppData\Roaming\MycoPref4.txt " =========

VERSION:4.1
LANGUAGE:UK
NAMELANGUAGE:UK
DIASSECONDS:4
USEQUICK:1
EASY:0
GENUSSORTALFA:0
GENUSSORTPROB:1
SPECIESSORTALFA:0
SPECIESSORTSYST:0
SPECIESSORTPROB:1
COLLAPSETOGENERA:0
REGISTRATION:
FIRSTOPENED:12/3/2016
TIPS:off
HIGHSCORETEXT01:Raymond Kuo Fung
HIGHSCORE01:42
HIGHSCORETEXT02:Irene Morales
HIGHSCORE02:13
HIGHSCORETEXT03:Jamilla Kabamba
HIGHSCORE03:8
HIGHSCORETEXT04:Louise Jensen
HIGHSCORE04:11
HIGHSCORETEXT05:
HIGHSCORE05:0
HIGHSCORETEXT06:
HIGHSCORE06:0
HIGHSCORETEXT07:
HIGHSCORE07:0
HIGHSCORETEXT08:
HIGHSCORE08:0
HIGHSCORETEXT09:
HIGHSCORE09:0
HIGHSCORETEXT10:
HIGHSCORE10:0
HIGHSCORETEXT11:Edwin Jordan
HIGHSCORE11:71
HIGHSCORETEXT12:Peg N. Davis
HIGHSCORE12:56
HIGHSCORETEXT13:Albert Petersen
HIGHSCORE13:20
HIGHSCORETEXT14:
HIGHSCORE14:0
HIGHSCORETEXT15:
HIGHSCORE15:0
HIGHSCORETEXT16:
HIGHSCORE16:0
HIGHSCORETEXT17:
HIGHSCORE17:0
HIGHSCORETEXT18:
HIGHSCORE18:0
HIGHSCORETEXT19:
HIGHSCORE19:0
HIGHSCORETEXT20:
HIGHSCORE20:0
HIGHSCORETEXT21:Meinhardt Moser
HIGHSCORE21:61
HIGHSCORETEXT22:Jean Louis ‰mile Boudier
HIGHSCORE22:53
HIGHSCORETEXT23:Jacob E. Lange
HIGHSCORE23:48
HIGHSCORETEXT24:Charles Horton Peck
HIGHSCORE24:41
HIGHSCORETEXT25:
HIGHSCORE25:0
HIGHSCORETEXT26:
HIGHSCORE26:0
HIGHSCORETEXT27:
HIGHSCORE27:0
HIGHSCORETEXT28:
HIGHSCORE28:0
HIGHSCORETEXT29:
HIGHSCORE29:0
HIGHSCORETEXT30:
HIGHSCORE30:0
HIGHSCORETEXT31:Elias Fries
HIGHSCORE31:79
HIGHSCORETEXT32:Jan Vesterholt
HIGHSCORE32:71
HIGHSCORETEXT33:Narcisse Théophile Patouillard
HIGHSCORE33:45
HIGHSCORETEXT34:Giacomo Bresadola
HIGHSCORE34:52
HIGHSCORETEXT35:
HIGHSCORE35:0
HIGHSCORETEXT36:
HIGHSCORE36:0
HIGHSCORETEXT37:
HIGHSCORE37:0
HIGHSCORETEXT38:
HIGHSCORE38:0
HIGHSCORETEXT39:
HIGHSCORE39:0
HIGHSCORETEXT40:
HIGHSCORE40:0
Reply With Quote
  #28  
Old November 25th, 2018, 04:41 AM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
========= End of CMD: =========

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk" => not found
"C:\Program Files (x86)\Glary Utilities 5" => not found
"C:\Users\Dodi's\Downloads\Glary_Utilities_v5.107. 0 .132.exe" => not found
"C:\Windows\system32\Drivers\GUBootStartup.sys " => not found
"C:\Windows\System32\Tasks\GlaryInitialize 5" => not found
C:\Users\Dodi's\AppData\Roaming\DiskDefrag => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5" => not found
"C:\Users\Dodi's\Downloads\Glary_Utilities_v5.109. 0 .134.exe" => not found
C:\Users\Dodi's\AppData\Roaming\GlarySoft => moved successfully
GUBootStartup => service not found.
Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe => Error: No automatic fix found for this entry.
"C:\Program Files (x86)\Glary Utilities 5\zlib1.dll" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40701F C9-89E7-4515-BAE7-F1C862673338}" => not found
"C:\Windows\System32\Tasks\GlaryInitialize 5" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GlaryIni tialize 5" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4543A5 6A-960C-4903-8C66-F2B0F6A3BABC}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NCH Swift Sound\expressburnShakeIcon" => not found
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GUDelayStartup => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MalTray => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{280111 08-68DF-4C73-B91B-57427D501BBA}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsof t\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)" => not found

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= IPCONFIG /release =========


Windows IP Configuration


Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : attlocal.net
IPv6 Address. . . . . . . . . . . : 2600:1700:7451:59c0::49
IPv6 Address. . . . . . . . . . . : 2600:1700:7451:59c0:d5e8:151e:1ba7:64f
Temporary IPv6 Address. . . . . . : 2600:1700:7451:59c0:dc9e:cd59:2a14:b4e7
Link-local IPv6 Address . . . . . : fe80::d5e8:151e:1ba7:64f%14
Default Gateway . . . . . . . . . : fe80::ce65:adff:fe23:33a0%14

Tunnel adapter isatap.attlocal.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

========= End of CMD: =========


========= IPCONFIG /renew =========


Windows IP Configuration


Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : attlocal.net
IPv6 Address. . . . . . . . . . . : 2600:1700:7451:59c0::49
IPv6 Address. . . . . . . . . . . : 2600:1700:7451:59c0:d5e8:151e:1ba7:64f
Temporary IPv6 Address. . . . . . : 2600:1700:7451:59c0:dc9e:cd59:2a14:b4e7
Link-local IPv6 Address . . . . . : fe80::d5e8:151e:1ba7:64f%14
IPv4 Address. . . . . . . . . . . : 192.168.1.136
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::ce65:adff:fe23:33a0%14
192.168.1.254

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Tunnel adapter isatap.attlocal.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : attlocal.net

========= End of CMD: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset c:\resetlog.txt =========

Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= netsh int ipv4 reset =========

There's no user specified settings to be reset.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reseting Interface, OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {060FFA05-BA27-431F-B43D-1444A1918E66}.
Unable to cancel {7F1F5E49-9CC3-4114-BD7A-AC6D9D36DC47}.
Unable to cancel {E1978795-FDED-4716-A939-EB04D82D33EE}.
Unable to cancel {2D157337-C677-4F38-840E-E1D6B6939DE9}.
Unable to cancel {C747A2E8-7EE5-4D68-AF20-84E7E248393D}.
Unable to cancel {9B6BD888-E46C-4365-B86C-24D6AA816D4D}.
Unable to cancel {6524CFE5-5CFA-4853-BEB2-0F714C63F170}.
Unable to cancel {4D51B8AD-CA28-4F12-A06B-AE9E91B07321}.
Unable to cancel {5D983B35-BDBC-4513-9D40-B6420955EF28}.
Unable to cancel {B0B92E02-AD49-4CA1-82E1-62337D41A06A}.
Unable to cancel {ECA58420-8A6B-4253-A366-247B29D8CEF9}.
Unable to cancel {66C35BF2-7D45-4349-9EE4-7687502DE8FA}.
Unable to cancel {7BD9FD3B-2EDB-4B27-A350-A70AEA459DEC}.
Unable to cancel {76070F07-FD91-4D67-B344-A5792B337F58}.
Unable to cancel {12BF6E0A-DC5E-4D5C-80CD-8B6BC8ADEC88}.
Unable to cancel {EE17E410-A152-485E-95D2-26541AE6E3EF}.
Unable to cancel {F889203A-10D7-410E-BE95-3DB0CD43B0A2}.
Unable to cancel {E575B421-B1E3-46FA-89B7-67C00F0A5671}.
Unable to cancel {8EA4EA7F-A6E0-491C-935E-A775B8A56478}.
Unable to cancel {E1D54433-0753-4E63-B75E-35C6BBB24492}.
Unable to cancel {4397BF5C-018D-483A-856C-F88BB0B8225C}.
Unable to cancel {AB554F00-22FC-4494-B7C8-FB791B806C37}.
Unable to cancel {9286C4EE-B32D-417A-BE8D-4485B1BAD46A}.
Unable to cancel {759DEA34-9950-4C9F-A70F-B5ED282F06E1}.
Unable to cancel {2F6FE1A6-ED42-4321-AB87-48DDD562EF6C}.
Unable to cancel {207C16D9-F26E-414E-A07D-610C642ECBC9}.
Unable to cancel {C6C11C68-7D71-4E9C-8CDE-7EB8B37B3EEA}.
Unable to cancel {C523AD9D-4207-42E6-9174-7C1859CBFEAC}.
Unable to cancel {FD3C4E0A-6E1A-47F6-9C14-39D12A26C6F5}.
Unable to cancel {C8D2B5BF-6BE0-47C9-90BE-8DA5AC37D4FE}.
Unable to cancel {653B545D-780E-4F6C-85E3-FF755DA11ACC}.
Unable to cancel {9814041E-EC89-4475-BEC4-C686AA215834}.
Unable to cancel {722B903A-1552-438D-8BDE-59DC4B9FC62B}.
Unable to cancel {B478C8CE-4DC3-48E4-8EE6-B49870F3F695}.
Unable to cancel {02AEB8C1-383A-4138-A300-ED2BF5437DD1}.
Unable to cancel {07EC4985-2388-41A8-9F05-312705B0A8D4}.
Unable to cancel {4D3F0D88-C5E5-4353-906F-09E5403607FD}.
Unable to cancel {4C679985-EF91-49C1-B4EA-25C5C2B31EBE}.
Unable to cancel {2DE8AB2B-6356-4600-9D65-768A56C8634A}.
Unable to cancel {7991B537-69F7-4FE3-BB27-3986D11AA6F7}.
Unable to cancel {0D08B53E-02D8-4EBF-8646-5D7512651F76}.
Unable to cancel {415F00E2-6AD9-4F07-8D0B-31E97904053C}.
Unable to cancel {EEB9ECE8-0C02-48FB-B313-AD750B903E85}.
Unable to cancel {DF70B4AD-D72F-432D-AF19-A27B76850A23}.
Unable to cancel {9CC732BD-3B6C-4245-B3B4-6405CC987BB1}.
Unable to cancel {F8C5AFF7-8C39-423C-B7E9-63D4E3895F91}.
Unable to cancel {5E855A31-01A2-442F-94A1-D10860D33101}.
0 out of 47 jobs canceled.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 80694075 B
Java, Flash, Steam htmlcache => 3403 B
Windows/system/drivers => 1467 B
Edge => 0 B
Chrome => 0 B
Firefox => 162414868 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83458 B
systemprofile32 => 107036 B
LocalService => 66228 B
NetworkService => 66228 B
Dodi's => 21276335 B

RecycleBin => 0 B
EmptyTemp: => 260.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:24:10 ====
Reply With Quote
  #29  
Old November 25th, 2018, 07:48 AM
kuzzz's Avatar
kuzzz kuzzz is offline
CTH Subscriber
 
Join Date: May 2003
O/S: Windows 7 64-bit
Location: california
Posts: 1,605
I just notice windows activated windows firewall. Stopped it again.
kuzzz
Reply With Quote
  #30  
Old November 25th, 2018, 09:32 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 2,029
Hi kuzzz,

Code:
MycoPref4.txt
C:\Users\Dodi's\AppData\Roaming\.backup.dm
Is this file familiar to you and safe ?

===============================================

Quote:
Originally Posted by kuzzz View Post
I just notice windows activated windows firewall. Stopped it again.
Follow the instructions in the following link to show hidden files:

http://www.howtogeek.com/howto/windo...windows-vista/

Next >

Run rkill:

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

There are three buttons to choose from with different names on, select the first one and save it to your desktop.
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7/8/10, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
  • If the tool does not run from any of the links provided, please let me know.
Next >

Malwarebytes Anti-Malware scan:

Please download Malwarebytes Anti-Malware from here
  • Right-click on the MBAM icon and select Run as administrator to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
  • Note: The scan may take some time to finish, so please be patient.
  • If potential threats are detected, ensure to checkmark all the listed items, and click the Quarantine Selected button.
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.
Please post the log for my review.

Note 1: If asked to restart the computer, please do so immediately.
Note 2: Malwarebytes Anti-Malware; A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.


================================================== =======

Regards

Last edited by olgun52; November 25th, 2018 at 09:46 PM.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 05:36 PM.