Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Fix result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
- Ran by Kyle Johnson (2015-09-30 15:16:02) Run:1
- Running from C:\Users\Kyle Johnson\Desktop
- Loaded Profiles: Kyle Johnson (Available Profiles: Kyle Johnson)
- Boot Mode: Normal
- ==============================================
- fixlist content:
- *****************
- Start
- CreateRestorePoint:
- CloseProcesses:
- HKLM-x32\...\Run: [] => [X]
- HKU\S-1-5-21-743986323-1937083661-501236874-1001\...\RunOnce: [Uninstall C:\Users\Kyle Johnson\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kyle Johnson\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
- HKU\S-1-5-21-743986323-1937083661-501236874-1001\...\RunOnce: [Uninstall C:\Users\Kyle Johnson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kyle Johnson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
- CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
- URLSearchHook: HKU\S-1-5-21-743986323-1937083661-501236874-1001 - (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
- SearchScopes: HKLM-x32 -> DefaultScope {AA74FE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://search.gboxapp.com/?q={searchTerms}
- SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
- SearchScopes: HKLM-x32 -> {AA74FE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://search.gboxapp.com/?q={searchTerms}
- SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://search.gboxapp.com/?q={searchTerms}
- SearchScopes: HKU\S-1-5-21-743986323-1937083661-501236874-1001 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
- BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll No File
- BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll No File
- FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox => not found
- FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox => not found
- FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => not found
- FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox => not found
- FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com => not found
- FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com => not found
- FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox => not found
- CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
- CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
- CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Kyle Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll => No File
- CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Kyle Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll => No File
- CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
- CHR Plugin: (Google Update) - C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
- CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
- CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => No File
- CHR Extension: (Google Search) - C:\Users\Kyle Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-09]
- CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kyle Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
- CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx <not found>
- CHR HKU\S-1-5-21-743986323-1937083661-501236874-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Kyle Johnson\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx <not found>
- C:\Users\Kyle Johnson\AppData\Local\CRE
- CHR HKLM-x32\...\Chrome\Extension: [dkknfjekhfihiapodkddnpgnkaiiljin] - C:\ProgramData\TheBflix\dkknfjekhfihiapodkddnpgnkaiiljin.crx [2012-07-13]
- CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx <not found>
- CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx <not found>
- CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx <not found>
- CHR HKLM-x32\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Kyle Johnson\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx <not found>
- CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx <not found>
- CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx <not found>
- U3 idsvc; no ImagePath
- S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
- U3 wpcsvc; no ImagePath
- C:\Windows\System32\drivers\wfpcapture.sys
- 2015-08-29 21:36 - 2013-03-24 23:31 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
- CustomCLSID: HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
- CustomCLSID: HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
- CustomCLSID: HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
- CustomCLSID: HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
- CustomCLSID: HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
- CustomCLSID: HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
- CustomCLSID: HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
- CustomCLSID: HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
- CustomCLSID: HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
- Task: {21E992D7-62D4-43CF-BAE2-043D1E33B59C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
- Task: {2ABF4C0F-4E4A-4542-B69C-30ED2588AB19} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
- Task: {37AD7070-99BF-4234-A685-0FC3D0112156} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
- Task: {52682CFA-10A0-41FD-BB10-E299EC790B50} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
- Task: {65A872DD-35F4-430F-8512-5538552EE1C6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
- Task: {6FC03D98-DF5E-42AB-8D47-709C860591FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
- Task: {7C84D8F8-9A40-4F38-BBD7-9969A00EDCF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
- Task: {833104F5-360F-4E6B-BF8D-CEA2F45D404A} - System32\Tasks\{77F895E3-1484-4F2F-BA49-E74DB49B5407} => pcalua.exe -a "C:\Users\Kyle Johnson\Desktop\3DAnalyze.exe" -d "C:\Users\Kyle Johnson\Desktop"
- Task: {89B6E9D2-3137-4AAE-8D9F-C82D4EE80288} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
- Task: {8CDC9405-CE9B-4F96-A56E-F983E0BECE33} - System32\Tasks\{843A770F-8612-4568-B8EF-1BBB22C5CD37} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/9160
- Task: {CAB2BA03-BD8C-46D5-97DA-0552285AA9AB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
- Task: {CF0ED7B6-254F-48F1-87FE-3493B944E985} - System32\Tasks\{C1D2AEB6-5298-407E-B2D1-0F197B5D308F} => pcalua.exe -a D:\setup.exe -d D:\
- Task: {E931CB28-570E-43E6-951D-F1A5DE8690D4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
- Task: {DB005D28-C961-4D9B-86EB-533749D6455E} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe [2013-03-25] (iWin Inc.)
- Task: {ED7C664B-633B-4973-BF7A-3607986728BB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
- HKU\S-1-5-21-743986323-1937083661-501236874-1001\Software\Classes\.exe: => <===== ATTENTION
- cmd: sfc /scanfile=C:\Windows\system32\dnsapi.dll
- cmd: ipconfig /flushdns
- cmd: netsh advfirewall reset
- cmd: netsh advfirewall set allprofiles state on
- Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
- Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
- CMD: bitsadmin /reset /allusers
- RemoveProxy:
- EmptyTemp:
- Reboot:
- end
- *****************
- Restore point was successfully created.
- Processes closed successfully.
- HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
- HKU\S-1-5-21-743986323-1937083661-501236874-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Kyle Johnson\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 => value removed successfully
- HKU\S-1-5-21-743986323-1937083661-501236874-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Kyle Johnson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64 => value removed successfully
- "HKLM\SOFTWARE\Policies\Google" => key removed successfully
- HKU\S-1-5-21-743986323-1937083661-501236874-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} => value removed successfully
- HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
- "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}" => key removed successfully
- HKCR\Wow6432Node\CLSID\{49606DC7-976D-4030-A74E-9FB5C842FA68} => key not found.
- "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}" => key removed successfully
- HKCR\Wow6432Node\CLSID\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE} => key not found.
- "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => key removed successfully
- HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => key not found.
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}" => key removed successfully
- HKCR\CLSID\{49606DC7-976D-4030-A74E-9FB5C842FA68} => key not found.
- "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}" => key removed successfully
- "HKCR\CLSID\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}" => key removed successfully
- "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}" => key removed successfully
- "HKCR\Wow6432Node\CLSID\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}" => key removed successfully
- HKLM\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} => value removed successfully
- HKLM\Software\Mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502} => value removed successfully
- HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru => value removed successfully
- HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} => value removed successfully
- HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\anti_banner@kaspersky.com => value removed successfully
- HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\online_banking@kaspersky.com => value removed successfully
- HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502} => value removed successfully
- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => not found.
- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => not found.
- C:\Users\Kyle Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll => not found.
- C:\Users\Kyle Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll => not found.
- C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => not found.
- C:\Users\Kyle Johnson\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => not found.
- C:\Windows\SysWOW64\npDeployJava1.dll => not found.
- c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => not found.
- C:\Users\Kyle Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => moved successfully
- C:\Users\Kyle Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg => moved successfully
- "HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" => key removed successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001\SOFTWARE\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif" => key removed successfully
- "C:\Users\Kyle Johnson\AppData\Local\CRE" => File/Folder not found.
- "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dkknfjekhfihiapodkddnpgnkaiiljin" => key removed successfully
- C:\ProgramData\TheBflix\dkknfjekhfihiapodkddnpgnkaiiljin.crx => moved successfully
- "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" => key removed successfully
- "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf" => key removed successfully
- "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh" => key removed successfully
- "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif" => key removed successfully
- "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk" => key removed successfully
- "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pjldcfjmnllhmgjclecdnfampinooman" => key removed successfully
- idsvc => service removed successfully
- wfpcapture => service removed successfully
- wpcsvc => service removed successfully
- "C:\Windows\System32\drivers\wfpcapture.sys" => File/Folder not found.
- C:\WINDOWS\SysWOW64\AI_RecycleBin => moved successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}" => key removed successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => key removed successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21E992D7-62D4-43CF-BAE2-043D1E33B59C}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21E992D7-62D4-43CF-BAE2-043D1E33B59C}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2ABF4C0F-4E4A-4542-B69C-30ED2588AB19}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2ABF4C0F-4E4A-4542-B69C-30ED2588AB19}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37AD7070-99BF-4234-A685-0FC3D0112156}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37AD7070-99BF-4234-A685-0FC3D0112156}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52682CFA-10A0-41FD-BB10-E299EC790B50}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52682CFA-10A0-41FD-BB10-E299EC790B50}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65A872DD-35F4-430F-8512-5538552EE1C6}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65A872DD-35F4-430F-8512-5538552EE1C6}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FC03D98-DF5E-42AB-8D47-709C860591FB}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FC03D98-DF5E-42AB-8D47-709C860591FB}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C84D8F8-9A40-4F38-BBD7-9969A00EDCF1}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C84D8F8-9A40-4F38-BBD7-9969A00EDCF1}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{833104F5-360F-4E6B-BF8D-CEA2F45D404A}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{833104F5-360F-4E6B-BF8D-CEA2F45D404A}" => key removed successfully
- C:\WINDOWS\System32\Tasks\{77F895E3-1484-4F2F-BA49-E74DB49B5407} => moved successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{77F895E3-1484-4F2F-BA49-E74DB49B5407}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89B6E9D2-3137-4AAE-8D9F-C82D4EE80288}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89B6E9D2-3137-4AAE-8D9F-C82D4EE80288}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CDC9405-CE9B-4F96-A56E-F983E0BECE33}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CDC9405-CE9B-4F96-A56E-F983E0BECE33}" => key removed successfully
- C:\WINDOWS\System32\Tasks\{843A770F-8612-4568-B8EF-1BBB22C5CD37} => moved successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{843A770F-8612-4568-B8EF-1BBB22C5CD37}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CAB2BA03-BD8C-46D5-97DA-0552285AA9AB}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAB2BA03-BD8C-46D5-97DA-0552285AA9AB}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF0ED7B6-254F-48F1-87FE-3493B944E985}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF0ED7B6-254F-48F1-87FE-3493B944E985}" => key removed successfully
- C:\WINDOWS\System32\Tasks\{C1D2AEB6-5298-407E-B2D1-0F197B5D308F} => moved successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1D2AEB6-5298-407E-B2D1-0F197B5D308F}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E931CB28-570E-43E6-951D-F1A5DE8690D4}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E931CB28-570E-43E6-951D-F1A5DE8690D4}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB005D28-C961-4D9B-86EB-533749D6455E}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB005D28-C961-4D9B-86EB-533749D6455E}" => key removed successfully
- C:\WINDOWS\System32\Tasks\RunAsStdUser Task => moved successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser Task" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ED7C664B-633B-4973-BF7A-3607986728BB}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED7C664B-633B-4973-BF7A-3607986728BB}" => key removed successfully
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
- "HKU\S-1-5-21-743986323-1937083661-501236874-1001\Software\Classes\.exe" => key removed successfully
- ========= sfc /scanfile=C:\Windows\system32\dnsapi.dll =========
- W i n d o w s R e s o u r c e P r o t e c t i o n f o u n d c o r r u p t f i l e s a n d s u c c e s s f u l l y r e p a i r e d
- t h e m . D e t a i l s a r e i n c l u d e d i n t h e C B S . L o g w i n d i r \ L o g s \ C B S \ C B S . l o g . F o r
- e x a m p l e C : \ W i n d o w s \ L o g s \ C B S \ C B S . l o g . N o t e t h a t l o g g i n g i s c u r r e n t l y n o t
- s u p p o r t e d i n o f f l i n e s e r v i c i n g s c e n a r i o s .
- T h e s y s t e m f i l e r e p a i r c h a n g e s w i l l t a k e e f f e c t a f t e r t h e n e x t r e b o o t .
- ========= End of CMD: =========
- ========= ipconfig /flushdns =========
- Windows IP Configuration
- Successfully flushed the DNS Resolver Cache.
- ========= End of CMD: =========
- ========= netsh advfirewall reset =========
- Ok.
- ========= End of CMD: =========
- ========= netsh advfirewall set allprofiles state on =========
- Ok.
- ========= End of CMD: =========
- ========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
- The operation completed successfully.
- ========= End of Reg: =========
- ========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
- The operation completed successfully.
- ========= End of Reg: =========
- ========= bitsadmin /reset /allusers =========
- BITSADMIN version 3.0 [ 7.8.10240 ]
- BITS administration utility.
- (C) Copyright 2000-2006 Microsoft Corp.
- BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
- Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
- {0A2D0A79-9DDC-4B46-BE50-343F132264F9} canceled.
- 1 out of 1 jobs canceled.
- ========= End of CMD: =========
- ========= RemoveProxy: =========
- HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
- HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
- HKU\S-1-5-21-743986323-1937083661-501236874-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
- HKU\S-1-5-21-743986323-1937083661-501236874-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
- ========= End of RemoveProxy: =========
- EmptyTemp: => 188.2 MB temporary data Removed.
- The system needed a reboot..
- ==== End of Fixlog 15:16:54 ====
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
