Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help some serious help


  • This topic is locked This topic is locked
10 replies to this topic

#1 slowslowpc

slowslowpc

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 01 June 2017 - 10:09 PM

error with chrome ninput.dll missing

unable to use windows key to find programs, clicking the windows button on the bottom left corner with mouse does nothing

half the programs do not open

 

so please take a stab and help

 

FRST log

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-06-2017
Ran by Jeff (administrator) on JEFF-PC (01-06-2017 23:02:39)
Running from C:\Users\Jeff\Desktop
Loaded Profiles: Jeff (Available Profiles: Jeff & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Fitbit, Inc.) C:\Program Files\Fitbit Connect\FitbitConnectService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\nsbu.exe
(Symantec Corporation) C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\nsbu.exe
(Eastman Kodak Company) C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
Failed to access process -> explorer.exe
Failed to access process -> explorer.exe
Failed to access process -> explorer.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Google Inc.) C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [lxeamon.exe] => C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe [772712 2013-01-23] ()
HKLM\...\Run: [EzPrint] => C:\Program Files\Lexmark S300-S400 Series\ezprint.exe [150264 2013-01-23] ()
HKLM\...\Run: [Fitbit Connect] => C:\Program Files\Fitbit Connect\Fitbit Connect.exe [4377256 2015-09-04] (Fitbit, Inc.)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2687160 2015-11-02] (Sony Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-10-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\...\Run: [Google Update] => C:\Users\Jeff\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\...\Run: [KGShareApp] => C:\Program Files\Kodak\KODAK Share Button App\KGShare_App.exe [394752 2012-06-26] (Eastman Kodak Company)
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\...\Run: [KiesPDLR] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-04-23] (Samsung)
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-04-23] (Samsung)
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\...\Run: [MusicManager] => C:\Users\Jeff\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2016-02-01] (Google Inc.)
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\...\Run: [Dropbox Update] => C:\Users\Jeff\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\...\Run: [Fitbit Connect] => C:\Program Files\Fitbit Connect\Fitbit Connect.exe [4377256 2015-09-04] (Fitbit, Inc.)
AppInit_DLLs: acaptuser32.dll => C:\WINDOWS\system32\acaptuser32.dll [111992 2008-06-12] (Adobe Systems, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-09]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-06-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restriction ? <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{5fea8d7d-5a50-48d8-a42b-c6f4fbf2a3ec}: [DhcpNameServer] 10.0.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - Road Runner Toolbar - {e4878b45-e2c0-4307-b6e8-734922f92f5b} - C:\Program Files\Road_Runner\prxtbRoa2.dll (Conduit Ltd.)
SearchScopes: HKLM -> DefaultScope {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_44_wncy_pwrisofs_15_32&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0AzytBtByEtD0C0CyB0AtB0C0EtN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCtAtFyBtFtAtN1L1Czu1M1Q1CtCyDtN1L1G1B1V1N2Y1L1Qzu2StD0CyB0Azz0E0F0CtGyEyCtDtBtG0A0BtA0BtGyD0EzzzztGtCtD0A0ByCyC0AtCtDtAyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0ByEtCyC0DyByCtG0EtCyEyBtGyEtByCzztGzz0B0E0AtGyE0ByCzz0AtCyB0FzytCtB0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEzy%26cr%3D826977180%26a%3Dhdr_s_15_44_wncy_pwrisofs_15_32%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_44_wncy_pwrisofs_15_32&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0AzytBtByEtD0C0CyB0AtB0C0EtN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCtAtFyBtFtAtN1L1Czu1M1Q1CtCyDtN1L1G1B1V1N2Y1L1Qzu2StD0CyB0Azz0E0F0CtGyEyCtDtBtG0A0BtA0BtGyD0EzzzztGtCtD0A0ByCyC0AtCtDtAyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0ByEtCyC0DyByCtG0EtCyEyBtGyEtByCzztGzz0B0E0AtGyE0ByCzz0AtCyB0FzytCtB0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEzy%26cr%3D826977180%26a%3Dhdr_s_15_44_wncy_pwrisofs_15_32%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_44_wncy_pwrisofs_15_32&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0AzytBtByEtD0C0CyB0AtB0C0EtN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCtAtFyBtFtAtN1L1Czu1M1Q1CtCyDtN1L1G1B1V1N2Y1L1Qzu2StD0CyB0Azz0E0F0CtGyEyCtDtBtG0A0BtA0BtGyD0EzzzztGtCtD0A0ByCyC0AtCtDtAyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0ByEtCyC0DyByCtG0EtCyEyBtGyEtByCzztGzz0B0E0AtGyE0ByCzz0AtCyB0FzytCtB0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEzy%26cr%3D826977180%26a%3Dhdr_s_15_44_wncy_pwrisofs_15_32%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-09] (Oracle Corporation)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-09] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001 -> No Name - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} -  No File
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_66-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
 
FireFox:
========
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\1am2eo0t.default-1424958691038 [not found]
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\716nlzmd.default-1493490224033 [2017-06-01]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2017-04-23] [not signed]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2017-04-23] [not signed]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2017-04-23] [not signed]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.7.0.76\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.7.0.76\coFFAddon [2017-04-29]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-12-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-09] (Oracle Corporation)
FF Plugin: @mcafee.com/MVT -> C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll [2012-05-22] (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2288536099-4269435532-2237762907-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2288536099-4269435532-2237762907-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2288536099-4269435532-2237762907-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll [2012-07-24] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C211US910D20151111&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default [2017-06-01]
CHR Extension: (Google Drive) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (eBay) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2015-08-19]
CHR Extension: (Facebook) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-08-19]
CHR Extension: (Norton Security Toolbar) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-02-10]
CHR Extension: (ScreenSh00ter) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjamodcfmindeooalnaodbgbckflcfgb [2013-01-30]
CHR Extension: (Google Search) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Netflix) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-08-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Pandora) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2015-08-19]
CHR Extension: (Google Docs Offline) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Norton Identity Safe) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-04-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-01]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx <not found>
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\Exts\Chrome.crx [2017-04-29]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.6GGHOYCD5IVJYS2OWOVD3ULACU - C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [5750440 2015-09-04] (Fitbit, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-12-01] (Macrovision Europe Ltd.) [File not signed]
S2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-04-18] (Teruten) [File not signed]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-10-13] (NVIDIA Corporation)
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe [193192 2010-04-14] (Lexmark International, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 NSBU; C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\NSBU.exe [288512 2017-02-20] (Symantec Corporation)
S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2015-10-13] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [File not signed]
S2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [495800 2015-11-02] (Sony Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2017-03-28] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R1 BHDrvx86; C:\Program Files\Norton Security with Backup\NortonData\22.7.0.76\Definitions\BASHDefs\20170426.001\BHDrvx86.sys [1334424 2017-04-19] (Symantec Corporation)
R1 ccSet_NSBU; C:\WINDOWS\system32\drivers\NSBU\1609000.047\ccSetx86.sys [137888 2017-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [388768 2017-02-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [124576 2017-02-17] (Symantec Corporation)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R1 IDSVix86; C:\Program Files\Norton Security with Backup\NortonData\22.7.0.76\Definitions\IPSDefs\20170428.001\IDSvix86.sys [798928 2017-04-24] (Symantec Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-10-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2015-10-13] (NVIDIA Corporation)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NSBU\1609000.047\SRTSP.SYS [617120 2017-02-20] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSBU\1609000.047\SRTSPX.SYS [41120 2017-02-20] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSBU\1609000.047\SYMEFASI.SYS [1348256 2017-02-20] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSBU\1609000.047\SYMELAM.SYS [20520 2017-02-20] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [89296 2017-04-29] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSBU\1609000.047\Ironx86.SYS [232600 2017-02-20] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NSBU\1609000.047\SYMNETS.SYS [423640 2017-02-20] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
U3 aswMBR; C:\Users\Jeff\AppData\Local\Temp\aswMBR.sys [56704 2017-04-30] () [File not signed]
U3 aswVmm; C:\Users\Jeff\AppData\Local\Temp\aswVmm.sys [192224 2017-04-30] ()
U3 kxldypob; C:\Users\Jeff\AppData\Local\Temp\kxldypob.sys [104960 2017-04-30] (GMER) [File not signed]
U3 idsvc; no ImagePath
S3 NAVENG; \??\C:\Program Files\Norton Security with Backup\NortonData\22.7.0.76\Definitions\SDSDefs\20161029.001\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security with Backup\NortonData\22.7.0.76\Definitions\SDSDefs\20161029.001\NAVEX15.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-06-01 23:02 - 2017-06-01 23:03 - 00025964 _____ C:\Users\Jeff\Desktop\FRST.txt
2017-06-01 22:59 - 2017-06-01 23:02 - 01773568 _____ (Farbar) C:\Users\Jeff\Desktop\FRST.exe
2017-06-01 22:55 - 2017-06-01 22:55 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-06-01 23:02 - 2017-04-30 16:13 - 00000000 ____D C:\FRST
2017-06-01 23:00 - 2017-04-24 19:08 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-01 23:00 - 2017-04-24 19:08 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-01 22:57 - 2015-09-30 16:11 - 00000000 ____D C:\Users\Jeff\AppData\Local\Dropbox
2017-06-01 22:56 - 2012-12-31 07:16 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Dropbox
2017-06-01 22:54 - 2016-07-16 04:28 - 00000000 ____D C:\WINDOWS\INF
2017-06-01 22:54 - 2012-12-31 07:19 - 00000000 ___RD C:\Users\Jeff\Dropbox
2017-06-01 22:50 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-01 22:43 - 2016-09-16 04:54 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
 
==================== Files in the root of some directories =======
 
2015-08-08 08:41 - 2015-08-08 08:41 - 0000053 _____ () C:\Users\Jeff\AppData\Roaming\LogFile.txt
2015-08-08 10:02 - 2016-04-05 06:39 - 0000212 _____ () C:\Users\Jeff\AppData\Roaming\WB.CFG
2017-04-29 21:25 - 2017-04-29 21:25 - 0000036 _____ () C:\Users\Jeff\AppData\Local\housecall.guid.cache
2017-04-29 21:51 - 2017-04-29 21:51 - 0000010 _____ () C:\Users\Jeff\AppData\Local\sponge.last.runtime.cache
2015-06-12 10:19 - 2015-06-12 10:19 - 0000000 _____ () C:\Users\Jeff\AppData\Local\{2269D6A3-E9F7-4828-B884-8D1628C80533}
2014-12-30 20:31 - 2014-12-30 20:31 - 0000000 _____ () C:\Users\Jeff\AppData\Local\{3CBCCFC3-D334-4FC6-B8FD-1E1207611D32}
2015-12-26 07:56 - 2015-12-26 07:56 - 0000000 _____ () C:\Users\Jeff\AppData\Local\{8D20EFD8-123B-4371-A6C9-C000EF5F3E5F}
2011-10-13 19:01 - 2011-10-13 19:01 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2016-02-24 06:00 - 2016-10-05 06:36 - 0005376 _____ () C:\ProgramData\Coinstaller.log
2011-09-15 15:06 - 2013-05-02 05:54 - 0000504 _____ () C:\ProgramData\FastPics.log
2012-03-15 18:32 - 2017-04-30 00:08 - 0056229 _____ () C:\ProgramData\lxea.log
2011-09-28 19:02 - 2016-09-16 16:58 - 0002200 _____ () C:\ProgramData\lxeaDiagnostics.log
2011-09-11 20:24 - 2017-04-25 21:53 - 0130504 _____ () C:\ProgramData\lxeaJSW.log
2016-02-24 05:59 - 2017-04-30 00:11 - 0047309 _____ () C:\ProgramData\lxeascan.log
2011-10-13 19:01 - 2011-10-13 19:01 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2012-02-29 20:03 - 2017-02-17 17:28 - 0001371 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2011-09-15 15:01 - 2011-09-15 15:01 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt
 
Files to move or delete:
====================
C:\Users\Jeff\SPH-L900_MK4_Full Restore_UNROOTED.exe
 
 
Some files in TEMP:
====================
2017-04-30 15:21 - 2016-11-11 03:59 - 1586736 _____ (Microsoft Corporation) C:\Users\Jeff\AppData\Local\Temp\dllnt_dump.dll
 
Some zero byte size files/folders:
==========================
C:\Windows\System32\ninput.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-19 08:11
 
==================== End of FRST.txt ============================

 

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,903 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:02 AM

Posted 03 June 2017 - 09:56 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

GroupPolicy: Restriction ? <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
URLSearchHook: HKLM - Road Runner Toolbar - {e4878b45-e2c0-4307-b6e8-734922f92f5b} - C:\Program Files\Road_Runner\prxtbRoa2.dll (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001 -> No Name - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} -  No File
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR Extension: (Norton Security Toolbar) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-02-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Chrome Media Router) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-01]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx <not found>
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\Exts\Chrome.crx [2017-04-29]
StartMenuInternet: Google Chrome.6GGHOYCD5IVJYS2OWOVD3ULACU - C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
U3 idsvc; no ImagePath
S3 NAVENG; \??\C:\Program Files\Norton Security with Backup\NortonData\22.7.0.76\Definitions\SDSDefs\20161029.001\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security with Backup\NortonData\22.7.0.76\Definitions\SDSDefs\20161029.001\NAVEX15.SYS [X]
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{04EBE69E-2DED-44F6-9854-9A3988F751ED}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Dropbox\Update\1.3.51.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{2027D000-8CEB-4191-9620-15DD2561855F}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Dropbox\Update\1.3.57.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.30.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.31.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.33.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.32.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.29.2\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{E763661E-E497-4D41-AFF4-6BBCB62B9E89}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Dropbox\Update\1.3.27.35\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
Task: {0375551F-0E8C-4B75-A291-ABD18138414F} - \WPD\SqmUpload_S-1-5-21-2288536099-4269435532-2237762907-1001 -> No File <==== ATTENTION
Task: {05EE699F-AB25-42D8-8781-558C5D1D2FAD} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION
Task: {0AD3B044-64D5-4B03-BE76-A4005BE246DC} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION
Task: {0D88EAD1-B34A-4E30-B667-CA50A4E84C01} - \Seagate_Install_Launch -> No File <==== ATTENTION
Task: {0E12083C-0335-49DB-9542-BA1EC6D83ECC} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION
Task: {1151F479-D20B-48FD-A72E-FDDF4C99C6C2} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {13F15731-CE9C-4C69-AB01-5BB6CB93BEAE} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION
Task: {1932D46F-0FC5-4AA2-8D2D-C6DE030B623B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {1FEA58D6-FE33-4B1C-9E3A-4022ADDD1C40} - \{8FFC7C4C-6BBB-402A-9C0D-4374469F690B} -> No File <==== ATTENTION
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {250B427B-A6DF-4F42-9C06-9871AF3722C4} - \{8A88D5D0-6F04-403E-92D3-E1A741D297F3} -> No File <==== ATTENTION
Task: {299073EF-ABC4-4E0A-9B59-2D8ECD9C9EF2} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION
Task: {2C5DC93E-0B2D-4E8D-91DF-6A74258A3442} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION
Task: {347BD230-E552-4407-9A65-F343E26CD3F7} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION
Task: {386FC091-3D10-4F1A-A253-E5A36A375A54} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {40293128-0DB5-4479-AB2F-3E8BC0559294} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION
Task: {430E510F-96F5-4A5F-B4AD-9FD657D9F584} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {435552B7-F8B7-4CB1-9935-A6A418FAACD2} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION
Task: {48AD6F74-5F1E-4BD6-951C-F6E231F32B89} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION
Task: {4C52A57B-7F77-4C23-B59C-B50E2991025D} - \Jeff -> No File <==== ATTENTION
Task: {5118002C-DC35-48B7-BB66-EA2862CEC259} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION
Task: {584EFF83-1D82-4B94-993E-F22494651022} - \{046F8F72-0B1C-47C5-B270-98980326F201} -> No File <==== ATTENTION
Task: {5C503381-8A02-4F01-91F2-D91E5BE45FF8} - \{5737BA47-3423-49EC-9CC9-14AC544F08FC} -> No File <==== ATTENTION
Task: {5F533403-9E9F-46C5-8E98-B29436F66AAD} - \{BBF6D757-ADEC-4549-BB85-BE46A29154C5} -> No File <==== ATTENTION
Task: {61F8D180-FB89-446A-BE41-D9B7915EDD68} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {649763BE-849E-4877-996E-BEED3077940C} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION
Task: {64A9A55F-CAE7-4D0F-9F23-9D551CB05B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {67F70AC9-4C39-4ABF-BD77-4905EE847B58} - \{10EF5062-FADE-4238-95E4-4EA61663B88F}-Kodak Share Button App Camera detect -> No File <==== ATTENTION
Task: {68C2891E-C5DF-40B5-A7E4-9EF9B440E011} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {698629D1-8062-4B45-9681-D2C36860F9E4} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION
Task: {6DD4B819-1124-4303-87E7-FFBF11F84BE0} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {707EA964-8E6B-49B6-9229-4BED76ADE60C} - \Jeff DBAgent 2 0 -> No File <==== ATTENTION
Task: {71957819-4DC7-40C2-8A9C-5DC3A149F1B3} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION
Task: {77DF0740-367C-402F-B09D-BA354C5B3FCD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {789B8EB6-80DC-42AE-891A-D254D0D7612B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7C5F8427-0FEA-4454-AC32-03D48C2097F1} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION
Task: {80FEB3DF-7BE1-472C-81F2-F30A205B9BC7} - \Microsoft\Windows Defender\MP Scheduled Scan -> No File <==== ATTENTION
Task: {8135F171-81F9-40A0-8AC1-3738CD974CE2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8B0D0792-3C1B-4F17-930B-23A92CD75DA2} - \{24A8B005-3F18-4577-8E27-6E6260902C84} -> No File <==== ATTENTION
Task: {9DE64267-47F9-467C-BE0C-406DE49A5DCD} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION
Task: {9F3514F2-A6B5-41DD-9FDC-49DA0E8ED50B} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION
Task: {9FE0F0A1-14BB-4196-AD2D-3A0953C94EAC} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION
Task: {A538D5B8-493C-40A3-8CE3-81BD05FF65B5} - \Jeff Merge -> No File <==== ATTENTION
Task: {A7901A3A-65C3-4288-87D1-8BFB05589D41} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {AF6F6684-6EA0-4EA8-BE85-D8FC954A83BD} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION
Task: {B36A9651-BD5B-4819-97BB-AF4846188860} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task -> No File <==== ATTENTION
Task: {B9A8F218-8E04-4F16-B2C2-C55F3DC4F5F1} - \{35F24B6D-11C0-4781-9EA6-6E19DBFB8DEA} -> No File <==== ATTENTION
Task: {BCD6E851-789D-4E6D-9CC6-E6C49D70AFAD} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION
Task: {BF4D082A-B536-48CC-939E-9FD0977DE867} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION
Task: {C84A8BEB-05BA-4B37-ACCD-9C17DCC25F89} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTION
Task: {CB970508-EC72-4269-BF01-B76AC4D3FA0B} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION
Task: {CE789823-2C75-4F33-A8E7-7BB855DD84D9} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {D0D9B423-1035-4885-8D9C-52E944868EFC} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION
Task: {D36E3198-0255-4D8D-A0C2-82B6DF9A95E5} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION
Task: {D4D7482D-7725-454B-B1FD-62F7C0D566C0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D681D0D2-611C-4501-9FCF-EBF9B24A675F} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION
Task: {D713C0B4-8047-4EA8-857A-A27FFCBE3952} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {D82AFED8-7493-481A-9905-5608BD3415D6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DAB930D8-577E-4045-A7F0-1541E8931BC6} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION
Task: {DEE79C27-0FC6-46F6-A2E8-C6FFBB121B3E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration -> No File <==== ATTENTION
Task: {ED2C2CB4-A515-4176-BB62-103A2D6CE88C} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION
Task: {F424547F-E700-4FEC-8C28-40F4DD811D17} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION
Task: {FAB47F7B-4362-43D3-88F4-711544130D12} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> No File <==== ATTENTION
Task: {FC855221-654B-41E9-970B-E54BC9AA2CAA} - \{3838094D-5D55-4F9E-8D22-394FFF8096B2} -> No File <==== ATTENTION
C:\Windows\System32\ninput.dll
C:\Program Files\Road_Runner


End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after the update you can remove the old versions of Java via the Control Panel > Programs > Programs and Features.
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
---

===

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.
=======

Please let me know what problem persists with this computer.

#3 slowslowpc

slowslowpc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 04 June 2017 - 03:34 PM

Hi Thank you for your help so far

 

I am still unable to access the windows button and cannot see windows update, but the ninput.dll error is gone. When i reboot the desktop goes blank a hundred times then it stops and I see my icons

 

Rogue Report

 

RogueKiller V12.11.0.0 [May 29 2017] (Free) by Adlice Software
 
Operating System : Windows 10 (10.0.14393) 32 bits version
Started in : Normal mode
User : Jeff [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Scan -- Date : 06/04/2017 11:55:16 (Duration : 00:48:34)
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 3 ¤¤¤
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98} (C:\Program Files\MyFree Codec\1.0b beta\XVID-CORE\xvid.ax) -> Found
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{64697678-0000-0010-8000-00AA00389B71} (C:\Program Files\MyFree Codec\1.0b beta\XVID-CORE\xvid.ax) -> Found
[PUP.Gen1] HKEY_CLASSES_ROOT\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2} (C:\Program Files\MyFree Codec\1.0b beta\MyFree.ax) -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ WMI : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 1 ¤¤¤
[PUP.Gen0][Chrome:Addon] Default : Search App By Ask v2 [aaaaaiabcopkplhgaedhbloeejhhankf] -> Found
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD50 00AAKS-00A7B SCSI Disk Device +++++
--- User ---
[MBR] e03b8e4244d8515d79bc7631e2cb79ab
[BSP] 8e5db028d4964658b6060ac891226926 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476388 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 975849472 | Size: 450 MB
User = LL1 ... OK
Error reading LL2 MBR! ([1] Incorrect function. )
 
 
Fix log
Fix result of Farbar Recovery Scan Tool (x86) Version: 02-06-2017
Ran by Jeff (03-06-2017 15:59:15) Run:1
Running from C:\Users\Jeff\Desktop
Loaded Profiles: Jeff (Available Profiles: Jeff & DefaultAppPool)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
Start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
GroupPolicy: Restriction ? <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
URLSearchHook: HKLM - Road Runner Toolbar - {e4878b45-e2c0-4307-b6e8-734922f92f5b} - C:\Program Files\Road_Runner\prxtbRoa2.dll (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001 -> No Name - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} -  No File
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR Extension: (Norton Security Toolbar) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-02-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Chrome Media Router) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-01]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx <not found>
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security with Backup\Engine\22.9.0.71\Exts\Chrome.crx [2017-04-29]
StartMenuInternet: Google Chrome.6GGHOYCD5IVJYS2OWOVD3ULACU - C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
U3 idsvc; no ImagePath
S3 NAVENG; \??\C:\Program Files\Norton Security with Backup\NortonData\22.7.0.76\Definitions\SDSDefs\20161029.001\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security with Backup\NortonData\22.7.0.76\Definitions\SDSDefs\20161029.001\NAVEX15.SYS [X]
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{04EBE69E-2DED-44F6-9854-9A3988F751ED}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Dropbox\Update\1.3.51.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{2027D000-8CEB-4191-9620-15DD2561855F}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Dropbox\Update\1.3.57.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.30.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.31.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.33.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.32.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.29.2\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{E763661E-E497-4D41-AFF4-6BBCB62B9E89}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Dropbox\Update\1.3.27.35\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Jeff\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
Task: {0375551F-0E8C-4B75-A291-ABD18138414F} - \WPD\SqmUpload_S-1-5-21-2288536099-4269435532-2237762907-1001 -> No File <==== ATTENTION
Task: {05EE699F-AB25-42D8-8781-558C5D1D2FAD} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION
Task: {0AD3B044-64D5-4B03-BE76-A4005BE246DC} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION
Task: {0D88EAD1-B34A-4E30-B667-CA50A4E84C01} - \Seagate_Install_Launch -> No File <==== ATTENTION
Task: {0E12083C-0335-49DB-9542-BA1EC6D83ECC} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION
Task: {1151F479-D20B-48FD-A72E-FDDF4C99C6C2} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {13F15731-CE9C-4C69-AB01-5BB6CB93BEAE} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION
Task: {1932D46F-0FC5-4AA2-8D2D-C6DE030B623B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {1FEA58D6-FE33-4B1C-9E3A-4022ADDD1C40} - \{8FFC7C4C-6BBB-402A-9C0D-4374469F690B} -> No File <==== ATTENTION
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {250B427B-A6DF-4F42-9C06-9871AF3722C4} - \{8A88D5D0-6F04-403E-92D3-E1A741D297F3} -> No File <==== ATTENTION
Task: {299073EF-ABC4-4E0A-9B59-2D8ECD9C9EF2} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION
Task: {2C5DC93E-0B2D-4E8D-91DF-6A74258A3442} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION
Task: {347BD230-E552-4407-9A65-F343E26CD3F7} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION
Task: {386FC091-3D10-4F1A-A253-E5A36A375A54} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {40293128-0DB5-4479-AB2F-3E8BC0559294} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION
Task: {430E510F-96F5-4A5F-B4AD-9FD657D9F584} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {435552B7-F8B7-4CB1-9935-A6A418FAACD2} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION
Task: {48AD6F74-5F1E-4BD6-951C-F6E231F32B89} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION
Task: {4C52A57B-7F77-4C23-B59C-B50E2991025D} - \Jeff -> No File <==== ATTENTION
Task: {5118002C-DC35-48B7-BB66-EA2862CEC259} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION
Task: {584EFF83-1D82-4B94-993E-F22494651022} - \{046F8F72-0B1C-47C5-B270-98980326F201} -> No File <==== ATTENTION
Task: {5C503381-8A02-4F01-91F2-D91E5BE45FF8} - \{5737BA47-3423-49EC-9CC9-14AC544F08FC} -> No File <==== ATTENTION
Task: {5F533403-9E9F-46C5-8E98-B29436F66AAD} - \{BBF6D757-ADEC-4549-BB85-BE46A29154C5} -> No File <==== ATTENTION
Task: {61F8D180-FB89-446A-BE41-D9B7915EDD68} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {649763BE-849E-4877-996E-BEED3077940C} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION
Task: {64A9A55F-CAE7-4D0F-9F23-9D551CB05B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {67F70AC9-4C39-4ABF-BD77-4905EE847B58} - \{10EF5062-FADE-4238-95E4-4EA61663B88F}-Kodak Share Button App Camera detect -> No File <==== ATTENTION
Task: {68C2891E-C5DF-40B5-A7E4-9EF9B440E011} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {698629D1-8062-4B45-9681-D2C36860F9E4} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION
Task: {6DD4B819-1124-4303-87E7-FFBF11F84BE0} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {707EA964-8E6B-49B6-9229-4BED76ADE60C} - \Jeff DBAgent 2 0 -> No File <==== ATTENTION
Task: {71957819-4DC7-40C2-8A9C-5DC3A149F1B3} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION
Task: {77DF0740-367C-402F-B09D-BA354C5B3FCD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {789B8EB6-80DC-42AE-891A-D254D0D7612B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7C5F8427-0FEA-4454-AC32-03D48C2097F1} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION
Task: {80FEB3DF-7BE1-472C-81F2-F30A205B9BC7} - \Microsoft\Windows Defender\MP Scheduled Scan -> No File <==== ATTENTION
Task: {8135F171-81F9-40A0-8AC1-3738CD974CE2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8B0D0792-3C1B-4F17-930B-23A92CD75DA2} - \{24A8B005-3F18-4577-8E27-6E6260902C84} -> No File <==== ATTENTION
Task: {9DE64267-47F9-467C-BE0C-406DE49A5DCD} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION
Task: {9F3514F2-A6B5-41DD-9FDC-49DA0E8ED50B} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION
Task: {9FE0F0A1-14BB-4196-AD2D-3A0953C94EAC} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION
Task: {A538D5B8-493C-40A3-8CE3-81BD05FF65B5} - \Jeff Merge -> No File <==== ATTENTION
Task: {A7901A3A-65C3-4288-87D1-8BFB05589D41} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {AF6F6684-6EA0-4EA8-BE85-D8FC954A83BD} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION
Task: {B36A9651-BD5B-4819-97BB-AF4846188860} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task -> No File <==== ATTENTION
Task: {B9A8F218-8E04-4F16-B2C2-C55F3DC4F5F1} - \{35F24B6D-11C0-4781-9EA6-6E19DBFB8DEA} -> No File <==== ATTENTION
Task: {BCD6E851-789D-4E6D-9CC6-E6C49D70AFAD} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION
Task: {BF4D082A-B536-48CC-939E-9FD0977DE867} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION
Task: {C84A8BEB-05BA-4B37-ACCD-9C17DCC25F89} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTION
Task: {CB970508-EC72-4269-BF01-B76AC4D3FA0B} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION
Task: {CE789823-2C75-4F33-A8E7-7BB855DD84D9} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {D0D9B423-1035-4885-8D9C-52E944868EFC} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION
Task: {D36E3198-0255-4D8D-A0C2-82B6DF9A95E5} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION
Task: {D4D7482D-7725-454B-B1FD-62F7C0D566C0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D681D0D2-611C-4501-9FCF-EBF9B24A675F} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION
Task: {D713C0B4-8047-4EA8-857A-A27FFCBE3952} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {D82AFED8-7493-481A-9905-5608BD3415D6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DAB930D8-577E-4045-A7F0-1541E8931BC6} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION
Task: {DEE79C27-0FC6-46F6-A2E8-C6FFBB121B3E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration -> No File <==== ATTENTION
Task: {ED2C2CB4-A515-4176-BB62-103A2D6CE88C} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION
Task: {F424547F-E700-4FEC-8C28-40F4DD811D17} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION
Task: {FAB47F7B-4362-43D3-88F4-711544130D12} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> No File <==== ATTENTION
Task: {FC855221-654B-41E9-970B-E54BC9AA2CAA} - \{3838094D-5D55-4F9E-8D22-394FFF8096B2} -> No File <==== ATTENTION
C:\Windows\System32\ninput.dll
C:\Program Files\Road_Runner
 
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{e4878b45-e2c0-4307-b6e8-734922f92f5b} => value removed successfully.
HKCR\CLSID\{e4878b45-e2c0-4307-b6e8-734922f92f5b} => key not found. 
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0123B506-0AD9-43AA-B0CF-916C122AD4C5} => value removed successfully.
HKCR\CLSID\{0123B506-0AD9-43AA-B0CF-916C122AD4C5} => key not found. 
Chrome HomePage => removed successfully.
C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => moved successfully
C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome.6GGHOYCD5IVJYS2OWOVD3ULACU\shell\open\command\\Default => value restored successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully.
idsvc => service removed successfully.
HKLM\System\CurrentControlSet\Services\NAVENG => could not remove key. Access Denied.
HKLM\System\CurrentControlSet\Services\NAVEX15 => could not remove key. Access Denied.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{04EBE69E-2DED-44F6-9854-9A3988F751ED} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{2027D000-8CEB-4191-9620-15DD2561855F} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{E763661E-E497-4D41-AFF4-6BBCB62B9E89} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9} => key removed successfully.
HKU\S-1-5-21-2288536099-4269435532-2237762907-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0375551F-0E8C-4B75-A291-ABD18138414F} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0375551F-0E8C-4B75-A291-ABD18138414F} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2288536099-4269435532-2237762907-1001 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05EE699F-AB25-42D8-8781-558C5D1D2FAD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05EE699F-AB25-42D8-8781-558C5D1D2FAD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict1 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AD3B044-64D5-4B03-BE76-A4005BE246DC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AD3B044-64D5-4B03-BE76-A4005BE246DC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D88EAD1-B34A-4E30-B667-CA50A4E84C01} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D88EAD1-B34A-4E30-B667-CA50A4E84C01} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Seagate_Install_Launch => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E12083C-0335-49DB-9542-BA1EC6D83ECC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E12083C-0335-49DB-9542-BA1EC6D83ECC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict2 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1151F479-D20B-48FD-A72E-FDDF4C99C6C2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1151F479-D20B-48FD-A72E-FDDF4C99C6C2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Policy Install => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13F15731-CE9C-4C69-AB01-5BB6CB93BEAE} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13F15731-CE9C-4C69-AB01-5BB6CB93BEAE} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1932D46F-0FC5-4AA2-8D2D-C6DE030B623B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1932D46F-0FC5-4AA2-8D2D-C6DE030B623B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FEA58D6-FE33-4B1C-9E3A-4022ADDD1C40} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FEA58D6-FE33-4B1C-9E3A-4022ADDD1C40} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8FFC7C4C-6BBB-402A-9C0D-4374469F690B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24FA84A0-E087-48EC-BC51-2B9C4C815D78} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24FA84A0-E087-48EC-BC51-2B9C4C815D78} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{250B427B-A6DF-4F42-9C06-9871AF3722C4} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{250B427B-A6DF-4F42-9C06-9871AF3722C4} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8A88D5D0-6F04-403E-92D3-E1A741D297F3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{299073EF-ABC4-4E0A-9B59-2D8ECD9C9EF2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{299073EF-ABC4-4E0A-9B59-2D8ECD9C9EF2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C5DC93E-0B2D-4E8D-91DF-6A74258A3442} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C5DC93E-0B2D-4E8D-91DF-6A74258A3442} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{347BD230-E552-4407-9A65-F343E26CD3F7} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347BD230-E552-4407-9A65-F343E26CD3F7} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{367F930A-A3DB-4112-B1F1-50E92A171C88} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{367F930A-A3DB-4112-B1F1-50E92A171C88} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControls => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{386FC091-3D10-4F1A-A253-E5A36A375A54} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{386FC091-3D10-4F1A-A253-E5A36A375A54} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40293128-0DB5-4479-AB2F-3E8BC0559294} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40293128-0DB5-4479-AB2F-3E8BC0559294} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{430E510F-96F5-4A5F-B4AD-9FD657D9F584} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{430E510F-96F5-4A5F-B4AD-9FD657D9F584} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{435552B7-F8B7-4CB1-9935-A6A418FAACD2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{435552B7-F8B7-4CB1-9935-A6A418FAACD2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48AD6F74-5F1E-4BD6-951C-F6E231F32B89} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48AD6F74-5F1E-4BD6-951C-F6E231F32B89} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C52A57B-7F77-4C23-B59C-B50E2991025D} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C52A57B-7F77-4C23-B59C-B50E2991025D} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Jeff => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5118002C-DC35-48B7-BB66-EA2862CEC259} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5118002C-DC35-48B7-BB66-EA2862CEC259} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{584EFF83-1D82-4B94-993E-F22494651022} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{584EFF83-1D82-4B94-993E-F22494651022} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{046F8F72-0B1C-47C5-B270-98980326F201} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C503381-8A02-4F01-91F2-D91E5BE45FF8} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C503381-8A02-4F01-91F2-D91E5BE45FF8} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5737BA47-3423-49EC-9CC9-14AC544F08FC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F533403-9E9F-46C5-8E98-B29436F66AAD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F533403-9E9F-46C5-8E98-B29436F66AAD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BBF6D757-ADEC-4549-BB85-BE46A29154C5} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61F8D180-FB89-446A-BE41-D9B7915EDD68} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61F8D180-FB89-446A-BE41-D9B7915EDD68} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{649763BE-849E-4877-996E-BEED3077940C} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{649763BE-849E-4877-996E-BEED3077940C} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64A9A55F-CAE7-4D0F-9F23-9D551CB05B86} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64A9A55F-CAE7-4D0F-9F23-9D551CB05B86} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{67F70AC9-4C39-4ABF-BD77-4905EE847B58} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67F70AC9-4C39-4ABF-BD77-4905EE847B58} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{10EF5062-FADE-4238-95E4-4EA61663B88F}-Kodak Share Button App Camera detect => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68C2891E-C5DF-40B5-A7E4-9EF9B440E011} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68C2891E-C5DF-40B5-A7E4-9EF9B440E011} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{698629D1-8062-4B45-9681-D2C36860F9E4} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{698629D1-8062-4B45-9681-D2C36860F9E4} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DD4B819-1124-4303-87E7-FFBF11F84BE0} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD4B819-1124-4303-87E7-FFBF11F84BE0} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{707EA964-8E6B-49B6-9229-4BED76ADE60C} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{707EA964-8E6B-49B6-9229-4BED76ADE60C} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Jeff DBAgent 2 0 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71957819-4DC7-40C2-8A9C-5DC3A149F1B3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71957819-4DC7-40C2-8A9C-5DC3A149F1B3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77DF0740-367C-402F-B09D-BA354C5B3FCD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77DF0740-367C-402F-B09D-BA354C5B3FCD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{789B8EB6-80DC-42AE-891A-D254D0D7612B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{789B8EB6-80DC-42AE-891A-D254D0D7612B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C5F8427-0FEA-4454-AC32-03D48C2097F1} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C5F8427-0FEA-4454-AC32-03D48C2097F1} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80FEB3DF-7BE1-472C-81F2-F30A205B9BC7} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80FEB3DF-7BE1-472C-81F2-F30A205B9BC7} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender\MP Scheduled Scan => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8135F171-81F9-40A0-8AC1-3738CD974CE2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8135F171-81F9-40A0-8AC1-3738CD974CE2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B0D0792-3C1B-4F17-930B-23A92CD75DA2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B0D0792-3C1B-4F17-930B-23A92CD75DA2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{24A8B005-3F18-4577-8E27-6E6260902C84} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9DE64267-47F9-467C-BE0C-406DE49A5DCD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DE64267-47F9-467C-BE0C-406DE49A5DCD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9F3514F2-A6B5-41DD-9FDC-49DA0E8ED50B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F3514F2-A6B5-41DD-9FDC-49DA0E8ED50B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FE0F0A1-14BB-4196-AD2D-3A0953C94EAC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FE0F0A1-14BB-4196-AD2D-3A0953C94EAC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A538D5B8-493C-40A3-8CE3-81BD05FF65B5} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A538D5B8-493C-40A3-8CE3-81BD05FF65B5} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Jeff Merge => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7901A3A-65C3-4288-87D1-8BFB05589D41} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7901A3A-65C3-4288-87D1-8BFB05589D41} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF6F6684-6EA0-4EA8-BE85-D8FC954A83BD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF6F6684-6EA0-4EA8-BE85-D8FC954A83BD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B36A9651-BD5B-4819-97BB-AF4846188860} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B36A9651-BD5B-4819-97BB-AF4846188860} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9A8F218-8E04-4F16-B2C2-C55F3DC4F5F1} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9A8F218-8E04-4F16-B2C2-C55F3DC4F5F1} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{35F24B6D-11C0-4781-9EA6-6E19DBFB8DEA} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCD6E851-789D-4E6D-9CC6-E6C49D70AFAD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCD6E851-789D-4E6D-9CC6-E6C49D70AFAD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF4D082A-B536-48CC-939E-9FD0977DE867} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF4D082A-B536-48CC-939E-9FD0977DE867} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C84A8BEB-05BA-4B37-ACCD-9C17DCC25F89} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C84A8BEB-05BA-4B37-ACCD-9C17DCC25F89} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB970508-EC72-4269-BF01-B76AC4D3FA0B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB970508-EC72-4269-BF01-B76AC4D3FA0B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE789823-2C75-4F33-A8E7-7BB855DD84D9} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE789823-2C75-4F33-A8E7-7BB855DD84D9} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Idle Detection Task => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0D9B423-1035-4885-8D9C-52E944868EFC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0D9B423-1035-4885-8D9C-52E944868EFC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D36E3198-0255-4D8D-A0C2-82B6DF9A95E5} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D36E3198-0255-4D8D-A0C2-82B6DF9A95E5} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4D7482D-7725-454B-B1FD-62F7C0D566C0} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4D7482D-7725-454B-B1FD-62F7C0D566C0} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D681D0D2-611C-4501-9FCF-EBF9B24A675F} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D681D0D2-611C-4501-9FCF-EBF9B24A675F} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D713C0B4-8047-4EA8-857A-A27FFCBE3952} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D713C0B4-8047-4EA8-857A-A27FFCBE3952} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D82AFED8-7493-481A-9905-5608BD3415D6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D82AFED8-7493-481A-9905-5608BD3415D6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAB930D8-577E-4045-A7F0-1541E8931BC6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAB930D8-577E-4045-A7F0-1541E8931BC6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEE79C27-0FC6-46F6-A2E8-C6FFBB121B3E} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEE79C27-0FC6-46F6-A2E8-C6FFBB121B3E} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E79B2998-8F63-451A-A56D-26EDC0A5098A} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E79B2998-8F63-451A-A56D-26EDC0A5098A} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControlsMigration => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ED2C2CB4-A515-4176-BB62-103A2D6CE88C} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED2C2CB4-A515-4176-BB62-103A2D6CE88C} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F424547F-E700-4FEC-8C28-40F4DD811D17} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F424547F-E700-4FEC-8C28-40F4DD811D17} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAB47F7B-4362-43D3-88F4-711544130D12} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAB47F7B-4362-43D3-88F4-711544130D12} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC855221-654B-41E9-970B-E54BC9AA2CAA} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC855221-654B-41E9-970B-E54BC9AA2CAA} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3838094D-5D55-4F9E-8D22-394FFF8096B2} => key removed successfully.
C:\Windows\System32\ninput.dll => moved successfully
C:\Program Files\Road_Runner => moved successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 86335 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 116837669 B
Java, Flash, Steam htmlcache => 76146 B
Windows/system/drivers => 1790177 B
Edge => 4145791 B
Chrome => 122289339 B
Firefox => 272695671 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 33058 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
LocalService => 1751330 B
NetworkService => 13760 B
Jeff => 656383632 B
DefaultAppPool => 49442 B
 
RecycleBin => 3230 B
EmptyTemp: => 1.1 GB temporary data Removed.
 
================================
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-06-2017 16:07:31)
 
 
Result of scheduled keys to remove after reboot:
 
HKLM\System\CurrentControlSet\Services\NAVENG => could not remove key. Access Denied.
HKLM\System\CurrentControlSet\Services\NAVEX15 => could not remove key. Access Denied.
 
==== End of Fixlog 16:07:32 ====


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,903 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:02 AM

Posted 05 June 2017 - 06:56 AM

Repair these services.

Please Download Tweaking.com - Windows Repair from Here
  • Install and then run the program
  • Execute the instructions on Step 1 Important
  • Click Next on Step 2 Optional, do the Pre Scan skip Step 3 and 4 Optional for now.
  • On Step 5 Backup System Restore Do a Registry backup. When you have completed this click Next
  • Click Repairs - Open Repairs in the bottom right corner
  • Uncheck the All repair button then select just the item(s) listed below

  • 01 - Repair Registry Permissions
    03 - Reset Service permissions
    04 - Register System Files
    05 - Repair WMI
    10 - Remove Policies Set By Infections
    11 - Repair Start Menu Icons Removed by Infections
    12 - Repair Icons
    17 - Repair Windows Updates
    21 - Repair MSI (Windows Installer)
    26 - Restore Important Windows Services
    27 - Set Windows Service to Default Startup
  • Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
  • Please copy and paste the Contents of this file on your next reply.
===

Restart the computer normally.

How is the computer running now?

#5 slowslowpc

slowslowpc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 05 June 2017 - 08:38 PM

It rebooted, this is the only log i can find.

Running the same :/

 

┌────────────────────────────────────────────────────────────────────────────────┐
│ Tweaking.com - Windows Repair v3.9.32 - Pre-Scan
│ Computer: JEFF-PC (Windows 10 Pro 10.0.14393.1198 ) (32-bit)
│ [Started Scan - 6/5/2017 6:56:29 PM]
└────────────────────────────────────────────────────────────────────────────────┘
┌────────────────────────────────────────────────────────────────────────────────┐
│ Scanning Windows Packages Files.
│ Started at (6/5/2017 6:56:29 PM)
│ 
│ No problems were found with the Packages Files.
│ 
│ Files Checked & Verified: 4,984
│ 
│ Done Scanning Windows Packages Files.(6/5/2017 7:01:07 PM)
└────────────────────────────────────────────────────────────────────────────────┘
┌────────────────────────────────────────────────────────────────────────────────┐
│ Scanning Reparse Points.
│ Started at (6/5/2017 7:01:07 PM)
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files) (Target Path: C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Default\Cookies) (Target Path: C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\AppData\Local\Application Data) (Target Path: C:\Users\Administrator\AppData\Local)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\AppData\Local\History) (Target Path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\History)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files) (Target Path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\AppData\Local\Temporary Internet Files) (Target Path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\Content.IE5) (Target Path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\Cookies) (Target Path: C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCookies)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\Application Data) (Target Path: C:\Users\Administrator\AppData\Roaming)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\Documents\My Music) (Target Path: C:\Users\Administrator\Music)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\Documents\My Pictures) (Target Path: C:\Users\Administrator\Pictures)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\Documents\My Videos) (Target Path: C:\Users\Administrator\Videos)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\Local Settings) (Target Path: C:\Users\Administrator\AppData\Local)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\My Documents) (Target Path: C:\Users\Administrator\Documents)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\NetHood) (Target Path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\PrintHood) (Target Path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\Recent) (Target Path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\SendTo) (Target Path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\Start Menu) (Target Path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\Administrator\Templates) (Target Path: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Missing Default Reparse Point: (Original Path: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache\Content.IE5) (Target Path: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache\IE)
│ A Default Reparse Point is missing and this can cause problems on the system.
│ 
│ Problems were found with the Reparse Points.
│ You can use the Repair Reparse Points Tool at the bottom of this Window to try and fix these problems.
│ 
│ Files & Folders Searched: 293,856
│ Reparse Points Found: 85
│ 
│ Done Scanning Reparse Points.(6/5/2017 7:04:42 PM)
└────────────────────────────────────────────────────────────────────────────────┘
┌────────────────────────────────────────────────────────────────────────────────┐
│ Checking Environment Variables.
│ Started at (6/5/2017 7:04:42 PM)
│ 
│ This folder in the 'Path' variable doesn't exist: 
│ 
│ Problems were found with the Environment Variables.
│ You can use the Repair Environment Variables Tool at the bottom of this Window to try and fix these problems.
│ 
│ Done Checking Environment Variables. (6/5/2017 7:04:42 PM)
└────────────────────────────────────────────────────────────────────────────────┘
┌────────────────────────────────────────────────────────────────────────────────┐
│ [Finished Scan - 6/5/2017 7:04:42 PM]
│ 
│ [x] Scan Complete - Problems Found!
│ [x] 
│ [x] You can use the Repair Reparse Points or Repair Environment Variables tools at the bottom of this Window if needed.
│ [x] 
│ [x] While problems have been found, you can still run the repairs in the program.
│ [x] But for the best results it is recommended to fix the problems reported in this scan if possible.
└────────────────────────────────────────────────────────────────────────────────┘


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,903 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:02 AM

Posted 06 June 2017 - 07:50 AM

We still have work to do. Read carefully, Print this message is you can.

Tweaking.com - Windows Repair All-In-One (Portable)

- Download Windows Repair All-In-One (Portable Version) from here

- Extract tweaking.com_windows_repair_aio.zip to your Desktop.

- Disable all your antivirus and antimalware software - see how to do that from here

- Right click on QfBzvq1.png and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
(Windows Vista/7/8 users: Accept UAC warning if it is enabled.)

- A window will appear. Click Step 2.
2f8o60N.png

- Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.

- Depending on which error Windows Repair found, click Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.

- Go to Step 3, then click Check in the See If Check Disk Is Needed.
Ymy7crZ.png

- If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk. https://i.imgur.com/Ymy7crZ.png

- Go to Step 4, then click Do It.
zDtdN75.png

- Go to Step 5. Under System Restore click Create.
f7lEe1N.png

- Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.
PGv2vtD.png

- By default Windows Repair All-In-One will create a "Logs" folder in its folder on the Desktop. Please post the contents of the log in your next reply.

#7 slowslowpc

slowslowpc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 07 June 2017 - 09:46 PM

Hello,

 

Sorry it took awhile, the scans were slow

 

Chkdisk had an error, its in the log file. 

 

system file check could not repair all

 

after running repairs

 

I am back to the beginning, nothing is working right and I get the ninput.dll error again 

Attached Files

  • Attached File  Logs.zip   33.03KB   1 downloads


#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,903 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:02 AM

Posted 08 June 2017 - 07:11 AM


Still a problem fixing the Repars points.

You could try emptying the folder by in IE > Tools > Internet options > Advanced then scroll down to Security and check the box for -

Empty Temporary Internet File folder when browser is closed then close IE and run the Pre-Scan again.

with the Tweaking tool.

#9 slowslowpc

slowslowpc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 09 June 2017 - 08:32 AM

I tried running it in safe mode, still cant fix the last two repoints cookies and temp internet

 

I cant open IE, says class not registered to change settings

 

any other suggestions?



#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,903 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:02 AM

Posted 09 June 2017 - 12:43 PM

Download and run the CCleaner tool from this site.

https://www.bleepingcomputer.com/download/ccleaner/

Delete only all the temporary files and caches on all the browsers you used and the Windows.


DO NOT REMOVE anything in the registry.
===


Run the Tweaking tool as suggested in post No. 4

I have added 07 Repair Internet Explorer to the lists.

01 - Repair Registry Permissions
03 - Reset Service permissions
04 - Register System Files
05 - Repair WMI
07 - Repair Internet Explorer
10 - Remove Policies Set By Infections
11 - Repair Start Menu Icons Removed by Infections
12 - Repair Icons
17 - Repair Windows Updates
21 - Repair MSI (Windows Installer)
26 - Restore Important Windows Services
27 - Set Windows Service to Default Startup

Post the log and let me know what problem persists.

Edited by nasdaq, 15 June 2017 - 07:37 AM.


#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,903 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:02 AM

Posted 15 June 2017 - 07:37 AM

Are you still with me?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users