Browser Extension has taken over my Address Bar through possible Broswer Hijack - Virus, Trojan, Spyware, and Malware Removal Help (2024)

For the open firewall ports, how can I ID what these ports are so I can see if I know what they are? I haven't looked too far into my ports before so I'm not sure if I need them open or not.

I have run the Fix through FRST and it did clear the issue on Chrome and it is working okay for now, however, Edge is still redirecting and is still "managed by your organization". In the extensions on Edge, it shows a greyed out extension called "Simple New Tab" and I can't remove it or change any settings with it.

I have also uninstalled Adobe Flash Player.

Here's the result of the FRST fix:

Fix result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01

Ran by Garrett's PC (20-04-2024 10:58:19) Run:1

Running from C:\Users\Garrett's PC\Desktop

Loaded Profiles: Garrett's PC & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS

Boot Mode: Normal

==============================================

fixlist content:

*****************

Start::

SystemRestore: On

CreateRestorePoint:

CloseProcesses:

Folder: C:\Users\Garrett's PC\AppData\Local\OAC

Folder: C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs

Task: {C9FF2BDD-2B05-4EDD-B4D0-C727514EE79F} - System32\Tasks\NvOptimizerTaskUpdater_V2 => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-02-17] (Microsoft Windows -> Microsoft Corporation) -> -File C:/Windows/System32/NvWinSearchOptimizer.ps1 <==== ATTENTION

2024-04-11 14:24 - 2024-04-11 14:24 - 000000271 _____ C:\WINDOWS\system32\NvWinSearchOptimizer.ps1

2024-04-11 14:24 - 2024-04-11 14:24 - 000003586 _____ C:\WINDOWS\system32\Tasks\NvOptimizerTaskUpdater_V2

2024-04-11 14:24 - 2024-04-11 14:24 - 000001882 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC.lnk

2024-04-11 14:24 - 2024-04-11 14:24 - 000000000 ____D C:\WINDOWS\NvOptimizerLog

2024-04-11 14:24 - 2024-04-11 14:24 - 000000000 ____D C:\Users\Garrett's PC\AppData\Local\vlc-updater

2024-04-11 14:24 - 2024-04-11 14:24 - 000000000 ____D C:\Users\Garrett's PC\AppData\Local\TaskUpdater

2024-04-14 22:27 - 2024-04-14 22:27 - 000000000 ____D C:\WINDOWS\InternalKernelGrid4

ShortcutWithArgument: C:\Users\Garrett's PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --google-base-url=hxxps://qtrsearch.com --extensions-on-chrome-urls --load-extension=C:\Windows\InternalKernelGrid4

ShortcutWithArgument: C:\Users\Garrett's PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --google-base-url=hxxps://qtrsearch.com --extensions-on-chrome-urls --load-extension=C:\Windows\InternalKernelGrid4

ShortcutWithArgument: C:\Users\Garrett's PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\63e1f6e8d7f2f9e7\Honey.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --google-base-url=hxxps://qtrsearch.com --extensions-on-chrome-urls --load-extension=C:\Windows\InternalKernelGrid4

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --google-base-url=hxxps://qtrsearch.com --extensions-on-chrome-urls --load-extension=C:\Windows\InternalKernelGrid4

ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --google-base-url=hxxps://qtrsearch.com --extensions-on-chrome-urls --load-extension=C:\Windows\InternalKernelGrid4

HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION

HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

AlternateDataStreams: C:\Logs:err [1154]

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [274]

AlternateDataStreams: C:\Users\Garrett's PC\Downloads\avg_antivirus_free_setup.exe:MBAM.Zone.Identifier [213]

AlternateDataStreams: C:\Users\Garrett's PC\Downloads\CCSetup.exe:MBAM.Zone.Identifier [143]

AlternateDataStreams: C:\Users\Garrett's PC\Downloads\ccsetup623.exe:MBAM.Zone.Identifier [215]

AlternateDataStreams: C:\Users\Garrett's PC\Downloads\spybotsd_2.9.85.5.exe:MBAM.Zone.Identifier [321]

AlternateDataStreams: C:\Users\Garrett's PC\Downloads\spywareblastersetup60.exe:MBAM.Zone.Identifier [322]

AlternateDataStreams: C:\Users\Public\AppData:CSM [120]

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]

Task: {66B84CFC-3A3D-4B14-883B-2323AB78C3D3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {F4D2A29D-AD41-421B-851C-B83A5787B789} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)

Task: {F61E5179-8E0B-494A-B3AB-EB022280C611} - System32\Tasks\MySQLNotifierTask => "C:\Program Files (x86)\MySQL\MySQL Notifier 1.1MySQLNotifier.exe" --c (No File)

ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File

ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File

ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File

ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File

ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File

ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File

S3 cpuz149; \??\C:\Users\GARRET~1\AppData\Local\Temp\cpuz149\cpuz149_x64.sys [X] <==== ATTENTION

S3 cpuz152; \??\C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [X] <==== ATTENTION

S3 cpuz157; \??\C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [X] <==== ATTENTION

S1 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]

S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X]

cmd: netsh winsock reset catalog

cmd: netsh int ip reset C:\resettcpip.txt

cmd: Bitsadmin /Reset /Allusers

cmd: ipconfig /flushdns

Removeproxy:

Emptytemp:

End::

*****************

SystemRestore: On => completed

Restore point was successfully created.

Processes closed successfully.

========================= Folder: C:\Users\Garrett's PC\AppData\Local\OAC ========================

2024-04-15 01:23 - 2024-04-15 01:23 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\Local\OAC\Saved

2024-04-15 01:23 - 2024-04-15 01:23 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config

2024-04-15 01:23 - 2024-04-15 01:30 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\CrashReportClient

2024-04-15 01:23 - 2024-04-15 01:23 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\CrashReportClient\UE4CC-Windows-50F54957430C04FF5AD87CA76360EDEF

2024-04-15 01:23 - 2024-04-15 01:23 - 000000112 ____A [13F8815C6C6582CD5630BAC6DF8D1E7C] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\CrashReportClient\UE4CC-Windows-50F54957430C04FF5AD87CA76360EDEF\CrashReportClient.ini

2024-04-15 01:30 - 2024-04-15 01:30 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\CrashReportClient\UE4CC-Windows-B059A0EC425E764BC24FB08C62A0EDA3

2024-04-15 01:30 - 2024-04-15 01:30 - 000000112 ____A [13F8815C6C6582CD5630BAC6DF8D1E7C] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\CrashReportClient\UE4CC-Windows-B059A0EC425E764BC24FB08C62A0EDA3\CrashReportClient.ini

2024-04-15 01:23 - 2024-04-15 01:55 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\Compat.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\DeviceProfiles.ini

2024-04-15 01:23 - 2024-04-15 01:55 - 000001661 ____A [FFBBE27F4CD901C6A1FEDEA543C6E6FE] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\Engine.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\Game.ini

2024-04-15 01:23 - 2024-04-15 01:55 - 000001092 ____A [BC92D9BAC9EFD3D750FCD3177FBB6E6A] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\GameUserSettings.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\Hardware.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\Input.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\LiveLink.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\MagicLeap.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\MagicLeapLightEstimation.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\MotoSynth.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\Niagara.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\Paper2D.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\PhysXVehicles.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\RuntimeOptions.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\Scalability.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\Synthesis.ini

2024-04-15 01:55 - 2024-04-15 01:55 - 000000002 ____A [81051BCC2CF1BEDF378224B0A93E2877] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Config\WindowsNoEditor\VariantManagerContent.ini

2024-04-15 01:23 - 2024-04-15 01:23 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\Local\OAC\Saved\Logs

2024-04-15 01:23 - 2024-04-15 01:49 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\Local\OAC\Saved\SaveGames

2024-04-15 01:23 - 2024-04-15 01:55 - 000013576 ____A [D665B73F8EBAA8FAA0B1AD3C3DBC256D] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\SaveGames\765611981107023574.sav

2024-04-15 01:23 - 2024-04-15 01:54 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\SaveGames\76561198110702357Stats

2024-04-15 01:27 - 2024-04-15 01:54 - 000002965 ____A [5324E15F6079CFDC47A407338F6480A5] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\SaveGames\76561198110702357Stats.sav

2024-04-15 01:24 - 2024-04-15 01:32 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\SaveGames\76561199017402038Stats

2024-04-15 01:23 - 2024-04-15 01:23 - 000001203 ____A [4EF607DDDA298BA464AF2E1F179FA42E] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\SaveGames\DLCadDrink.sav

2024-04-15 01:49 - 2024-04-15 01:49 - 000001684 ____A [7CCF6F2431F0D37863C4869F162A425D] () C:\Users\Garrett's PC\AppData\Local\OAC\Saved\SaveGames\Settings.sav

====== End of Folder: ======

========================= Folder: C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs ========================

2024-03-23 17:14 - 2024-03-25 14:38 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven

2024-03-23 17:15 - 2024-03-23 17:15 - 000059368 ____A [764452B2BE9B880553C64F49C5706D2B] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\1913526_512x512.png

2024-03-23 17:14 - 2024-03-25 01:54 - 000000181 ____A [26053DD3B89E6BF69F6F09E7C4C73B3C] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Hosts

2024-03-23 17:14 - 2024-03-25 15:12 - 000001375 ____A [B3D0FBDD2E96247CB726C29237CF1788] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Library

2024-03-23 17:14 - 2024-03-25 15:12 - 000169428 ____A [8ABE7AD336E1516C878E7914E9F8F91C] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Player.log

2024-03-23 17:14 - 2024-03-25 01:59 - 000065154 ____A [93D1A1FC124C3214CDDD2A8129DC4B14] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Player-prev.log

2024-03-23 17:14 - 2024-03-23 18:07 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Cookies

2024-03-23 18:07 - 2024-03-25 15:12 - 000000008 ____A [33CDECCCCEBE80329F1FDBEE7F5874CB] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Cookies\Library

2024-03-23 17:14 - 2024-03-23 17:14 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\HTTPCache

2024-03-23 17:14 - 2024-03-23 17:14 - 000261084 ____A [7283CFD3F4FE5AFBC039C21CC630FC20] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\HTTPCache\1

2024-03-23 17:14 - 2024-03-23 17:14 - 000242282 ____A [E1DCAA5F75D388BFADC1B51900A12299] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\HTTPCache\2

2024-03-23 17:14 - 2024-03-23 17:14 - 000266267 ____A [226F1080C90CA5D022365D02609C339F] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\HTTPCache\3

2024-03-23 17:14 - 2024-03-23 17:14 - 000192076 ____A [3339ABC807B6E143E38B0B6102D88159] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\HTTPCache\4

2024-03-23 17:14 - 2024-03-23 17:14 - 000224104 ____A [858210DBC8F861850DAB275B93833460] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\HTTPCache\5

2024-03-23 17:14 - 2024-03-23 17:14 - 000195052 ____A [EBD6E3E5DF6A2C4CEFA4615B027942E2] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\HTTPCache\6

2024-03-23 17:14 - 2024-03-23 17:14 - 000251051 ____A [D06F28133AEC526ED8ED93C5670D99DE] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\HTTPCache\7

2024-03-23 17:14 - 2024-03-23 17:14 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity

2024-03-23 17:14 - 2024-03-23 17:14 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity\e77632de-7840-48ff-913d-1fdbac17bf57

2024-03-23 17:14 - 2024-03-23 17:14 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity\e77632de-7840-48ff-913d-1fdbac17bf57\Analytics

2024-03-23 17:14 - 2024-03-25 14:38 - 000000293 ____A [8673A8AC0B06A9D056D08D62F857BA4B] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity\e77632de-7840-48ff-913d-1fdbac17bf57\Analytics\config

2024-03-23 17:14 - 2024-03-25 15:12 - 000000157 ____A [14A6BEF6ADF89C287858FCD4F6C55DD5] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity\e77632de-7840-48ff-913d-1fdbac17bf57\Analytics\values

2024-03-23 17:14 - 2024-03-25 15:12 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity\e77632de-7840-48ff-913d-1fdbac17bf57\Analytics\ArchivedEvents

2024-03-25 15:12 - 2024-03-25 15:12 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity\e77632de-7840-48ff-913d-1fdbac17bf57\Analytics\ArchivedEvents\171139373600005.35a49fa2

2024-03-25 15:12 - 2024-03-25 15:12 - 000000001 ____A [ECCBC87E4B5CE2FE28308FD9F2A7BAF3] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity\e77632de-7840-48ff-913d-1fdbac17bf57\Analytics\ArchivedEvents\171139373600005.35a49fa2\c

2024-03-25 15:12 - 2024-03-25 15:12 - 000000829 ____A [7968305526EDC1A5671502CFB5E64376] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity\e77632de-7840-48ff-913d-1fdbac17bf57\Analytics\ArchivedEvents\171139373600005.35a49fa2\e

2024-03-25 15:12 - 2024-03-25 15:12 - 000000001 ____A [C81E728D9D4C2F636F067F89CC14862C] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity\e77632de-7840-48ff-913d-1fdbac17bf57\Analytics\ArchivedEvents\171139373600005.35a49fa2\g

2024-03-25 15:12 - 2024-03-25 15:12 - 000000461 ____A [800431E9D875FA9DAAECA75511F13EFD] () C:\Users\Garrett's PC\AppData\LocalLow\For Fun Labs\Eleven\Unity\e77632de-7840-48ff-913d-1fdbac17bf57\Analytics\ArchivedEvents\171139373600005.35a49fa2\s

====== End of Folder: ======

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9FF2BDD-2B05-4EDD-B4D0-C727514EE79F}" => removed successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9FF2BDD-2B05-4EDD-B4D0-C727514EE79F}" => removed successfully

C:\WINDOWS\System32\Tasks\NvOptimizerTaskUpdater_V2 => moved successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvOptimizerTaskUpdater_V2" => removed successfully

C:\WINDOWS\system32\NvWinSearchOptimizer.ps1 => moved successfully

"C:\WINDOWS\system32\Tasks\NvOptimizerTaskUpdater_V2" => not found

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC.lnk => moved successfully

"C:\WINDOWS\NvOptimizerLog" Folder move:

C:\WINDOWS\NvOptimizerLog => moved successfully

"C:\Users\Garrett's PC\AppData\Local\vlc-updater" Folder move:

C:\Users\Garrett's PC\AppData\Local\vlc-updater => moved successfully

"C:\Users\Garrett's PC\AppData\Local\TaskUpdater" Folder move:

C:\Users\Garrett's PC\AppData\Local\TaskUpdater => moved successfully

"C:\WINDOWS\InternalKernelGrid4" Folder move:

C:\WINDOWS\InternalKernelGrid4 => moved successfully

C:\Users\Garrett's PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument removed successfully

C:\Users\Garrett's PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Shortcut argument removed successfully

C:\Users\Garrett's PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\63e1f6e8d7f2f9e7\Honey.lnk => Shortcut argument removed successfully

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Shortcut argument removed successfully

C:\Users\Public\Desktop\Google Chrome.lnk => Shortcut argument removed successfully

HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully

HKLM\SOFTWARE\Policies\Google => removed successfully

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully

C:\Logs => ":err" ADS removed successfully

C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully

C:\Users\Garrett's PC\Downloads\avg_antivirus_free_setup.exe => ":MBAM.Zone.Identifier" ADS removed successfully

C:\Users\Garrett's PC\Downloads\CCSetup.exe => ":MBAM.Zone.Identifier" ADS removed successfully

C:\Users\Garrett's PC\Downloads\ccsetup623.exe => ":MBAM.Zone.Identifier" ADS removed successfully

C:\Users\Garrett's PC\Downloads\spybotsd_2.9.85.5.exe => ":MBAM.Zone.Identifier" ADS removed successfully

C:\Users\Garrett's PC\Downloads\spywareblastersetup60.exe => ":MBAM.Zone.Identifier" ADS removed successfully

C:\Users\Public\AppData => ":CSM" ADS removed successfully

C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66B84CFC-3A3D-4B14-883B-2323AB78C3D3}" => removed successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66B84CFC-3A3D-4B14-883B-2323AB78C3D3}" => removed successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F4D2A29D-AD41-421B-851C-B83A5787B789}" => removed successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4D2A29D-AD41-421B-851C-B83A5787B789}" => removed successfully

C:\WINDOWS\System32\Tasks\ASUS\P508PowerAgent_sdk => moved successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => removed successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F61E5179-8E0B-494A-B3AB-EB022280C611}" => removed successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F61E5179-8E0B-494A-B3AB-EB022280C611}" => removed successfully

C:\WINDOWS\System32\Tasks\MySQLNotifierTask => moved successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySQLNotifierTask" => removed successfully

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully

HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully

HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM => removed successfully

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully

HKLM\System\CurrentControlSet\Services\cpuz149 => removed successfully

cpuz149 => service removed successfully

HKLM\System\CurrentControlSet\Services\cpuz152 => removed successfully

cpuz152 => service removed successfully

HKLM\System\CurrentControlSet\Services\cpuz157 => removed successfully

cpuz157 => service removed successfully

HKLM\System\CurrentControlSet\Services\EneTechIo => removed successfully

EneTechIo => service removed successfully

HKLM\System\CurrentControlSet\Services\hsstap => removed successfully

hsstap => service removed successfully

========= netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.

You must restart the computer in order to complete the reset.

========= End of CMD: =========

========= netsh int ip reset C:\resettcpip.txt =========

Resetting Compartment Forwarding, OK!

Resetting Compartment, OK!

Resetting Control Protocol, OK!

Resetting Echo Sequence Request, OK!

Resetting Global, OK!

Resetting Interface, OK!

Resetting Anycast Address, OK!

Resetting Multicast Address, OK!

Resetting Unicast Address, OK!

Resetting Neighbor, OK!

Resetting Path, OK!

Resetting Potential, OK!

Resetting Prefix Policy, OK!

Resetting Proxy Neighbor, OK!

Resetting Route, OK!

Resetting Site Prefix, OK!

Resetting Subinterface, OK!

Resetting Wakeup Pattern, OK!

Resetting Resolve Neighbor, OK!

Resetting , OK!

Resetting , OK!

Resetting , OK!

Resetting , OK!

Resetting , failed.

Access is denied.

Resetting , OK!

Resetting , OK!

Resetting , OK!

Resetting , OK!

Resetting , OK!

Resetting , OK!

Resetting , OK!

Resetting , OK!

Restart the computer to complete this action.

========= End of CMD: =========

========= Bitsadmin /Reset /Allusers =========

BITSADMIN version 3.0

BITS administration utility.

© Copyright Microsoft Corp.

{2ED9A4DF-A3C9-400E-8E33-5914D3714A07} canceled.

1 out of 1 jobs canceled.

========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

"HKU\S-1-5-21-1108670812-234273735-451653643-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully

"HKU\S-1-5-21-1108670812-234273735-451653643-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

========= End of RemoveProxy: =========

=========== EmptyTemp: ==========

FlushDNS => completed

BITS transfer queue => 0 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15087103 B

Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1779048832 B

Windows/system/drivers => 56616239 B

Edge => 0 B

Chrome => 502058691 B

Firefox => 0 B

Opera => 0 B

Temp, IE cache, history, cookies, recent:

Default => 0 B

ProgramData => 0 B

Public => 0 B

systemprofile => 16 B

systemprofile32 => 915098 B

LocalService => 927790 B

NetworkService => 927790 B

Garrett's PC => 57556174 B

SQLTELEMETRY$SQLEXPRESS => 57556174 B

MSSQL$SQLEXPRESS => 57556174 B

RecycleBin => 50197661 B

EmptyTemp: => 2.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 10:59:09 ====

Edited by TooTallGar, 20 April 2024 - 10:11 AM.