Malware - Please Help

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Janet Pickett, May 14, 2024.

  1. Janet Pickett

    Janet Pickett Private E-2

    Hello, Yesterday, 5/13/24, I evidently accidently clicked something that opened a doorway for malware. I am having several notifications come up when in Google Chrome. I have ran your suggested protocol in READ and RUN first but have not succeeded in solving the problem. I attached the report logs. Some of the notificaitions say things like "System Alert", "Your PC is infected with (7) viruses", "Virus attack! Attention!", "Alert".
     

    Attached Files:

    Janet Pickett, May 14, 2024
    #1
  2. Oh My!

    Oh My! Malware Expert Staff Member

    Greetings and welcome to the Major Geeks Malware Forum.

    Please do this

    ===================================================

    Farbar Recovery Scan Tool (FRST)

    --------------------
    • Right click on FRST64, select Save Link As..., and save the file on your Desktop
    • If your computer language is other than English right click on the FRST64 icon and rename it to FRST64english
    • Right click on the icon and select Run as administrator
    • Note: If you receive any warning about the download it is a false positive and you can ignore it. Click on More info to get the Run anyway option
    • Click Yes to the disclaimer
    • Click Scan and allow the program to run
    • When completed, FRST.txt and Addition.txt reports will be saved on the Desktop
    • Please attach the reports to your reply
    ===================================================

    Things I would like to see in your next reply.
    • Attached reports
     
    Oh My!, May 14, 2024
    #2
  3. Janet Pickett

    Janet Pickett Private E-2

    Hi there....please see reports attached for FRST64.
     

    Attached Files:

    Janet Pickett, May 14, 2024
    #3
  4. Oh My!

    Oh My! Malware Expert Staff Member

    Thank you for the reports and your patience.

    Please do this.

    ===================================================

    Checking Chrome Sync Status

    --------------------
    • Launch Chrome web browser
    • Type chrome://settings/syncSetup in the address bar and hit Enter
    • Report whether the page says Turn on sync... or Turn off
    • If you see Turn off (meaning it is on) click Manage what you sync and tell me if Sync everything is selected
    • If not, tell me which lines have darker blue dots
    ===================================================

    Uninstalling Programs Using Revo Uninstaller Free Portable

    --------------------

    • Download Revo Uninstaller Free Portable and save it to your Desktop
    • Right click on the folder and select Extract All..., then click Extract
    • Double click on the RevoUninstaller-Portable folder
    • Right click on RevoUPort and select Run as administrator
    • Click OK on the License Agreement
    • From the list of programs double click on the listed program(s), or anything similar, to remove it (if it exists)
    Code:
    Driver Support One
HP One Agent
    • If the program's uninstaller appears work through the steps to remove the program(s)
    • Be sure the Advanced option is selected then click Scan
    • For each window that may appear identifying leftover items click Select All, Delete, then confirm the deletion
    • Once done click Finish
    • Reboot your computer
    ===================================================

    Farbar Recovery Scan Tool Fix

    --------------------
    • Right click on the FRST64 icon and select Run as administrator
    • Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
    • There is no need to paste the information anywhere, FRST64 will do it for you
    Code:
    Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Edge Notifications: Default -> hxxps://en.softonic.com
CHR Notifications: Default -> hxxps://cp1cc2ghubcc73bqqjjg.junctionspeedforum.co.in; hxxps://cp1d7qohubcc73bsjs00.networkfullchain.co.in; hxxps://cp1npj8hubcc73c78hjg.networkfullchain.co.in; hxxps://cp1nsh0hubcc73c7cgg0.networkfullchain.co.in; hxxps://cp1nufghubcc73c7fd30.networkfullchain.co.in; hxxps://cp1nuughubcc73c7g2j0.networkfullchain.co.in; hxxps://cp1o1g8hubcc73c7jk40.networkfullchain.co.in; hxxps://cp1o1r8hubcc73c7k43g.networkfullchain.co.in; hxxps://cp1o2aohubcc73c7koe0.networkfullchain.co.in; hxxps://cp1o4h0hubcc73c7nqtg.networkfullchain.co.in; hxxps://cp1o5e8hubcc73c7p52g.networkfullchain.co.in; hxxps://www.facebook.com; hxxps://www.harryanddavid.com; hxxps://www.tasteofhome.com
C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe#E73882DF2E701D1C
2024-05-14 11:42 - 2024-05-14 11:42 - 048436088 _____ (Adlice Software ) C:\Users\Janet Pickett\Downloads\setup (2).exe
2024-05-14 11:41 - 2024-05-14 11:41 - 048436088 _____ (Adlice Software ) C:\Users\Janet Pickett\Downloads\setup (1).exe
2024-05-14 11:13 - 2024-05-14 11:13 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (6).exe
2024-05-14 11:13 - 2024-05-14 11:13 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (5).exe
2024-05-14 11:13 - 2024-05-14 11:13 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (4).exe
2024-05-14 11:12 - 2024-05-14 11:12 - 016998008 _____ C:\Users\Janet Pickett\Downloads\bitdefender_avfree.exe
2024-05-14 11:12 - 2024-05-14 11:12 - 016998008 _____ C:\Users\Janet Pickett\Downloads\bitdefender_avfree (2).exe
2024-05-14 11:12 - 2024-05-14 11:12 - 016998008 _____ C:\Users\Janet Pickett\Downloads\bitdefender_avfree (1).exe
2024-05-14 11:09 - 2024-05-14 11:09 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (8).exe
2024-05-14 11:08 - 2024-05-14 11:08 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (7).exe
2024-05-14 11:05 - 2024-05-14 11:05 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (6).exe
2024-05-14 11:05 - 2024-05-14 11:05 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect.exe
2024-05-14 11:05 - 2024-05-14 11:05 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (3).exe
2024-05-14 11:05 - 2024-05-14 11:05 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (2).exe
2024-05-14 11:05 - 2024-05-14 11:05 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (1).exe
2024-05-14 11:04 - 2024-05-14 11:04 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (5).exe
2024-05-14 11:03 - 2024-05-14 11:03 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (4).exe
2024-05-14 11:02 - 2024-05-14 11:02 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer.exe
2024-05-14 11:02 - 2024-05-14 11:02 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (3).exe
2024-05-14 11:02 - 2024-05-14 11:02 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (2).exe
2024-05-14 11:02 - 2024-05-14 11:02 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (1).exe
2024-05-14 10:25 - 2024-05-14 10:25 - 000000000 ____D C:\ProgramData\WPSInstallerTemp2
2024-05-14 12:09 - 2024-05-14 12:10 - 001993530 _____ C:\Users\Janet Pickett\Downloads\Unconfirmed 358229.crdownload 
Task: {92EF6358-FA07-4191-ACF3-B5EECCA33E75} - System32\Tasks\Opera scheduled Autoupdate 1633304624 => C:\Users\Janet Pickett\AppData\Local\Programs\Opera\launcher.exe  --scheduledautoupdate $(Arg0) (No File) 
HKU\S-1-5-21-1585599915-2336452685-3432531520-1001\...\Run: [] => [X] 
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X] 
R2 WildTangentHelper; "C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe" [X] 
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] 
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (No File) 
Task: {14CE88A7-BEFF-4220-8AC9-261F276C205D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC ReadyToReboot (No File) 
Task: {EDD3DD5C-4066-414B-9FC9-3D0DEC701147} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery ReadyToReboot (No File) 
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File) 
AV: Total AV (Disabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766}
cmd: netsh winsock reset catalog
cmd: netsh int ip reset resetlog.txt
Reg: reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules C:\Firewall.reg
C:\Firewall.reg
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: bitsadmin /reset /allusers
cmd: ipconfig /flushdns
Removeproxy:
hosts:
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
Emptytemp:
End::
    • Click Fix
    • When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
    • Note: This step resets your Firewall settings and you may be asked later to grant permission for legitimate programs to pass through the Firewall. If you recognize the program agree to the request.
    • Note: The Emptytemp: command will remove cookies and may result in some websites (like banking) indicating they do not recognize your computer. It may be necessary to receive and apply a verification code.
    ===================================================

    Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.
    • Chrome Sync status?
    • Programs uninstall?
    • Fixlog
     
    Oh My!, May 14, 2024
    #4
  5. Janet Pickett

    Janet Pickett Private E-2

    Hi...Chrome Sync Status: TURN OFF; SINK EVERYTHING

    Programs uninstalled:
    Driver Support One
    HP One Agent

    Fixlog
    Fix result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
    Ran by Janet Pickett (16-05-2024 00:12:02) Run:2
    Running from C:\Users\Janet Pickett\Desktop
    Loaded Profiles: Janet Pickett
    Boot Mode: Normal
    ==============================================
    fixlist content:
    *****************
    Start::
    SystemRestore: On
    CreateRestorePoint:
    CloseProcesses:
    Edge Notifications: Default -> hxxps://en.softonic.com
    CHR Notifications: Default -> hxxps://cp1cc2ghubcc73bqqjjg.junctionspeedforum.co.in; hxxps://cp1d7qohubcc73bsjs00.networkfullchain.co.in; hxxps://cp1npj8hubcc73c78hjg.networkfullchain.co.in; hxxps://cp1nsh0hubcc73c7cgg0.networkfullchain.co.in; hxxps://cp1nufghubcc73c7fd30.networkfullchain.co.in; hxxps://cp1nuughubcc73c7g2j0.networkfullchain.co.in; hxxps://cp1o1g8hubcc73c7jk40.networkfullchain.co.in; hxxps://cp1o1r8hubcc73c7k43g.networkfullchain.co.in; hxxps://cp1o2aohubcc73c7koe0.networkfullchain.co.in; hxxps://cp1o4h0hubcc73c7nqtg.networkfullchain.co.in; hxxps://cp1o5e8hubcc73c7p52g.networkfullchain.co.in; hxxps://www.facebook.com; hxxps://www.harryanddavid.com; hxxps://www.tasteofhome.com
    C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe#E73882DF2E701D1C
    2024-05-14 11:42 - 2024-05-14 11:42 - 048436088 _____ (Adlice Software ) C:\Users\Janet Pickett\Downloads\setup (2).exe
    2024-05-14 11:41 - 2024-05-14 11:41 - 048436088 _____ (Adlice Software ) C:\Users\Janet Pickett\Downloads\setup (1).exe
    2024-05-14 11:13 - 2024-05-14 11:13 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (6).exe
    2024-05-14 11:13 - 2024-05-14 11:13 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (5).exe
    2024-05-14 11:13 - 2024-05-14 11:13 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (4).exe
    2024-05-14 11:12 - 2024-05-14 11:12 - 016998008 _____ C:\Users\Janet Pickett\Downloads\bitdefender_avfree.exe
    2024-05-14 11:12 - 2024-05-14 11:12 - 016998008 _____ C:\Users\Janet Pickett\Downloads\bitdefender_avfree (2).exe
    2024-05-14 11:12 - 2024-05-14 11:12 - 016998008 _____ C:\Users\Janet Pickett\Downloads\bitdefender_avfree (1).exe
    2024-05-14 11:09 - 2024-05-14 11:09 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (8).exe
    2024-05-14 11:08 - 2024-05-14 11:08 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (7).exe
    2024-05-14 11:05 - 2024-05-14 11:05 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (6).exe
    2024-05-14 11:05 - 2024-05-14 11:05 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect.exe
    2024-05-14 11:05 - 2024-05-14 11:05 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (3).exe
    2024-05-14 11:05 - 2024-05-14 11:05 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (2).exe
    2024-05-14 11:05 - 2024-05-14 11:05 - 000751552 _____ (Fortect) C:\Users\Janet Pickett\Downloads\Fortect (1).exe
    2024-05-14 11:04 - 2024-05-14 11:04 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (5).exe
    2024-05-14 11:03 - 2024-05-14 11:03 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (4).exe
    2024-05-14 11:02 - 2024-05-14 11:02 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer.exe
    2024-05-14 11:02 - 2024-05-14 11:02 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (3).exe
    2024-05-14 11:02 - 2024-05-14 11:02 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (2).exe
    2024-05-14 11:02 - 2024-05-14 11:02 - 002585496 _____ (Malwarebytes) C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (1).exe
    2024-05-14 10:25 - 2024-05-14 10:25 - 000000000 ____D C:\ProgramData\WPSInstallerTemp2
    2024-05-14 12:09 - 2024-05-14 12:10 - 001993530 _____ C:\Users\Janet Pickett\Downloads\Unconfirmed 358229.crdownload
    Task: {92EF6358-FA07-4191-ACF3-B5EECCA33E75} - System32\Tasks\Opera scheduled Autoupdate 1633304624 => C:\Users\Janet Pickett\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
    HKU\S-1-5-21-1585599915-2336452685-3432531520-1001\...\Run: [] => [X]
    S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
    R2 WildTangentHelper; "C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe" [X]
    S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
    Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
    Task: {14CE88A7-BEFF-4220-8AC9-261F276C205D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
    Task: {EDD3DD5C-4066-414B-9FC9-3D0DEC701147} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
    Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
    AV: Total AV (Disabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766}
    cmd: netsh winsock reset catalog
    cmd: netsh int ip reset resetlog.txt
    Reg: reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules C:\Firewall.reg
    C:\Firewall.reg
    cmd: netsh advfirewall reset
    cmd: netsh advfirewall set allprofiles state ON
    cmd: bitsadmin /reset /allusers
    cmd: ipconfig /flushdns
    Removeproxy:
    hosts:
    cmd: sfc /scannow
    cmd: DISM /Online /Cleanup-Image /CheckHealth
    Emptytemp:
    End::
    *****************
    SystemRestore: On => completed
    Restore point was successfully created.
    Processes closed successfully.
    "Edge Notifications:" => not found
    "Chrome Notifications:" => not found
    "C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe#E73882DF2E701D1C" => not found
    "C:\Users\Janet Pickett\Downloads\setup (2).exe" => not found
    "C:\Users\Janet Pickett\Downloads\setup (1).exe" => not found
    "C:\Users\Janet Pickett\Downloads\Fortect (6).exe" => not found
    "C:\Users\Janet Pickett\Downloads\Fortect (5).exe" => not found
    "C:\Users\Janet Pickett\Downloads\Fortect (4).exe" => not found
    "C:\Users\Janet Pickett\Downloads\bitdefender_avfree.exe" => not found
    "C:\Users\Janet Pickett\Downloads\bitdefender_avfree (2).exe" => not found
    "C:\Users\Janet Pickett\Downloads\bitdefender_avfree (1).exe" => not found
    "C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (8).exe" => not found
    "C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (7).exe" => not found
    "C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (6).exe" => not found
    "C:\Users\Janet Pickett\Downloads\Fortect.exe" => not found
    "C:\Users\Janet Pickett\Downloads\Fortect (3).exe" => not found
    "C:\Users\Janet Pickett\Downloads\Fortect (2).exe" => not found
    "C:\Users\Janet Pickett\Downloads\Fortect (1).exe" => not found
    "C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (5).exe" => not found
    "C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (4).exe" => not found
    "C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer.exe" => not found
    "C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (3).exe" => not found
    "C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (2).exe" => not found
    "C:\Users\Janet Pickett\Downloads\MBSetup-0000870.0000870-consumer (1).exe" => not found
    "C:\ProgramData\WPSInstallerTemp2" => not found
    "C:\Users\Janet Pickett\Downloads\Unconfirmed 358229.crdownload" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92EF6358-FA07-4191-ACF3-B5EECCA33E75}" => not found
    "C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1633304624" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1633304624" => not found
    "HKU\S-1-5-21-1585599915-2336452685-3432531520-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => not found
    HP Comm Recover => service not found.
    WildTangentHelper => service not found.
    WinSetupMon => service not found.
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => not found
    "C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14CE88A7-BEFF-4220-8AC9-261F276C205D}" => not found
    "C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDD3DD5C-4066-414B-9FC9-3D0DEC701147}" => not found
    "C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => not found
    "C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => not found
    "AV: Total AV (Disabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766}" => not found
    ========= netsh winsock reset catalog =========
    Sucessfully reset the Winsock Catalog.
    You must restart the computer in order to complete the reset.
    ========= End of CMD: =========
    ========= netsh int ip reset resetlog.txt =========
    Resetting Compartment Forwarding, OK!
    Resetting Compartment, OK!
    Resetting Control Protocol, OK!
    Resetting Echo Sequence Request, OK!
    Resetting Global, OK!
    Resetting Interface, OK!
    Resetting Anycast Address, OK!
    Resetting Multicast Address, OK!
    Resetting Unicast Address, OK!
    Resetting Neighbor, OK!
    Resetting Path, OK!
    Resetting Potential, OK!
    Resetting Prefix Policy, OK!
    Resetting Proxy Neighbor, OK!
    Resetting Route, OK!
    Resetting Site Prefix, OK!
    Resetting Subinterface, OK!
    Resetting Wakeup Pattern, OK!
    Resetting Resolve Neighbor, OK!
    Resetting , OK!
    Resetting , OK!
    Resetting , OK!
    Resetting , OK!
    Resetting , failed.
    Access is denied.
    Resetting , OK!
    Resetting , OK!
    Resetting , OK!
    Resetting , OK!
    Resetting , OK!
    Resetting , OK!
    Resetting , OK!
    Resetting , OK!
    Restart the computer to complete this action.
    ========= End of CMD: =========
    ========= reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules C:\Firewall.reg =========
    The operation completed successfully.
    ========= End of Reg: =========
    C:\Firewall.reg => moved successfully
    ========= netsh advfirewall reset =========
    Ok.
    ========= End of CMD: =========
    ========= netsh advfirewall set allprofiles state ON =========
    Ok.
    ========= End of CMD: =========
    ========= bitsadmin /reset /allusers =========
    BITSADMIN version 3.0
    BITS administration utility.
    (C) Copyright Microsoft Corp.
    0 out of 0 jobs canceled.
    ========= End of CMD: =========
    ========= ipconfig /flushdns =========
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    ========= End of CMD: =========
    ========= RemoveProxy: =========
    "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
    "HKU\S-1-5-21-1585599915-2336452685-3432531520-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
    "HKU\S-1-5-21-1585599915-2336452685-3432531520-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
    ========= End of RemoveProxy: =========
    C:\Windows\System32\Drivers\etc\hosts => moved successfully
    Hosts restored successfully.
    ========= sfc /scannow =========
    Beginning system scan. This process will take some time.
    Beginning verification phase of system scan.
    Verification 0% complete.
    Verification 1% complete.
    Verification 1% complete.
    Verification 2% complete.
    Verification 3% complete.
    Verification 3% complete.
    Verification 4% complete.
    Verification 5% complete.
    Verification 5% complete.
    Verification 6% complete.
    Verification 6% complete.
    Verification 7% complete.
    Verification 8% complete.
    Verification 8% complete.
    Verification 9% complete.
    Verification 10% complete.
    Verification 10% complete.
    Verification 11% complete.
    Verification 11% complete.
    Verification 12% complete.
    Verification 13% complete.
    Verification 13% complete.
    Verification 14% complete.
    Verification 15% complete.
    Verification 15% complete.
    Verification 16% complete.
    Verification 17% complete.
    Verification 17% complete.
    Verification 18% complete.
    Verification 18% complete.
    Verification 19% complete.
    Verification 20% complete.
    Verification 20% complete.
    Verification 21% complete.
    Verification 22% complete.
    Verification 22% complete.
    Verification 23% complete.
    Verification 23% complete.
    Verification 24% complete.
    Verification 25% complete.
    Verification 25% complete.
    Verification 26% complete.
    Verification 27% complete.
    Verification 27% complete.
    Verification 28% complete.
    Verification 28% complete.
    Verification 29% complete.
    Verification 30% complete.
    Verification 30% complete.
    Verification 31% complete.
    Verification 32% complete.
    Verification 32% complete.
    Verification 33% complete.
    Verification 34% complete.
    Verification 34% complete.
    Verification 35% complete.
    Verification 35% complete.
    Verification 36% complete.
    Verification 37% complete.
    Verification 37% complete.
    Verification 38% complete.
    Verification 39% complete.
    Verification 39% complete.
    Verification 40% complete.
    Verification 40% complete.
    Verification 41% complete.
    Verification 42% complete.
    Verification 42% complete.
    Verification 43% complete.
    Verification 44% complete.
    Verification 44% complete.
    Verification 45% complete.
    Verification 46% complete.
    Verification 46% complete.
    Verification 47% complete.
    Verification 47% complete.
    Verification 48% complete.
    Verification 49% complete.
    Verification 49% complete.
    Verification 50% complete.
    Verification 51% complete.
    Verification 51% complete.
    Verification 52% complete.
    Verification 52% complete.
    Verification 53% complete.
    Verification 54% complete.
    Verification 54% complete.
    Verification 55% complete.
    Verification 56% complete.
    Verification 56% complete.
    Verification 57% complete.
    Verification 57% complete.
    Verification 58% complete.
    Verification 59% complete.
    Verification 59% complete.
    Verification 60% complete.
    Verification 61% complete.
    Verification 61% complete.
    Verification 62% complete.
    Verification 63% complete.
    Verification 63% complete.
    Verification 64% complete.
    Verification 64% complete.
    Verification 65% complete.
    Verification 66% complete.
    Verification 66% complete.
    Verification 67% complete.
    Verification 68% complete.
    Verification 68% complete.
    Verification 69% complete.
    Verification 69% complete.
    Verification 70% complete.
    Verification 71% complete.
    Verification 71% complete.
    Verification 72% complete.
    Verification 73% complete.
    Verification 73% complete.
    Verification 74% complete.
    Verification 75% complete.
    Verification 75% complete.
    Verification 76% complete.
    Verification 76% complete.
    Verification 77% complete.
    Verification 78% complete.
    Verification 78% complete.
    Verification 79% complete.
    Verification 80% complete.
    Verification 80% complete.
    Verification 81% complete.
    Verification 81% complete.
    Verification 82% complete.
    Verification 83% complete.
    Verification 83% complete.
    Verification 84% complete.
    Verification 85% complete.
    Verification 85% complete.
    Verification 86% complete.
    Verification 86% complete.
    Verification 87% complete.
    Verification 88% complete.
    Verification 88% complete.
    Verification 89% complete.
    Verification 90% complete.
    Verification 90% complete.
    Verification 91% complete.
    Verification 92% complete.
    Verification 92% complete.
    Verification 93% complete.
    Verification 93% complete.
    Verification 94% complete.
    Verification 95% complete.
    Verification 95% complete.
    Verification 96% complete.
    Verification 97% complete.
    Verification 97% complete.
    Verification 98% complete.
    Verification 98% complete.
    Verification 99% complete.
    Verification 100% complete.
    Windows Resource Protection did not find any integrity violations.
    ========= End of CMD: =========
    ========= DISM /Online /Cleanup-Image /CheckHealth =========
    Deployment Image Servicing and Management tool
    Version: 10.0.22621.2792
    Image Version: 10.0.22631.3593
    No component store corruption detected.
    The operation completed successfully.
    ========= End of CMD: =========
    =========== EmptyTemp: ==========
    FlushDNS => completed
    BITS transfer queue => 0 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9552321 B
    Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
    Windows/system/drivers => 1707696 B
    Edge => 0 B
    Chrome => 79603095 B
    Firefox => 0 B
    Opera => 0 B
    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 4900 B
    NetworkService => 4900 B
    Janet Pickett => 1823557 B
    RecycleBin => 1560445 B
    EmptyTemp: => 89.9 MB temporary data Removed.
    ================================
    The system needed a reboot.
    ==== End of Fixlog 00:15:26 ====
     
    Janet Pickett, May 16, 2024
    #5
  6. Oh My!

    Oh My! Malware Expert Staff Member

    It appears the fix was run twice, which is OK but I just need to understand the results. Did it run twice?
     
    Oh My!, May 16, 2024
    #6
  7. Janet Pickett

    Janet Pickett Private E-2

    Yes, I'm sorry....I accidently deleted the fixlog so I ran it again.
     
    Janet Pickett, May 16, 2024
    #7
  8. Oh My!

    Oh My! Malware Expert Staff Member

    Not a problem at all. Just want to make sure we are on the same page.

    How are things?
     
    Oh My!, May 16, 2024
    #8
  9. Janet Pickett

    Janet Pickett Private E-2

    Looks like its all fixed!!! Thanks so very very much!!!
     
    Janet Pickett, May 16, 2024
    #9
  10. Janet Pickett

    Janet Pickett Private E-2

    You Are Awesome!!!
     
    Janet Pickett, May 16, 2024
    #10
  11. Oh My!

    Oh My! Malware Expert Staff Member

    You are very kind.

    We need to do just a bit more work.

    First, do you have other devices using Chrome and if so are there any issues?

    Second, I would like you to manually Sync Chrome then recheck the browser to see if the issue(s) return.
     
    Oh My!, May 16, 2024
    #11

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds