Hi pgmigg,
A. - No problems in executing the instructions.
B. - Step 1. - Users List (AllUsers.txt log list) - NOTHING LISTED ON AllUsers.txt LOG LIST TO COPY AND PASTE HERE, maybe I didn't do it correctly??
Step 2. - Create a Backup With Tweaking.com Registry Backup (TCRB) - SUCCESSFUL ON CREATING THE BACKUP!
C. - Step 3. - FRST Fix (fixlog.txt log file)
Fix result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by hp (11-01-2018 21:04:32) Run:1
Running from C:\Users\hp\Desktop
Loaded Profiles: hp (Available Profiles: hp)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
Toolbar: HKU\S-1-5-21-911912479-2911234598-3309385713-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR Extension: (Norton Security Toolbar) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2015-10-04]
CHR NewTab: Profile 1 -> Not-active:"chrome-extension://abkheghpcopcjckpcdmehckmbepkonbb/product.html", Not-active:"chrome-extension://egechnfgfhgcccjdkinlbbaahnbobpok/newtab/newtab.html"
CHR Extension: (Piggy - Automatic Coupons & Cash Back) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2017-12-17]
CHR Extension: (Norton Identity Safe) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-04]
Task: {26A1F2F2-84B2-4D95-A972-84070BE1B9EC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3A99206C-B99C-4A72-BF02-B3D3AF75DDF9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {40E409CC-786F-4065-A855-2E858E475F4E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {628B723E-1B35-42A7-85CB-EE7F7C5373C2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {83EE8CEA-075A-44A3-80B0-421A546EACF0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {991F7922-FEA7-42C0-9D45-2662B3840506} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9CC40DA9-47AD-4912-806A-1BC416E18CF6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BE411AC0-684B-4DB9-BEDA-9C94C3DC64CF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D7382681-569F-4EAC-8BC7-50E642B160D4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {DADEC4D2-4CE1-403B-9432-9E4547B4E041} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E252A2C0-D72B-4B96-981B-745AF3DAF954} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F2B3759F-1A54-4844-B6AA-45411A49E219} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
EmptyTemp:
CMD: ipconfig /flushdns
*****************
Restore point was successfully created.
"HKU\S-1-5-21-911912479-2911234598-3309385713-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found
CHR Extension: (Norton Security Toolbar) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2015-10-04] => Error: No automatic fix found for this entry.
"Chrome NewTab" => removed successfully
CHR Extension: (Piggy - Automatic Coupons & Cash Back) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2017-12-17] => Error: No automatic fix found for this entry.
CHR Extension: (Norton Identity Safe) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-04] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26A1F2F2-84B2-4D95-A972-84070BE1B9EC} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26A1F2F2-84B2-4D95-A972-84070BE1B9EC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3A99206C-B99C-4A72-BF02-B3D3AF75DDF9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A99206C-B99C-4A72-BF02-B3D3AF75DDF9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40E409CC-786F-4065-A855-2E858E475F4E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40E409CC-786F-4065-A855-2E858E475F4E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{628B723E-1B35-42A7-85CB-EE7F7C5373C2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{628B723E-1B35-42A7-85CB-EE7F7C5373C2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83EE8CEA-075A-44A3-80B0-421A546EACF0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83EE8CEA-075A-44A3-80B0-421A546EACF0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{991F7922-FEA7-42C0-9D45-2662B3840506}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{991F7922-FEA7-42C0-9D45-2662B3840506}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CC40DA9-47AD-4912-806A-1BC416E18CF6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CC40DA9-47AD-4912-806A-1BC416E18CF6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE411AC0-684B-4DB9-BEDA-9C94C3DC64CF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE411AC0-684B-4DB9-BEDA-9C94C3DC64CF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7382681-569F-4EAC-8BC7-50E642B160D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7382681-569F-4EAC-8BC7-50E642B160D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DADEC4D2-4CE1-403B-9432-9E4547B4E041}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DADEC4D2-4CE1-403B-9432-9E4547B4E041}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E252A2C0-D72B-4B96-981B-745AF3DAF954}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E252A2C0-D72B-4B96-981B-745AF3DAF954}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2B3759F-1A54-4844-B6AA-45411A49E219}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2B3759F-1A54-4844-B6AA-45411A49E219}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18108214 B
Java, Flash, Steam htmlcache => 820 B
Windows/system/drivers => 2621242 B
Edge => 1596963 B
Chrome => 789075123 B
Firefox => 9202581 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 218066 B
hp => 118541591 B
RecycleBin => 1127812021 B
EmptyTemp: => 1.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:06:38 ====
D. - Step 4. - AdwCleaner - Scan Only
# AdwCleaner 7.0.6.0 - Logfile created on Fri Jan 12 05:28:57 2018
# Updated on 2017/21/12 by Malwarebytes
# Database: 01-10-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support:
https://www.malwarebytes.com/support***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
PUP.Optional.Legacy, C:\Users\hp\Desktop\SysInfo.exe
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
E. - CHANGES IN COMPUTER - YES, IT SEEMS TO RUN FASTER AND BETTER! THANK YOU SO MUCH!!
You're the best pgmigg! I think everything is fine now, thank you for all your help! I will check back tomorrow to see if you want me to do anything else.
Thanks again,
jlp0007