CreateRestorePoint: [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-4265441916-1708264049-1492465063-1000\Products\9095C29B73D115C438792AB82BE8D53C] cmd: reg delete "HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v {A789A075-219B-4817-8B9A-736D010F6EE7} cmd: reg delete "HKLM\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v {A789A075-219B-4817-8B9A-736D010F6EE7} cmd: reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v {A789A075-219B-4817-8B9A-736D010F6EE7} [-HKEY_USERS\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin] [-HKEY_USERS\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\Classes\SkypeLimited.SkypeWebPlugin] [-HKEY_USERS\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}] [-HKEY_USERS\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\SkypeLimited.SkypeWebPlugin.1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDEE0F0-ECD7-423c-BD1C-525ECBAC7E1B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DE54081F-08ED-44AE-AE80-13DEAA19A44A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ccApp.exe] cmd: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders" /v "C:\ProgramData\Symantec\Symantec Endpoint Protection\Logs\" cmd: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders" /v "C:\ProgramData\Symantec\" cmd: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders" /v "C:\ProgramData\Symantec\Symantec Endpoint Protection\BadPatts\" cmd: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders" /v "C:\ProgramData\Symantec\Symantec Endpoint Protection\Quarantine\" [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E53A294F83182D45A3785356A851754] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3571CAAE9CB99C142A2C016A1D3371A6] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45F815C3124010547971DF191BC1F2F6] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\624FFDC2268AC6C4A9E6BC5926E5A098] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6863B6A31DB198C4A9004B226A88E144] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\72C318A4B1B384747BFE1BD0CBBF1905] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C402F663CCF7F747950A8CB1BC65DF0] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9564B09A01EE9544F8FAC969954CABBD] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A1908545DC7015C4F9B24A3A22FDA1DE] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ADC4377FD9FC3734F9AD63CE4955FE71] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B89A123E3228AD04989794840B9B14A7] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2707F7F2CF78E542BCED2E4F08F441C] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFF5FB428728B774CB0E9EDFA7291356] cmd: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceGroupOrder" /v "Symantec Core Services" cmd: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceGroupOrder" /v "Symantec Services" cmd: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\ServiceGroupOrder" /v "Symantec Core Services" cmd: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\ServiceGroupOrder" /v "Symantec Services" cmd: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceGroupOrder" /v "Symantec Core Services" cmd: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceGroupOrder" /v "Symantec Services" CMD: ipconfig /flushdns CMD: netsh winsock reset catalog CMD: netsh int ip reset c:\resetlog.txt CMD: ipconfig /release CMD: ipconfig /renew EmptyTemp: