ProxyEnable: [.DEFAULT] => Proxy is enabled. ProxyServer: [.DEFAULT] => 127.0.0.1:1080 Task: {1CB800FF-C5CA-4410-AC31-5CDF123022AD} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies) Task: {BB6C6411-A7E0-43CF-8622-02D62F2E9833} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies) FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\06wnhiu5.default-1504139140416\searchplugins\bing-lavasoft-ff59.xml [2018-05-27] FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies) FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies) FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File] R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer Networking Ltd. -> Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer Networking Ltd. -> Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer Networking Ltd. -> Safer-Networking Ltd.) U2 TMAgent; no ImagePath ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File FirewallRules: [TCP Query User{1C4684DB-B963-4CC2-B043-CCB8F4ED764F}C:\program files (x86)\wondershare\vcu\urlreqservice.exe] => (Allow) C:\program files (x86)\wondershare\vcu\urlreqservice.exe => No File FirewallRules: [UDP Query User{0EC9AC9C-5987-4987-8707-44B649587DC2}C:\program files (x86)\wondershare\vcu\urlreqservice.exe] => (Allow) C:\program files (x86)\wondershare\vcu\urlreqservice.exe => No File FirewallRules: [TCP Query User{561AD7C6-BCC6-4F64-AA9B-0FE7AC2C643C}C:\users\owner\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\owner\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe => No File FirewallRules: [UDP Query User{3EC44355-D004-4969-B468-59010EA3F679}C:\users\owner\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\owner\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe => No File FirewallRules: [TCP Query User{55F91AA5-706E-4125-885D-B110A37FCE87}C:\program files (x86)\common files\oracle\java\javapath_target_2146985553\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_2146985553\java.exe => No File FirewallRules: [UDP Query User{15705161-3644-493C-ACA6-02132ED49003}C:\program files (x86)\common files\oracle\java\javapath_target_2146985553\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_2146985553\java.exe => No File FirewallRules: [{D97DF715-A02F-4C93-A6FC-2A29FB1348D2}] => (Block) C:\program files (x86)\common files\oracle\java\javapath_target_2146985553\java.exe => No File FirewallRules: [{D3E33636-8100-4B24-9673-CD018C64D132}] => (Block) C:\program files (x86)\common files\oracle\java\javapath_target_2146985553\java.exe => No File CMD: SFC /scannow CMD: findstr /c:"[SR]" \windows\logs\cbs\cbs.log CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" Reboot: