Uninstall debug information

Question

Uninstall debug information

Closed this issue 7 years ago · 1 comments

thegeekkid commented 7 years ago

Submitted issue:
Testing hash uninstall 3

Debug info:

Starting hash based uninstall

Downloading Definitions

Definitions downloaded.

Checking C:\Windows\47e0096fb443a3a2a4f9414936e2548f49d4d4f30af9db55d3d1186bb3f8969d.log

C:\Windows\47e0096fb443a3a2a4f9414936e2548f49d4d4f30af9db55d3d1186bb3f8969d.log hash: A7F279C96FC05740CB884B63E31DF3BC9931481C724BF38134A59C6850CDB8A4

C:\Windows\47e0096fb443a3a2a4f9414936e2548f49d4d4f30af9db55d3d1186bb3f8969d.log matched to regedit.

Checking C:\Windows\6975de04b6403f5d4cd282477790b1f49e62e2bc762ca9b6d94b19c4237464dd.log

C:\Windows\6975de04b6403f5d4cd282477790b1f49e62e2bc762ca9b6d94b19c4237464dd.log hash: A7F279C96FC05740CB884B63E31DF3BC9931481C724BF38134A59C6850CDB8A4

C:\Windows\6975de04b6403f5d4cd282477790b1f49e62e2bc762ca9b6d94b19c4237464dd.log matched to regedit.

Checking C:\Windows\9065e93b33690de9554a0821dc92720da703342c6a9226d9e1f79d6b20b38c1c.log

C:\Windows\9065e93b33690de9554a0821dc92720da703342c6a9226d9e1f79d6b20b38c1c.log hash: A7F279C96FC05740CB884B63E31DF3BC9931481C724BF38134A59C6850CDB8A4

C:\Windows\9065e93b33690de9554a0821dc92720da703342c6a9226d9e1f79d6b20b38c1c.log matched to regedit.

Checking C:\Windows\DtcInstall.log

C:\Windows\DtcInstall.log hash: BB71C088E64ABF4917D804F1D5C982E0A2013F4F9B2B7956956EF4B526F67685

Checking C:\Windows\lsasetup.log

C:\Windows\lsasetup.log hash: 8B98C4422535C1A7FA78E6ADADA316A912FEE7744964F4E757433EBA063E993B

Checking C:\Windows\setuperr.log

C:\Windows\setuperr.log hash: E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855

Checking C:\Windows\WindowsUpdate.log

C:\Windows\WindowsUpdate.log hash: 492C9B102256321FB5598FF87ED5BCCAB8159F36DD8416CE4011FFBF5E96048D

C:\Windows\System32\012bb45bd1abf60dbe7a662bd6d6aedcf6981c93be0dcd2dad24571cde7a905c.log hash: 1501986365AE248C8E4998ECADD52F44ACF9E31D05FA10B0C324DC12D4A5C07E

C:\Windows\System32\012bb45bd1abf60dbe7a662bd6d6aedcf6981c93be0dcd2dad24571cde7a905c.log matched to Event Viewer.

C:\Windows\System32\0647e2234c1bbc0c307af325c86493b1276f6b126d6e350487cde879579164e9.log hash: 1501986365AE248C8E4998ECADD52F44ACF9E31D05FA10B0C324DC12D4A5C07E

C:\Windows\System32\0647e2234c1bbc0c307af325c86493b1276f6b126d6e350487cde879579164e9.log matched to Event Viewer.

C:\Windows\System32\0e3cda44778c97af14e8b8043824b832ec315cc4d620bf08b8577521ae7e0b04.log hash: F6B6BFCA5F7483B3140735F7753CEFCF33265DB3B7113ED015B9A37299C7F90F

C:\Windows\System32\0e3cda44778c97af14e8b8043824b832ec315cc4d620bf08b8577521ae7e0b04.log matched to perfmon.

C:\Windows\System32\17c8283ebdf4677ce0e6b32467945053e7232260613b49d54db9809040f0d2b7.log hash: 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2

C:\Windows\System32\17c8283ebdf4677ce0e6b32467945053e7232260613b49d54db9809040f0d2b7.log matched to cmd.

C:\Windows\System32\199f7dfbcbd69a72838ee548f1f00b7e3cb217bd850704115261211b2f586a9a.log hash: AC9B4A57BE180E2BAB2CC2718D017FE9FC806927DA69B82B0BAA229C4065ECD2

C:\Windows\System32\199f7dfbcbd69a72838ee548f1f00b7e3cb217bd850704115261211b2f586a9a.log matched to MsConfig.

C:\Windows\System32\1d4b8590b9039eec173b35121160c47136d5872c83101af14bb1beaf2e637438.log hash: 17DD017B7E7D1DC835CDF5E57156A0FF508EBBC7F4A48E65D77E026C33FCB58E

C:\Windows\System32\1d697ebfff5648508ef0bc71ae0ae3862144ac66d907b650ef4ca5603183e0d5.log hash: 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2

C:\Windows\System32\1d697ebfff5648508ef0bc71ae0ae3862144ac66d907b650ef4ca5603183e0d5.log matched to cmd.

C:\Windows\System32\4f4ffb9b6166dbe1598816b93c154f4fe26c3bbcee476d8efdd05c08ce1570ae.log hash: F6B6BFCA5F7483B3140735F7753CEFCF33265DB3B7113ED015B9A37299C7F90F

C:\Windows\System32\4f4ffb9b6166dbe1598816b93c154f4fe26c3bbcee476d8efdd05c08ce1570ae.log matched to perfmon.

C:\Windows\System32\59ed7ad6384ff573bbd628ac8f6d9384b416b86eb9670998dbd6c7318c19ad1c.log hash: C33F6532E98DD6FBFF3F30B80982D2B6B97D8A78AF19F50D0C8A9C114AA0C510

C:\Windows\System32\59ed7ad6384ff573bbd628ac8f6d9384b416b86eb9670998dbd6c7318c19ad1c.log matched to syskey.

C:\Windows\System32\6345681fe483a8adb56b785e5296bfe4ed1cf08d88ee8e34a22b31dfd72f5991.log hash: C33F6532E98DD6FBFF3F30B80982D2B6B97D8A78AF19F50D0C8A9C114AA0C510

C:\Windows\System32\6345681fe483a8adb56b785e5296bfe4ed1cf08d88ee8e34a22b31dfd72f5991.log matched to syskey.

C:\Windows\System32\784a53ee8fb847b8308142a14b2ec5666d5042832839627f53d497769ff3fb1b.log hash: 1501986365AE248C8E4998ECADD52F44ACF9E31D05FA10B0C324DC12D4A5C07E

C:\Windows\System32\784a53ee8fb847b8308142a14b2ec5666d5042832839627f53d497769ff3fb1b.log matched to Event Viewer.

C:\Windows\System32\7f2142c711b8a7bd21aa8be1ca6462156d865a38a6c846f2db2f5e33689b6789.log hash: AC9B4A57BE180E2BAB2CC2718D017FE9FC806927DA69B82B0BAA229C4065ECD2

C:\Windows\System32\7f2142c711b8a7bd21aa8be1ca6462156d865a38a6c846f2db2f5e33689b6789.log matched to MsConfig.

C:\Windows\System32\870985ab18294d269fdc86c07c54b5654a19f42c865999f936dce413ef05a2c0.log hash: DA0ACEE8F60A460CFB5249E262D3D53211EBC4C777579E99C8202B761541110A

C:\Windows\System32\870985ab18294d269fdc86c07c54b5654a19f42c865999f936dce413ef05a2c0.log matched to Notepad.

C:\Windows\System32\8abccd724d1b777c85c865c66fc8a9bf29d05bdc1db82a9998e0ae31a8fa9a53.log hash: C33F6532E98DD6FBFF3F30B80982D2B6B97D8A78AF19F50D0C8A9C114AA0C510

C:\Windows\System32\8abccd724d1b777c85c865c66fc8a9bf29d05bdc1db82a9998e0ae31a8fa9a53.log matched to syskey.

C:\Windows\System32\9841d3d0833dde0114a7bb9a6165275bc518b9b80b3cf6af9ff543514c048ce8.log hash: 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2

C:\Windows\System32\9841d3d0833dde0114a7bb9a6165275bc518b9b80b3cf6af9ff543514c048ce8.log matched to cmd.

C:\Windows\System32\9fffc03838839293e80f04c8836c8201639a1b92c43a5f8b68f3a6862dd5c02a.log hash: DA0ACEE8F60A460CFB5249E262D3D53211EBC4C777579E99C8202B761541110A

C:\Windows\System32\9fffc03838839293e80f04c8836c8201639a1b92c43a5f8b68f3a6862dd5c02a.log matched to Notepad.

C:\Windows\System32\a120cb4b0823a2cf01f418720d8b4445d3b8d9b89551f3cb8857b20f44e37b3a.log hash: 17DD017B7E7D1DC835CDF5E57156A0FF508EBBC7F4A48E65D77E026C33FCB58E

C:\Windows\System32\a924587a92306c3c8d5ca9a6848a82b95f2b13a54b362dc91e4dcc56af933452.log hash: DA0ACEE8F60A460CFB5249E262D3D53211EBC4C777579E99C8202B761541110A

C:\Windows\System32\a924587a92306c3c8d5ca9a6848a82b95f2b13a54b362dc91e4dcc56af933452.log matched to Notepad.

C:\Windows\System32\b19edea72afb26329b7619fb5bbb2a4e1efa4a195fb14218345ec3b1d60186f3.log hash: AC9B4A57BE180E2BAB2CC2718D017FE9FC806927DA69B82B0BAA229C4065ECD2

C:\Windows\System32\b19edea72afb26329b7619fb5bbb2a4e1efa4a195fb14218345ec3b1d60186f3.log matched to MsConfig.

C:\Windows\System32\c8d953eb1c9b2111d2b09873f7d90411722136a16b1c8d0891656b6f622c8c7e.log hash: F6B6BFCA5F7483B3140735F7753CEFCF33265DB3B7113ED015B9A37299C7F90F

C:\Windows\System32\c8d953eb1c9b2111d2b09873f7d90411722136a16b1c8d0891656b6f622c8c7e.log matched to perfmon.

C:\Windows\System32\df7e01aee75e0643d86d53de024a85b0ef82f1cbea887133490040cc31f3eebc.log hash: 17DD017B7E7D1DC835CDF5E57156A0FF508EBBC7F4A48E65D77E026C33FCB58E

Unprotecting C:\Windows\regedit.exe. Coded file found. Running clean.

Unprotecting C:\Windows\System32\cmd.exe. Coded file found. Running clean.

Unprotecting C:\Windows\System32\eventvwr.exe. Coded file found. Running clean.

Unprotecting C:\Windows\System32\msconfig.exe. Coded file found. Running clean.

Unprotecting C:\Windows\System32\notepad.exe. Coded file found. Running clean.

Unprotecting C:\Windows\System32\perfmon.exe. Coded file found. Running clean.

Unprotecting C:\Windows\System32\syskey.exe. Coded file found. Running clean.

Answer 1 · 2017-07-21T20:03:48.000Z

Added missing hashes to definitions - trying again with the new definitions and a clean system.