Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019 Ran by Maria (18-03-2019 14:47:10) Run:1 Running from C:\Users\Maria\Desktop Loaded Profiles: Maria (Available Profiles: Maria) Boot Mode: Safe Mode (with Networking) ============================================== fixlist content: ***************** Start CloseProcesses: HKLM-x32\...\RunOnce: [] => [X] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx 2019-03-17 02:05 - 2019-03-17 02:05 - 006553600 _____ (Piriform Software Ltd) C:\Users\Maria\Downloads\1773609c-9566-4126-b67a-fe47d7c35767.tmp 2019-03-17 02:05 - 2019-03-17 02:05 - 004840600 _____ (Piriform Software Ltd) C:\Users\Maria\Downloads\369d6c02-6a19-4ce6-aabe-3a53aa28c15b.tmp 2019-03-17 02:03 - 2019-03-17 02:03 - 000015977 _____ C:\Users\Maria\Downloads\d97ba2de-55f3-4bdf-bcfd-d5001791a940.tmp 2019-03-17 00:57 - 2019-03-17 00:57 - 000004061 _____ C:\Users\Maria\Downloads\6d752fda-50cb-4046-bcbd-12fac009c92d.tmp 2019-03-16 23:33 - 2019-03-16 23:33 - 000008192 _____ C:\Users\Maria\Downloads\aecee07e-2e30-4233-9185-2486a3ad0853.tmp 2019-03-16 23:20 - 2019-03-16 23:20 - 000016085 _____ C:\Users\Maria\Downloads\71d988d7-a565-454b-ba05-4f621ee8255a.tmp 2019-03-16 23:19 - 2019-03-16 23:19 - 000026712 _____ C:\Users\Maria\Downloads\67047756-6c13-4945-bccd-577c3f889cd8.tmp 2019-03-16 23:19 - 2019-03-16 23:19 - 000016085 _____ C:\Users\Maria\Downloads\b0fcc6bb-a814-4e26-8661-bd4a0010193a.tmp 2019-03-13 19:09 - 2019-03-13 19:14 - 000000000 ____D C:\Users\Maria\Downloads\FnlHrzn PCSE00504 2019-03-13 14:13 - 2019-03-13 14:21 - 000000000 ____D C:\Users\Maria\Downloads\x5bGM x5dTR360 x5bEU x5d 2019-03-13 14:13 - 2019-03-13 14:21 - 000000000 ____D C:\Users\Maria\Downloads\x5bGM x5dNDRTL360 x5bUS x5d AlternateDataStreams: C:\Users\Maria\AppData\Local\Temp:$DATA? [16] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482] FirewallRules: [UDP Query User{B032E509-9142-42A1-8B18-0D0D7F47399D}F:\destiny 2\destiny2.exe] => (Allow) F:\destiny 2\destiny2.exe No File FirewallRules: [TCP Query User{C69D133A-19C8-4CAA-B73C-FF8AF5DAA4A3}F:\destiny 2\destiny2.exe] => (Allow) F:\destiny 2\destiny2.exe No File FirewallRules: [{0BD125D9-BC8D-49D2-A5D2-A667F07FB89F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File FirewallRules: [{58B09AEE-6932-4282-BBE9-8FDF6E56D75B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File FirewallRules: [TCP Query User{0405AA2C-4D87-4CAD-841F-BE9A22FAD4E5}C:\program files (x86)\subnautica - below zero\subnauticazero.exe] => (Allow) C:\program files (x86)\subnautica - below zero\subnauticazero.exe No File FirewallRules: [UDP Query User{B27572A1-A94C-4ED6-A04F-4FA00AE8A58F}C:\program files (x86)\subnautica - below zero\subnauticazero.exe] => (Allow) C:\program files (x86)\subnautica - below zero\subnauticazero.exe No File FirewallRules: [{5B67B909-01A8-4F85-B665-A50545A2598E}] => (Allow) C:\WINDOWS\TEMP\steam.vbe No File FirewallRules: [{02B5CB96-6288-48BC-8696-29C926BAE1AB}] => (Allow) C:\WINDOWS\TEMP\steam.vbe No File FirewallRules: [{F73497F7-650B-4EFE-8129-4447365FF238}] => (Allow) C:\WINDOWS\TEMP\nfrv575A.tmp\svchost.exe No File FirewallRules: [{13A8DC5B-CA53-49EF-9D07-0A0358110991}] => (Allow) C:\WINDOWS\TEMP\nfrv575A.tmp\svchost.exe No File FirewallRules: [{0F8848E8-9728-44BC-B3E8-C473AA601F9B}] => (Allow) C:\WINDOWS\TEMP\rlab142X.tmp\lsass.exe No File FirewallRules: [{40F20774-5F6C-4B94-A9B6-A6430584DADF}] => (Allow) C:\WINDOWS\TEMP\rlab142X.tmp\lsass.exe No File Tcpip\..\Interfaces\{63e53571-9e80-431d-98ec-62b43aae4a2f}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{63e53571-9e80-431d-98ec-62b43aae4a2f}: [DhcpNameServer] 200.109.78.12 200.44.32.12 192.168.1.1 Tcpip\..\Interfaces\{a4ebaea4-5d5a-4642-9b53-297ec1b67a86}: [DhcpNameServer] 192.168.43.1 CMD: ipconfig /flushdns CMD: ipconfig /renew CMD: bitsadmin /reset /allusers CMD: netsh winsock reset CMD: netsh advfirewall set allprofiles state ON CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset RemoveProxy: EmptyTemp: Hosts: END ***************** Processes closed successfully. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\" => not found HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully C:\Users\Maria\Downloads\1773609c-9566-4126-b67a-fe47d7c35767.tmp => moved successfully C:\Users\Maria\Downloads\369d6c02-6a19-4ce6-aabe-3a53aa28c15b.tmp => moved successfully C:\Users\Maria\Downloads\d97ba2de-55f3-4bdf-bcfd-d5001791a940.tmp => moved successfully C:\Users\Maria\Downloads\6d752fda-50cb-4046-bcbd-12fac009c92d.tmp => moved successfully C:\Users\Maria\Downloads\aecee07e-2e30-4233-9185-2486a3ad0853.tmp => moved successfully C:\Users\Maria\Downloads\71d988d7-a565-454b-ba05-4f621ee8255a.tmp => moved successfully C:\Users\Maria\Downloads\67047756-6c13-4945-bccd-577c3f889cd8.tmp => moved successfully C:\Users\Maria\Downloads\b0fcc6bb-a814-4e26-8661-bd4a0010193a.tmp => moved successfully C:\Users\Maria\Downloads\FnlHrzn PCSE00504 => moved successfully C:\Users\Maria\Downloads\x5bGM x5dTR360 x5bEU x5d => moved successfully C:\Users\Maria\Downloads\x5bGM x5dNDRTL360 x5bUS x5d => moved successfully C:\Users\Maria\AppData\Local\Temp => ":$DATA?" ADS could not remove. C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B032E509-9142-42A1-8B18-0D0D7F47399D}F:\destiny 2\destiny2.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C69D133A-19C8-4CAA-B73C-FF8AF5DAA4A3}F:\destiny 2\destiny2.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BD125D9-BC8D-49D2-A5D2-A667F07FB89F}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58B09AEE-6932-4282-BBE9-8FDF6E56D75B}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0405AA2C-4D87-4CAD-841F-BE9A22FAD4E5}C:\program files (x86)\subnautica - below zero\subnauticazero.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B27572A1-A94C-4ED6-A04F-4FA00AE8A58F}C:\program files (x86)\subnautica - below zero\subnauticazero.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B67B909-01A8-4F85-B665-A50545A2598E}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02B5CB96-6288-48BC-8696-29C926BAE1AB}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F73497F7-650B-4EFE-8129-4447365FF238}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13A8DC5B-CA53-49EF-9D07-0A0358110991}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F8848E8-9728-44BC-B3E8-C473AA601F9B}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{40F20774-5F6C-4B94-A9B6-A6430584DADF}" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{63e53571-9e80-431d-98ec-62b43aae4a2f}\\NameServer" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{63e53571-9e80-431d-98ec-62b43aae4a2f}\\DhcpNameServer" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a4ebaea4-5d5a-4642-9b53-297ec1b67a86}\\DhcpNameServer" => removed successfully ========= ipconfig /flushdns ========= Configuraci¢n IP de Windows Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS. ========= End of CMD: ========= ========= ipconfig /renew ========= Configuraci¢n IP de Windows Adaptador de Ethernet Ethernet: Sufijo DNS espec¡fico para la conexi¢n. . : cantv.net Direcci¢n IPv6 . . . . . . . . . . : fdfc:f4ec:658f:0:28cf:541e:36d6:c075 Direcci¢n IPv6 temporal. . . . . . : fdfc:f4ec:658f:0:e953:2a13:a443:b273 V¡nculo: direcci¢n IPv6 local. . . : fe80::28cf:541e:36d6:c075%7 Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.143 M scara de subred . . . . . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada . . . . . : 192.168.1.1 ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 BITS administration utility. (C) Copyright Microsoft Corp. Unable to connect to BITS - 0x8007043c ========= End of CMD: ========= ========= netsh winsock reset ========= El cat logo Winsock se restableci¢ correctamente. Debe reiniciar el equipo para completar el restablecimiento. ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Aceptar ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully "HKU\S-1-5-21-3971969143-4250845758-3799483950-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-21-3971969143-4250845758-3799483950-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30899589 B Java, Flash, Steam htmlcache => 133673 B Windows/system/drivers => 259703 B Edge => 2024772 B Chrome => 24118088 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 7600 B LocalService => 2732 B LocalService => 0 B NetworkService => 0 B NetworkService => 0 B Maria => 78802319 B RecycleBin => 0 B EmptyTemp: => 137.5 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 14:47:39 ====