Fix result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019 Ran by Ruben & Caro (14-11-2019 20:31:05) Run:1 Running from C:\Users\ruben\Desktop Loaded Profiles: Ruben & Caro (Available Profiles: Ruben & Caro) Boot Mode: Normal ============================================== fixlist content: ***************** Start CloseProcesses: CreateRestorePoint: IFEO\LogTransport2.exe: [Debugger] 0 FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION U3 AdobeUpdateService; no ImagePath U3 SwitchBoard; no ImagePath 2019-11-11 14:55 - 2019-10-21 14:51 - 000002930 _____ C:\WINDOWS\e.bat 2019-11-10 23:05 - 2019-11-10 23:05 - 000000000 ____D C:\ProgramData\Driver-Soft 2019-11-10 23:00 - 2019-11-10 23:00 - 000000000 ____D C:\Program Files (x86)\Driver-Soft 2019-11-10 22:55 - 2019-11-10 22:55 - 000000000 ____D C:\ProgramData\DriverSetupUtility 2019-11-10 22:37 - 2019-11-10 22:37 - 000000000 ____D C:\WINDOWS\Wget 2019-11-10 22:37 - 2019-11-10 22:37 - 000000000 ____D C:\WINDOWS\curl 2019-11-10 22:37 - 2019-09-07 03:46 - 000013413 _____ C:\WINDOWS\c.bat 2019-11-10 22:37 - 2019-08-09 09:30 - 000000001 _____ C:\WINDOWS\y.txt 2019-11-10 22:37 - 2019-08-09 08:29 - 000000536 _____ C:\WINDOWS\ct.reg 2019-11-10 22:37 - 2019-08-09 08:29 - 000000529 _____ C:\WINDOWS\at.reg 2019-11-10 22:37 - 2019-08-09 08:29 - 000000290 _____ C:\WINDOWS\d.reg 2019-11-10 22:37 - 2019-08-09 08:28 - 000001104 _____ C:\WINDOWS\usw.reg 2019-11-10 22:37 - 2019-08-09 08:28 - 000000530 _____ C:\WINDOWS\et.reg 2019-11-10 22:37 - 2019-08-09 08:28 - 000000529 _____ C:\WINDOWS\mt.reg 2019-11-10 22:37 - 2019-08-09 08:28 - 000000302 _____ C:\WINDOWS\mgr_n.reg 2019-11-10 22:37 - 2019-08-09 08:28 - 000000302 _____ C:\WINDOWS\mgr_f.reg 2019-11-10 22:37 - 2019-08-09 08:28 - 000000290 _____ C:\WINDOWS\e.reg 2019-11-10 22:36 - 2019-08-12 17:35 - 037476794 _____ (AVG Netherlands B.V; ) C:\Users\ruben\Downloads\AVG_Driver_Updater_2.5.7.exe 2019-11-10 22:40 - 2019-11-10 22:40 - 000000000 ____D C:\Users\ruben\AppData\Local\AVG Netherlands BV 2019-11-09 23:44 - 2019-11-09 23:44 - 000000044 _____ C:\Users\ruben\Documents\pooshock.ru.url FirewallRules: [{90A7ED49-9FEA-479D-8457-CFC5CFF8304B}] => (Block) %ProgramFiles% (x86)\AVG\AVG TuneUp\TuneupUI.exe No File FirewallRules: [{11391CEA-3BC9-42E4-9AC0-3513F7C6BEFE}] => (Block) %ProgramFiles% (x86)\AVG\AVG TuneUp\TuneupUI.exe No File Folder: C:\69DAB65569F7 CMD: ipconfig /flushdns CMD: ipconfig /renew CMD: bitsadmin /reset /allusers CMD: netsh winsock reset CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset RemoveProxy: EmptyTemp: Hosts: END ***************** Processes closed successfully. Restore point was successfully created. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\LogTransport2.exe => removed successfully HKLM\SOFTWARE\Policies\Mozilla => removed successfully HKLM\System\CurrentControlSet\Services\AdobeUpdateService => removed successfully AdobeUpdateService => service removed successfully HKLM\System\CurrentControlSet\Services\SwitchBoard => removed successfully SwitchBoard => service removed successfully C:\WINDOWS\e.bat => moved successfully C:\ProgramData\Driver-Soft => moved successfully C:\Program Files (x86)\Driver-Soft => moved successfully C:\ProgramData\DriverSetupUtility => moved successfully C:\WINDOWS\Wget => moved successfully C:\WINDOWS\curl => moved successfully C:\WINDOWS\c.bat => moved successfully C:\WINDOWS\y.txt => moved successfully C:\WINDOWS\ct.reg => moved successfully C:\WINDOWS\at.reg => moved successfully C:\WINDOWS\d.reg => moved successfully C:\WINDOWS\usw.reg => moved successfully C:\WINDOWS\et.reg => moved successfully C:\WINDOWS\mt.reg => moved successfully C:\WINDOWS\mgr_n.reg => moved successfully C:\WINDOWS\mgr_f.reg => moved successfully C:\WINDOWS\e.reg => moved successfully C:\Users\ruben\Downloads\AVG_Driver_Updater_2.5.7.exe => moved successfully C:\Users\ruben\AppData\Local\AVG Netherlands BV => moved successfully C:\Users\ruben\Documents\pooshock.ru.url => moved successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90A7ED49-9FEA-479D-8457-CFC5CFF8304B}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11391CEA-3BC9-42E4-9AC0-3513F7C6BEFE}" => removed successfully ========================= Folder: C:\69DAB65569F7 ======================== C:\69DAB65569F7 => File ====== End of Folder: ====== ========= ipconfig /flushdns ========= Configuraci¢n IP de Windows Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS. ========= End of CMD: ========= ========= ipconfig /renew ========= Configuraci¢n IP de Windows No se puede realizar ninguna operaci¢n en Ethernet mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios est‚n desconectados. Adaptador de Ethernet Ethernet: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Conexi¢n de  rea local* 3: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Wi-Fi: Sufijo DNS espec¡fico para la conexi¢n. . : V¡nculo: direcci¢n IPv6 local. . . : fe80::90c1:96c3:6881:dfbe%4 Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.66 M scara de subred . . . . . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada . . . . . : 192.168.1.254 ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 BITS administration utility. (C) Copyright Microsoft Corp. {972FB57D-5CEB-4F6C-87DC-C51581AC6D90} canceled. {31DDDD5D-F088-4092-BCB4-D211E851B013} canceled. {E60B52E4-3292-45AD-B6CD-C2831896E691} canceled. {885DC9D7-51FC-46A6-BD07-51B9781A5867} canceled. {72E3B719-0FF7-4804-8ADC-0CB98229B1CC} canceled. {8396FF51-7854-4EF8-94B5-EA57162B324B} canceled. {3780E0EB-EE41-4790-9052-2CA24183F244} canceled. {5581701F-CE9C-4040-A374-EF4A5F9AC309} canceled. {343D3AE8-B147-4B62-B42A-8FD6C25BF53E} canceled. {F51EF723-5184-47D2-B7A5-22204D2359F2} canceled. {AF747238-F27E-47B9-8A27-5BAECE1E4F77} canceled. {6DFF3E02-F81D-4378-8BD1-E32F67F208CA} canceled. {6414016D-8293-4C7F-8CA3-E7AED84577F9} canceled. {D91A7718-5AA7-491C-90CE-67FBA4D37824} canceled. Unable to cancel {BC624D0E-05B5-4A5C-8283-57E31A780298}. 14 out of 15 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset ========= El cat logo Winsock se restableci¢ correctamente. Debe reiniciar el equipo para completar el restablecimiento. ========= End of CMD: ========= ========= netsh advfirewall reset ========= Aceptar ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Aceptar ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully "HKU\S-1-5-21-1946612253-113084978-2655978932-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-21-1946612253-113084978-2655978932-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 7626752 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13794847 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 383227 B Edge => 97293 B Chrome => 56026059 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 3794 B NetworkService => 3794 B ruben => 233518673 B RecycleBin => 0 B EmptyTemp: => 297 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 20:31:31 ====