Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2019 Ran by FloppY (01-09-2019 13:33:15) Run:1 Running from C:\Users\K541U\Desktop Loaded Profiles: FloppY (Available Profiles: FloppY) Boot Mode: Normal ============================================== fixlist content: ***************** Start CloseProcesses: CreateRestorePoint: HKU\S-1-5-21-857741356-1549155819-202260892-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP HKU\S-1-5-21-857741356-1549155819-202260892-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE SearchScopes: HKU\S-1-5-21-857741356-1549155819-202260892-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-857741356-1549155819-202260892-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File BHO-x32: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll => No File BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll No File Toolbar: HKLM-x32 - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll No File FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => not found FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => not found FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx 2019-08-31 13:27 - 2019-08-31 13:27 - 000004994 _____ C:\WINDOWS\system32\default_error_stack-000006-000000.txt 2019-08-31 02:37 - 2019-08-31 02:37 - 000004994 _____ C:\WINDOWS\system32\default_error_stack-000005-000000.txt 2019-08-31 02:06 - 2019-08-31 02:06 - 000004994 _____ C:\WINDOWS\system32\default_error_stack-000004-000000.txt 2019-08-31 01:35 - 2019-08-31 01:35 - 000004994 _____ C:\WINDOWS\system32\default_error_stack-000003-000000.txt 2019-08-31 01:05 - 2019-08-31 01:05 - 000004992 _____ C:\WINDOWS\system32\default_error_stack-000002-000000.txt 2019-08-31 00:34 - 2019-08-31 00:34 - 000004992 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt 2019-08-31 00:04 - 2019-08-31 00:04 - 000004992 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel(R) Software Development Products -> ) R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [205112 2019-05-15] (Intel(R) Software Development Products -> ) S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll -> No File ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:/Program Files/PDFCreator/PDFCreatorShell.DLL -> No File ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File 2017-11-18 14:00 - 2017-11-18 14:00 - 000113664 _____ (.NET Foundation) [File not signed] C:\WINDOWS\Temp\{66DCF541-EB2D-44AD-B49C-19CB3F737C1C}\.ba\mbahost.dll 2017-11-18 14:00 - 2017-11-18 14:00 - 000113664 _____ (.NET Foundation) [File not signed] C:\WINDOWS\Temp\{6D182001-F92B-4030-8853-40A6FAE4FB2F}\.ba\mbahost.dll CMD: ipconfig /flushdns CMD: ipconfig /renew CMD: bitsadmin /reset /allusers CMD: netsh winsock reset CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset RemoveProxy: EmptyTemp: Hosts: END ***************** Processes closed successfully. Restore point was successfully created. HKU\S-1-5-21-857741356-1549155819-202260892-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKU\S-1-5-21-857741356-1549155819-202260892-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully "HKU\S-1-5-21-857741356-1549155819-202260892-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully HKU\S-1-5-21-857741356-1549155819-202260892-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully HKLM\Software\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => not found HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} => removed successfully HKLM\Software\Wow6432Node\Classes\CLSID\{2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} => removed successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully HKLM\Software\Wow6432Node\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => not found "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{61E612A7-2382-4570-8D3F-42BC136DDAD7}" => removed successfully HKLM\Software\Classes\CLSID\{61E612A7-2382-4570-8D3F-42BC136DDAD7} => removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{61E612A7-2382-4570-8D3F-42BC136DDAD7}" => removed successfully HKLM\Software\Wow6432Node\Classes\CLSID\{61E612A7-2382-4570-8D3F-42BC136DDAD7} => removed successfully "HKLM\Software\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}" => removed successfully "HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}" => removed successfully "HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully "HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found "C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found "HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found "C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully C:\WINDOWS\system32\default_error_stack-000006-000000.txt => moved successfully C:\WINDOWS\system32\default_error_stack-000005-000000.txt => moved successfully C:\WINDOWS\system32\default_error_stack-000004-000000.txt => moved successfully C:\WINDOWS\system32\default_error_stack-000003-000000.txt => moved successfully C:\WINDOWS\system32\default_error_stack-000002-000000.txt => moved successfully C:\WINDOWS\system32\default_error_stack-000001-000000.txt => moved successfully C:\WINDOWS\system32\default_error_stack-000000-000000.txt => moved successfully HKLM\System\CurrentControlSet\Services\USER_ESRV_SVC_QUEENCREEK => removed successfully USER_ESRV_SVC_QUEENCREEK => service removed successfully HKLM\System\CurrentControlSet\Services\SystemUsageReportSvc_QUEENCREEK => removed successfully SystemUsageReportSvc_QUEENCREEK => service removed successfully HKLM\System\CurrentControlSet\Services\Intel(R) SUR QC SAM => removed successfully Intel(R) SUR QC SAM => service removed successfully HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully "HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFArchitect7_ManagerExt => removed successfully HKLM\Software\Classes\CLSID\{21989F59-B260-4302-90C3-E51740E03639} => removed successfully HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu => removed successfully HKLM\Software\Classes\CLSID\{d9cea52e-100d-4159-89ea-76e845bc13e1} => removed successfully HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found "C:\WINDOWS\Temp\{66DCF541-EB2D-44AD-B49C-19CB3F737C1C}\.ba\mbahost.dll" => not found "C:\WINDOWS\Temp\{6D182001-F92B-4030-8853-40A6FAE4FB2F}\.ba\mbahost.dll" => not found ========= ipconfig /flushdns ========= Configuraci¢n IP de Windows Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS. ========= End of CMD: ========= ========= ipconfig /renew ========= Configuraci¢n IP de Windows No se puede realizar ninguna operaci¢n en Ethernet mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 4 mientras los medios est‚n desconectados. Adaptador de Ethernet Ethernet: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Conexi¢n de  rea local* 2: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Conexi¢n de  rea local* 4: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Wi-Fi: Sufijo DNS espec¡fico para la conexi¢n. . : home V¡nculo: direcci¢n IPv6 local. . . : fe80::e407:14fa:36f3:b98e%10 Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.104 M scara de subred . . . . . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada . . . . . : 192.168.1.1 ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 BITS administration utility. (C) Copyright Microsoft Corp. Unable to cancel {A7630CFE-28B6-4FAB-80EF-4D187E94AB35}. {3632CA9C-40B2-4C53-B44E-C2714F9A6894} canceled. 1 out of 2 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset ========= El cat logo Winsock se restableci¢ correctamente. Debe reiniciar el equipo para completar el restablecimiento. ========= End of CMD: ========= ========= netsh advfirewall reset ========= Aceptar ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Aceptar ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully "HKU\S-1-5-21-857741356-1549155819-202260892-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-21-857741356-1549155819-202260892-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 7626752 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9503927 B Java, Flash, Steam htmlcache => 524 B Windows/system/drivers => 8846404 B Edge => 56346 B Chrome => 15352809 B Firefox => 0 B Opera => 10377922 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 4514 B LocalService => 0 B NetworkService => 0 B NetworkService => 0 B K541U => 7268887 B RecycleBin => 0 B EmptyTemp: => 56.3 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 13:35:30 ====