Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019
Ran by Usuario (07-03-2019 13:48:11) Run:1
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: defaultuser0 & Usuario)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
Start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-3087908810-4033223051-3795370541-1001 -> {FA921BD0-C5C5-4817-B2BF-61F193DBBA27} URL = hxxps://es.search.yahoo.com/search?p={searchTerms}&intl=es&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
FF Extension: (Avira Browser Safety) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\26q5xf5t.default-1527453028335\Extensions\abs@avira.com [2019-03-06] [hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF Extension: (Avira Navegaci�n segura) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\26q5xf5t.default-1527453028335\Extensions\abs@avira.com.xpi [2019-02-18] [UpdateUrl:hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF Extension: (Avira Password Manager) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\26q5xf5t.default-1527453028335\Extensions\passwordmanager@avira.com [2018-08-24] [hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
S2 AntivirProtectedService; "C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe" [X]
2019-03-06 11:53 - 2019-03-06 11:24 - 011514112 _____ (SurfRight B.V.) C:\Users\Usuario\AppData\Local\Temp\HitmanPro.exe
2019-02-25 20:48 - 2019-02-20 12:27 - 000641520 ____N (NVIDIA Corporation) C:\Users\Usuario\AppData\Local\Temp\nvSCPAPI.dll
2019-02-25 20:48 - 2019-02-20 12:27 - 000731120 ____N (NVIDIA Corporation) C:\Users\Usuario\AppData\Local\Temp\nvSCPAPI64.dll
2019-03-06 13:25 - 2019-02-20 12:27 - 000399344 _____ (NVIDIA Corporation) C:\Users\Usuario\AppData\Local\Temp\nvStInst.exe
Task: {95DC2032-9680-408F-A287-0B4B76528FF9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {969EA71D-870D-4A83-AB0E-5FDE895B1FBF} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
MSCONFIG\Services: Avira.ServiceHost => 2
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
FirewallRules: [{313158C8-B149-4E95-BF8C-EFDB1C9E2AB9}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
C:\Program Files (x86)\Avira
FirewallRules: [{F7FF8EED-1856-44D5-8455-4BC678626CD6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [{46BCB63F-1857-47F0-B8BB-E219DCE8A524}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
Task: {7F645ADB-2B53-443E-8C16-92D19390ECB8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe 
Task: {68CD3C77-0166-43CD-B2B3-5746815A1C3F} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
C:\Program Files\AVG



CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
HKU\S-1-5-21-3087908810-4033223051-3795370541-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FA921BD0-C5C5-4817-B2BF-61F193DBBA27} => removed successfully
HKLM\Software\Classes\CLSID\{FA921BD0-C5C5-4817-B2BF-61F193DBBA27} => not found
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\26q5xf5t.default-1527453028335\Extensions\abs@avira.com => moved successfully
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\26q5xf5t.default-1527453028335\Extensions\abs@avira.com.xpi => moved successfully
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\26q5xf5t.default-1527453028335\Extensions\passwordmanager@avira.com => moved successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\caljgklbbfbcjjanaijlacgncafpegll => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\caljgklbbfbcjjanaijlacgncafpegll => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp => removed successfully
HKLM\System\CurrentControlSet\Services\AntivirProtectedService => removed successfully
AntivirProtectedService => service removed successfully
C:\Users\Usuario\AppData\Local\Temp\HitmanPro.exe => moved successfully
C:\Users\Usuario\AppData\Local\Temp\nvSCPAPI.dll => moved successfully
C:\Users\Usuario\AppData\Local\Temp\nvSCPAPI64.dll => moved successfully
C:\Users\Usuario\AppData\Local\Temp\nvStInst.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95DC2032-9680-408F-A287-0B4B76528FF9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95DC2032-9680-408F-A287-0B4B76528FF9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{969EA71D-870D-4A83-AB0E-5FDE895B1FBF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{969EA71D-870D-4A83-AB0E-5FDE895B1FBF}" => removed successfully
C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira_Antivirus_Systray" => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Avira.ServiceHost => removed successfully
HKLM\System\CurrentControlSet\Services\Avira.ServiceHost => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Avira SystrayStartTrigger" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Avira SystrayStartTrigger" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{313158C8-B149-4E95-BF8C-EFDB1C9E2AB9}" => removed successfully
"C:\Program Files (x86)\Avira" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7FF8EED-1856-44D5-8455-4BC678626CD6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{46BCB63F-1857-47F0-B8BB-E219DCE8A524}" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7F645ADB-2B53-443E-8C16-92D19390ECB8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F645ADB-2B53-443E-8C16-92D19390ECB8}" => removed successfully
C:\WINDOWS\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{68CD3C77-0166-43CD-B2B3-5746815A1C3F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68CD3C77-0166-43CD-B2B3-5746815A1C3F}" => removed successfully
C:\WINDOWS\System32\Tasks\Antivirus Emergency Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Antivirus Emergency Update" => removed successfully
"C:\Program Files\AVG" => not found

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores


========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3087908810-4033223051-3795370541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3087908810-4033223051-3795370541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 232033417 B
Java, Flash, Steam htmlcache => 383540212 B
Windows/system/drivers => 102433 B
Edge => 2879983 B
Chrome => 443732418 B
Firefox => 20905762 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1768 B
LocalService => 0 B
NetworkService => 6908 B
NetworkService => 0 B
defaultuser0 => 0 B
Usuario => 186407681 B

RecycleBin => 53707148 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:48:39 ====