Fix result of Farbar Recovery Scan Tool (x86) Version: 14-08-2019 Ran by Guillermo (18-08-2019 19:32:24) Run:1 Running from C:\Users\Guillermo\Desktop Loaded Profiles: Guillermo & (Available Profiles: Guillermo) Boot Mode: Normal ============================================== fixlist content: ***************** Start CloseProcesses: CreateRestorePoint: HKLM\...\Run: [] => [X] HKU\S-1-5-21-2344977295-613302307-1633760338-1001\...\Run: [flaterem] => C:\streamer\streamer.exe [862216 2017-12-05] (Alfredo Anibal Santos Silva -> Carifred) HKU\S-1-5-21-2344977295-613302307-1633760338-1001\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript "C:\streamer\stream.txt" & exit C:\streamer HKU\S-1-5-21-2344977295-613302307-1633760338-1001\...\Run: [AntiShortCutUpdate] => C:\AntiShortCut\AntiUsb.exe [934400 2014-06-01] (AutoIt Team) [File not signed] HKU\S-1-5-21-2344977295-613302307-1633760338-1001\...\Run: [AntiUsbShortCut] => C:\Windows\system32\cmd.exe /c start C:\AntiShortCut\AntiUsb.exe "C:\AntiShortCut\AntiUsbShortCut.zip" & exit C:\AntiShortCut GroupPolicy: Restriction ? <==== ATTENTION Task: {2D42EACB-6850-43E7-8CDA-356540A03E8B} - System32\Tasks\{075FD58A-3D7F-4C0D-9C2D-487F536B3912} => C:\Windows\system32\pcalua.exe -a "D:\Papa Guillermo\Instaladores\Utilitarios\Ahead Nero 9.0.9.4b\Nero 9.0.9.4b\Setup\setupx.exe" -d "D:\Papa Guillermo\Instaladores\Utilitarios\Ahead Nero 9.0.9.4b\Nero 9.0.9.4b\Setup" CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-10-01] 2019-07-26 00:41 - 2019-07-26 00:41 - 000000000 ____D C:\c2b64df36f01fe1b30d701 2019-07-25 22:06 - 2019-07-25 22:06 - 000000000 ____D C:\0733020e23ae4bfed1b3d6fe997a39dc 2019-07-25 19:01 - 2019-07-25 19:01 - 000000000 ____D C:\e1802b60d5e062052e0d 2019-07-24 18:01 - 2019-07-24 18:01 - 000000000 ____H C:\ProgramData\DP45977C.lfl AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152] CMD: ipconfig /flushdns CMD: ipconfig /renew CMD: bitsadmin /reset /allusers CMD: netsh winsock reset CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset RemoveProxy: EmptyTemp: Hosts: END ***************** Processes closed successfully. Restore point was successfully created. "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully. "HKU\S-1-5-21-2344977295-613302307-1633760338-1001\Software\Microsoft\Windows\CurrentVersion\Run\\flaterem" => removed successfully. "HKU\S-1-5-21-2344977295-613302307-1633760338-1001\Software\Microsoft\Windows\CurrentVersion\Run\\strdat" => removed successfully. C:\streamer => moved successfully "HKU\S-1-5-21-2344977295-613302307-1633760338-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AntiShortCutUpdate" => removed successfully. "HKU\S-1-5-21-2344977295-613302307-1633760338-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AntiUsbShortCut" => removed successfully. C:\AntiShortCut => moved successfully C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D42EACB-6850-43E7-8CDA-356540A03E8B}" => removed successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D42EACB-6850-43E7-8CDA-356540A03E8B}" => removed successfully. C:\Windows\System32\Tasks\{075FD58A-3D7F-4C0D-9C2D-487F536B3912} => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{075FD58A-3D7F-4C0D-9C2D-487F536B3912}" => removed successfully. HKLM\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully. C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx => moved successfully "C:\c2b64df36f01fe1b30d701" => not found "C:\0733020e23ae4bfed1b3d6fe997a39dc" => not found "C:\e1802b60d5e062052e0d" => not found C:\ProgramData\DP45977C.lfl => moved successfully C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully. ========= ipconfig /flushdns ========= Configuraci¢n IP de Windows Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS. ========= End of CMD: ========= ========= ipconfig /renew ========= Configuraci¢n IP de Windows No se puede realizar ninguna operaci¢n en Ethernet mientras los medios est‚n desconectados. Adaptador de Ethernet Conexi¢n de  rea local 2: Sufijo DNS espec¡fico para la conexi¢n. . : V¡nculo: direcci¢n IPv6 local. . . : fe80::a046:9f27:7523:7329%5 Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.42.44 M scara de subred . . . . . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada . . . . . : 192.168.42.129 Adaptador de Ethernet Ethernet: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de t£nel isatap.{4E8F727E-175B-410D-BA10-3D3B2B422B58}: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.7.9600 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {BD2357FB-0327-4AF6-9C3B-0320D7E4D10A}. Unable to cancel {88164EF6-EF9E-4AEE-91BB-8151686A776C}. Unable to cancel {E1990493-D325-4FF7-8D48-C6990F915A99}. Unable to cancel {46B3E51F-216E-4B42-B8C7-82B65C728956}. Unable to cancel {D391368A-80BF-4C3B-B542-2B74873CFC70}. Unable to cancel {FFB87AD6-DCF4-4B32-8CE7-A7F06FCE898D}. Unable to cancel {F5B459E4-ADE9-4157-B400-B2A13E420F39}. Unable to cancel {C3BF6289-9F6B-415B-B967-06B64DE88D88}. Unable to cancel {8EABE3E5-7E9F-4EF8-9D16-D6E26B6B8DB6}. Unable to cancel {5D3F0C50-57A8-498E-AADC-D1E96DBCD6E0}. Unable to cancel {7B136550-DB11-4090-92EE-862D82F2F880}. Unable to cancel {4A79E38F-2176-4817-8AF5-005F900C47B4}. Unable to cancel {B9BB29D1-9B91-456E-96E2-C7FB822D07C2}. Unable to cancel {774CAA51-30DF-4FA3-BADB-179C381B183A}. Unable to cancel {502AB678-96F3-459E-A4B4-61AD18EB037E}. {62CC7648-0EE2-46AC-A6AB-2F82F485763D} canceled. Unable to cancel {A1AF8934-DE12-4E5B-8C7B-9AE95AEDCD20}. Unable to cancel {F8347758-5FC7-4089-BE57-F91A2DEC43E4}. Unable to cancel {C2F75DB8-4E6D-4D14-A78A-3379C429FCA7}. Unable to cancel {BABAB3C8-A145-406C-85A1-C7A726D635C5}. Unable to cancel {D0E383CD-9DB0-406D-9535-69C9F8AFFF95}. {64EE86E6-20C9-43DC-9143-E9F848ED3CBD} canceled. Unable to cancel {FAB0FF80-6644-4CD6-B153-F0982C644F2E}. Unable to cancel {EF220E9D-91F5-4A8F-A1B1-0DB4451FF04B}. Unable to cancel {B47897EB-43EF-468C-A24E-D1F14270BBAC}. 2 out of 25 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset ========= El cat logo Winsock se restableci¢ correctamente. Debe reiniciar el equipo para completar el restablecimiento. ========= End of CMD: ========= ========= netsh advfirewall reset ========= Aceptar ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Aceptar ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Error al restablecer . Acceso denegado. No hay valores configurados por el usuario para restablecer. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Interfaz se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= ========= RemoveProxy: ========= HKU\S-1-5-21-2344977295-613302307-1633760338-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully. HKU\S-1-5-21-2344977295-613302307-1633760338-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08182019003646285\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully. "HKU\S-1-5-21-2344977295-613302307-1633760338-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully. "HKU\S-1-5-21-2344977295-613302307-1633760338-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully. "HKU\S-1-5-21-2344977295-613302307-1633760338-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08182019003646285\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully. "HKU\S-1-5-21-2344977295-613302307-1633760338-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08182019003646285\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully. ========= End of RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 78465605 B Java, Flash, Steam htmlcache => 492 B Windows/system/drivers => 1530513 B Edge => 0 B Chrome => 123887780 B Firefox => 18517970 B Opera => 135693061 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B LocalService => 28086 B NetworkService => 0 B Guillermo => 7910325 B RecycleBin => 197958447 B EmptyTemp: => 545.9 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 19:33:41 ====