Fix result of Farbar Recovery Scan Tool (x64) Version: 08-11-2019 Ran by Propietario (09-11-2019 09:41:36) Run:1 Running from C:\Users\Propietario\Desktop Loaded Profiles: Propietario (Available Profiles: Propietario) Boot Mode: Normal ============================================== fixlist content: ***************** Start CloseProcesses: CreateRestorePoint: HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui C:\Program Files\AVAST Software GroupPolicy\User: Restriction ? <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {4C26C162-F5FB-4C74-BA00-76E7B2775E63} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe SearchScopes: HKU\S-1-5-21-46111833-480644225-1942068361-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKU\S-1-5-21-46111833-480644225-1942068361-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://es.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87bjvfsrk09bdfhjl4as004319¶m1=y6bdVFVIsvuYsgEClQfz8FmuoEp5cNMnLyaa9CuXFcrNF7DbaCtOneqrDn913uLLr7guEjOKlm9g%2FQrwAHb4wDesWS8nJeYe8J55oyTjT8eSdwmqWeDjPwhoclXzMKVyD%2BUaPn8tcphLSvVZpStC2roLMUpoSIQvZoqFM8nVr3IaxxG%2BQOxHpl6sVx4oUcCmZf%2B3204n2yaWh%2B3TgWqUL7s5iGdSTBJ98jAXVOAuUWT%2Fjq05Ge4mpeaV5G4twUg5ckCi32cIi8dgNCCsu4q9ShARlzxC3%2BdQTRZaqYpdDDGYBDhBtaBPfhrMZRiidr%2BXNOYrr07Nf8loxT3Hmw4L8l1ZuWDmuj1mEbWROpK1O2nw5clzCfY45UCqW9IffXiwzBXN%2Bg%2FeuDduywZUTrcR7A%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-46111833-480644225-1942068361-1000 -> {0A33EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-06] (Google Inc -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) CHR HomePage: Default -> hxxps://es.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87bjvfsrk09bdfhjl4as004319¶m1=y6bdVFVIsvuYsgEClQfz8FmuoEp5cNMnLyaa9CuXFcrNF7DbaCtOneqrDn913uLLr7guEjOKlm9g%2FQrwAHb4wGhF4pomuaDUEjloxyc9Otuy7VrEwzU15hC3bzSKYIQuArNct%2B3QHqRVpO%2FzYovpd4fjRZIRYYYL4nCA4wNUOOegVz8zqIA6Gc8rB8JAlsm94LkW9lg%2FGx19AiwHKO2cnrfitgKwZi4Bl6S3DnI42v3XeTGNdC0QyBmeWeiSnkTIfsP%2F1vgDXKo%2BztfnRZtwFr%2F%2BS0CKXn4PqPWIWKkqkQYxCxmoqJVfEOBlqRcvqYFVLUO5m3yfnGupFS0Wtanr6ylcf%2BPBt2qfmPQ7bdVjy9ohS4erBmJEFYQ6caxbjGOMSK1hWlR4%2FHqAG%2BS5bm4%2FGg%3D%3D CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87bjvfsrk09bdfhjl4as004319¶m1=y6bdVFVIsvuYsgEClQfz8FmuoEp5cNMnLyaa9CuXFcrNF7DbaCtOneqrDn913uLLr7guEjOKlm9g%2FQrwAHb4wGP5q83pjXDESI1qDlfEJynztAVtwO55tLoCusY6%2Fd%2FEP5B33x6DnxhEUIjH7BbPeUbXYIHM1rpAJs%2BU%2BbGTi0BrqD0MjaOfcApt3bYZKpPerxDrPsr0Tnq%2F5XPMqR0prp9VDf4FDrhrR7rrRXs6XQnZcZCY3dILV1H2A3xSPvr6wEfoEfRIXuyeKGTwhZLURn5GiAvMPcYATH5VtuseqUIcG%2Fvn50agsUcayi5HHXgyAAHjmaUa2u%2FVLTPJCjXHcWLanIMa065K2c3u9mg9pfQd3WjFllR0CGtDx16WUUY3CGW1sEl0%2F%2BxVj8jGM1f8Rg%3D%3D&p={searchTerms} CHR DefaultSearchKeyword: Default -> search.yahoo.com CHR DefaultNewTabURL: Default -> hxxps://es.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87bjvfsrk09bdfhjl4as004319¶m1=y6bdVFVIsvuYsgEClQfz8FmuoEp5cNMnLyaa9CuXFcrNF7DbaCtOneqrDn913uLLr7guEjOKlm9g%2FQrwAHb4wDstfzOznhtU6QbZcOAeL%2FHBsc8fB6v1NDkzgqRwbfaja1%2FArdCiKaDKe4BHcFRjpEMX%2BlMRenNbdVXm5Yw2A2PP7nQ1aC4fUDqhaupfoWl4fwEwkIAdtiLTh9Ka3eEm8%2Bg0%2F2JFoXzi58PDE76CXAKFr70VGxrtGZsVfM3HBauyJuSl98LKaVO62m0WHQuERZVzXqu4WHEOIyoW7oC28KzzeoEzBdgsc35AWy1R6xiM7YcVYRBOnUXicgd9zw%2BYawV%2BetU2EGn3ZCndSDL%2B26wkFRKG8bWshclbWgo9lSm8pC8wqbiv2DHlaSULrXKMFA%3D%3D CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms} CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx 2019-11-08 11:12 - 2019-11-08 12:02 - 000000000 ____D C:\Program Files (x86)\Segurazo 2019-10-23 16:34 - 2019-10-24 08:34 - 000000000 ____D C:\Users\Propietario\AppData\Local\Avg 2019-11-08 11:44 - 2019-01-25 12:02 - 000000000 ____D C:\Program Files\Common Files\AVAST Software ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File HKU\S-1-5-21-46111833-480644225-1942068361-1000\...\Run: [Chromium] => c:\users\propietario\appdata\local\chromium\application\chrome.exe [4195328 2017-10-07] (The Chromium Authors) [File not signed] c:\users\propietario\appdata\local\chromium 2019-11-08 11:13 - 2019-11-08 11:29 - 000000000 ____D C:\Users\Propietario\AppData\Local\chromium 2019-11-08 11:13 - 2019-11-08 11:29 - 000000000 ____D C:\Program Files (x86)\Chromium HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION CMD: ipconfig /flushdns CMD: ipconfig /renew CMD: bitsadmin /reset /allusers CMD: netsh winsock reset CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset RemoveProxy: EmptyTemp: Hosts: END ***************** Processes closed successfully. Restore point was successfully created. "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AvastUI.exe" => removed successfully "C:\Program Files\AVAST Software" => not found C:\WINDOWS\system32\GroupPolicy\User => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully HKLM\SOFTWARE\Policies\Mozilla => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C26C162-F5FB-4C74-BA00-76E7B2775E63}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C26C162-F5FB-4C74-BA00-76E7B2775E63}" => removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" => removed successfully C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully "HKU\S-1-5-21-46111833-480644225-1942068361-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully HKU\S-1-5-21-46111833-480644225-1942068361-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully HKU\S-1-5-21-46111833-480644225-1942068361-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0A33EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully "HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-06] (Google Inc" => not found C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll => moved successfully "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found "C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found "C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found "C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found "Chrome HomePage" => removed successfully "Chrome DefaultSearchURL" => removed successfully "Chrome DefaultSearchKeyword" => removed successfully "Chrome DefaultNewTabURL" => removed successfully "Chrome DefaultSuggestURL" => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn => removed successfully C:\Program Files (x86)\Segurazo => moved successfully C:\Users\Propietario\AppData\Local\Avg => moved successfully C:\Program Files\Common Files\AVAST Software => moved successfully HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully "HKU\S-1-5-21-46111833-480644225-1942068361-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Chromium" => removed successfully c:\users\propietario\appdata\local\chromium => moved successfully "C:\Users\Propietario\AppData\Local\chromium" => not found C:\Program Files (x86)\Chromium => moved successfully HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully ========= ipconfig /flushdns ========= Configuraci¢n IP de Windows Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS. ========= End of CMD: ========= ========= ipconfig /renew ========= Configuraci¢n IP de Windows No se puede realizar ninguna operaci¢n en Ethernet mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios est‚n desconectados. Adaptador de Ethernet Ethernet: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Conexi¢n de  rea local* 3: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Wi-Fi: Sufijo DNS espec¡fico para la conexi¢n. . : V¡nculo: direcci¢n IPv6 local. . . : fe80::8154:aa5d:2889:f5%13 Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.22 M scara de subred . . . . . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada . . . . . : 192.168.0.1 ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 BITS administration utility. (C) Copyright Microsoft Corp. {C9200775-6B01-41CF-9C22-A0DE287672E0} canceled. 1 out of 1 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset ========= El cat logo Winsock se restableci¢ correctamente. Debe reiniciar el equipo para completar el restablecimiento. ========= End of CMD: ========= ========= netsh advfirewall reset ========= Aceptar ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Aceptar ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully "HKU\S-1-5-21-46111833-480644225-1942068361-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-21-46111833-480644225-1942068361-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31227492 B Java, Flash, Steam htmlcache => 1124 B Windows/system/drivers => 1084668 B Edge => 4103309 B Chrome => 2264334 B Firefox => 0 B Opera => 140016 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 9610 B NetworkService => 9610 B Propietario => 13859189 B RecycleBin => 0 B EmptyTemp: => 60.3 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 09:42:14 ====