Fix result of Farbar Recovery Scan Tool (x64) Version: 23-11-2019 Ran by NEU (23-11-2019 20:12:10) Run:1 Running from C:\Users\NEU\Desktop Loaded Profiles: NEU (Available Profiles: NEU & Administrador) Boot Mode: Safe Mode (with Networking) ============================================== fixlist content: ***************** START CREATERESTOREPOINT: CLOSEPROCESSES: HKLM-x32\...\Run: [SPUpDateServerrun] => C:\Program Files (x86)\hicloud\update_server\startUp.exe [17368 2019-07-05] (EZVIZ Inc. -> ) HKU\S-1-5-21-2252380669-208864170-4196355365-1001\...\Policies\Explorer: [NoSecurityTab] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2019-04-06] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) ShortcutTarget: Start Pervasive PSQL Workgroup Engine.lnk -> C:\Windows\Installer\{0A3238D7-AB32-4E15-B717-F3E3F18B4A8C}\WGE1.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe () [File not signed] FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {5ED2D867-A033-4AAB-BC9D-EE22DB3A2BA2} - \KMSAutoNet -> No File <==== ATTENTION Task: {8E8B78D4-B860-4095-848A-29F1CED161D0} - \KMSAuto -> No File <==== ATTENTION SearchScopes: HKU\S-1-5-21-2252380669-208864170-4196355365-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 SearchScopes: HKU\S-1-5-21-2252380669-208864170-4196355365-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 DPF: HKLM-x32 {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxps://www.xmeye.net/cloud/video/web.cab FF Plugin-x32: @DVR/npmedia,version=3.1.0.5 -> C:\Program Files\webrec\WEB30\DVR32\3.1.0.5\npmedia3105.dll [No File] FF Plugin-x32: @DVR/npplugin,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin_V2\npPlugin.dll [No File] FF Plugin-x32: @DVR/npTimeGrid,version=3.1.0.5 -> C:\Program Files\webrec\WEB30\DVR32\3.1.0.5\npTimeGrid3105.dll [No File] FF Plugin-x32: @IPC/npmedia3.0.0.3,version=3.0.0.3 -> C:\Program Files\webrec\Torch\3.0.0.3\npmedia3.0.0.3.dll [No File] FF Plugin-x32: @IPC/npmedia3.3.16431.0,version=3.3.16431.0 -> C:\Program Files\webrec\Torch\3.3.16431.0\npmedia3.3.16431.0.dll [No File] FF Plugin-x32: @IPC/npmedia3.3.549.0,version=3.3.549.0 -> C:\Program Files\webrec\Torch\3.3.549.0\npmedia3.3.549.0.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-25] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-25] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @NVR/npmedia4.1.63.0,version=4.1.63.0 -> C:\Program Files (x86)\webrec\Torch\4.1.63.0\npmedia.dll [No File] FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) CHR Notifications: Default -> hxxps://appuals.com; hxxps://blog.desdelinux.net; hxxps://dailynews-finance.com; hxxps://es-pl.com; hxxps://free-coupons.network; hxxps://l2.mastercoria.com; hxxps://lalittandkedsi.info; hxxps://maranhesduve.club; hxxps://miyoigo.yoigo.com; hxxps://pornocasero.co; hxxps://pornoplay.online; hxxps://roams.es; hxxps://special-promotions.online; hxxps://www.alibaba.com; hxxps://www.banggood.com; hxxps://www.hwlibre.com; hxxps://www.linuxsat-support.c... (long line) HOSTS: REMOVEPROXY: EMPTYTEMP: CMD: netsh winsock reset CMD: ipconfig /renew CMD: ipconfig /flushdns CMD: bitsadmin /reset /allusers CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset END ***************** Error: Restore point can only be created in normal mode. Processes closed successfully. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SPUpDateServerrun" => removed successfully "HKU\S-1-5-21-2252380669-208864170-4196355365-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSecurityTab" => removed successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk => moved successfully C:\Program Files (x86)\AnyDesk\AnyDesk.exe => moved successfully C:\Windows\Installer\{0A3238D7-AB32-4E15-B717-F3E3F18B4A8C}\WGE1.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe => moved successfully HKLM\SOFTWARE\Policies\Mozilla => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5ED2D867-A033-4AAB-BC9D-EE22DB3A2BA2}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ED2D867-A033-4AAB-BC9D-EE22DB3A2BA2}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet" => not found "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E8B78D4-B860-4095-848A-29F1CED161D0}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E8B78D4-B860-4095-848A-29F1CED161D0}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAuto" => not found "HKU\S-1-5-21-2252380669-208864170-4196355365-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully HKU\S-1-5-21-2252380669-208864170-4196355365-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{FD3BEB0C-AB43-4253-9146-C371D48FBE0D} => removed successfully HKLM\Software\Wow6432Node\Classes\CLSID\{FD3BEB0C-AB43-4253-9146-C371D48FBE0D} => removed successfully HKLM\Software\Wow6432Node\MozillaPlugins\@DVR/npmedia,version=3.1.0.5 => removed successfully HKLM\Software\Wow6432Node\MozillaPlugins\@DVR/npplugin,version=3.1.0.4 => removed successfully HKLM\Software\Wow6432Node\MozillaPlugins\@DVR/npTimeGrid,version=3.1.0.5 => removed successfully HKLM\Software\Wow6432Node\MozillaPlugins\@IPC/npmedia3.0.0.3,version=3.0.0.3 => removed successfully HKLM\Software\Wow6432Node\MozillaPlugins\@IPC/npmedia3.3.16431.0,version=3.3.16431.0 => removed successfully HKLM\Software\Wow6432Node\MozillaPlugins\@IPC/npmedia3.3.549.0,version=3.3.549.0 => removed successfully "HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-25] (Oracle America, Inc." => not found C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll => moved successfully "HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-25] (Oracle America, Inc." => not found C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll => moved successfully HKLM\Software\Wow6432Node\MozillaPlugins\@NVR/npmedia4.1.63.0,version=4.1.63.0 => removed successfully "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found "C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found "C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found "C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found "C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found "Chrome Notifications" => removed successfully C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-21-2252380669-208864170-4196355365-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-21-2252380669-208864170-4196355365-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= ========= netsh winsock reset ========= El cat logo Winsock se restableci¢ correctamente. Debe reiniciar el equipo para completar el restablecimiento. ========= End of CMD: ========= ========= ipconfig /renew ========= Configuraci¢n IP de Windows Error en la operaci¢n. No hay ning£n adaptador permitido para esta operaci¢n. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Configuraci¢n IP de Windows Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS. ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 BITS administration utility. (C) Copyright Microsoft Corp. Unable to connect to BITS - 0x8007043c El servicio no puede iniciarse en modo a prueba de errores ========= End of CMD: ========= ========= netsh advfirewall reset ========= Aceptar ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Aceptar ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Reenv¡o de compartimiento se restableci¢ correctamente. Compartimiento se restableci¢ correctamente. Protocolo de control se restableci¢ correctamente. Solicitud de secuencia eco se restableci¢ correctamente. Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente. Direcciones de multidifusi¢n se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Vecino se restableci¢ correctamente. Ruta de acceso se restableci¢ correctamente. Posible se restableci¢ correctamente. Directiva de prefijo se restableci¢ correctamente. Vecino de proxy se restableci¢ correctamente. Ruta se restableci¢ correctamente. Prefijo de sitio se restableci¢ correctamente. Subinterfaz se restableci¢ correctamente. Patr¢n de reactivaci¢n se restableci¢ correctamente. Resolver vecino se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Error al restablecer . Acceso denegado. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= End of CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 11821056 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 135414152 B Java, Flash, Steam htmlcache => 291 B Windows/system/drivers => 8518995 B Edge => 3693336 B Chrome => 445376484 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 14078 B NetworkService => 14078 B NEU => 68418525 B Administrador => 68418525 B RecycleBin => 5229707632 B EmptyTemp: => 5.6 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 20:12:26 ====