• Registrarse
  • Iniciar sesión


  • Resultados 1 al 8 de 8

    [Ayuda] Limpiando mi PC (Informes Ccleaner + IFS.log)

    ...

    1. #1
      Usuario Avatar de pablo699
      Registrado
      ene 2009
      Ubicación
      Barcelona
      Mensajes
      8

      [Ayuda] Limpiando mi PC (Informes Ccleaner + IFS.log)

      Hola q tal?

      Hoy se me dió por comprobar mi pc que este limpio de virus, spywares etc

      Aquí les dejo los informes del ccleaner y el IFS.log

      Gracias de antemano

      Código:
      7-Zip 16.04 (x64)	Igor Pavlov	25/07/2017	4,76 MB	16.04
      Adobe Acrobat Reader DC - Español	Adobe Systems Incorporated	29/08/2017	495 MB	17.012.20098
      Adobe Flash Player 23 NPAPI	Adobe Systems Incorporated	27/06/2017	19,2 MB	23.0.0.205
      Adobe Flash Player 25 PPAPI	Adobe Systems Incorporated	21/05/2017	19,6 MB	25.0.0.171
      Aplicación de Blizzard	Blizzard Entertainment	04/08/2017	683 MB	
      Compatibilidad con Aplicaciones de Apple	Apple Inc.	13/08/2017	83,6 MB	2.3.6
      Counter-Strike: Global Offensive	Valve	12/09/2017	15.376 MB	
      CPUID HWMonitor 1.32		29/08/2017	2,86 MB	1.32
      CyberGhost 6	CyberGhost S.R.L.	24/09/2017	54,5 MB	
      DDS Thumbnail Viewer		19/09/2017	0,21 MB	1.00.000
      DiscJuggler	Padus Incorporated	18/05/2017		6.0.0.1400
      Fraps (remove only)		14/09/2017		
      GameRanger	GameRanger Technologies	27/06/2017	4,34 MB	
      Google Chrome	Google Inc.	20/04/2017	363 MB	60.0.3112.113
      Gyazo 3.3.2	Nota Inc.	30/05/2017	20,4 MB	
      ImgBurn	LIGHTNING UK!	19/05/2017	3,37 MB	2.5.8.0
      Java 8 Update 141	Oracle Corporation	18/07/2017	54,8 MB	8.0.1410.15
      Java 8 Update 141 (64-bit)	Oracle Corporation	18/07/2017	61,4 MB	8.0.1410.15
      Java 8 Update 144	Oracle Corporation	03/09/2017	54,8 MB	8.0.1440.1
      JDownloader 2	AppWork GmbH	19/05/2017	206 MB	2.0
      K-Lite Mega Codec Pack 10.6.5		20/04/2017	126,8 MB	10.6.5
      KalOnline	Inixsoft	10/08/2017	1.762 MB	1.00.0000
      L2Informer	IMESoft	15/09/2017	22,8 MB	0.3
      League of Legends	Riot Games	23/08/2017	4.472 MB	4.2.1
      Lightshot-5.4.0.10	Skillbrains	05/05/2017	4,06 MB	5.4.0.10
      Lineage II	NCsoft	11/09/2017		Chronicle 1
      Lineage II: Terra	L2Sublimity	04/06/2017	6.943 MB	
      MARS GAMING MM5 MOUSE version 1.2	MARS GAMING	20/04/2017	13,6 MB	1.2
      Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	20/04/2017	4,92 MB	8.0.59193
      Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	20/04/2017	3,71 MB	8.0.59192
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	22/04/2017	1,10 MB	9.0.30729.4148
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	22/04/2017	0,93 MB	9.0.30729.4148
      Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219	Microsoft Corporation	20/04/2017	18,4 MB	10.0.40219
      Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	20/04/2017	15,1 MB	10.0.40219
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610	Microsoft Corporation	20/04/2017	20,5 MB	11.0.60610.1
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501	Microsoft Corporation	21/04/2017		12.0.30501.0
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501	Microsoft Corporation	20/04/2017	20,6 MB	12.0.30501.0
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501	Microsoft Corporation	07/07/2017	17,2 MB	12.0.30501.0
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215	Microsoft Corporation	07/07/2017	23,5 MB	14.0.24215.1
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215	Microsoft Corporation	26/08/2017	19,5 MB	14.0.24215.1
      Microsoft Xbox 360 Accessories 1.2	Microsoft	26/04/2017	9,09 MB	1.20.146.0
      Microsoft XNA Framework Redistributable 4.0 Refresh	Microsoft Corporation	12/07/2017	18,9 MB	4.0.30901.0
      Nox APP Player	Duodian Technology Co. Ltd.	03/08/2017		5.0.0.0
      NVIDIA Controlador de 3D Vision 385.28	NVIDIA Corporation	14/08/2017	32,7 MB	385.28
      NVIDIA Controlador de audio HD 1.3.34.27	NVIDIA Corporation	14/08/2017	8,76 MB	1.3.34.27
      NVIDIA Controlador de gráficos 385.28	NVIDIA Corporation	14/08/2017	720 MB	385.28
      NVIDIA Controlador de la controladora 3D Vision 369.04	NVIDIA Corporation	14/08/2017	8,75 MB	369.04
      NVIDIA DDS Utilities		19/09/2017	30,8 MB	1.0
      NVIDIA GeForce Experience 3.8.0.89	NVIDIA Corporation	14/08/2017	2,70 MB	3.8.0.89
      NVIDIA Photoshop Plug-ins		19/09/2017	1,44 MB	1.00.000
      NVIDIA Software del sistema PhysX 9.17.0524	NVIDIA Corporation	14/08/2017	407 MB	9.17.0524
      OBS Studio	OBS Project	13/06/2017		19.0.2
      OpenVPN 2.3.16-I601		19/05/2017		2.3.16-I601
      Oracle VM VirtualBox 5.1.22	Oracle Corporation	04/05/2017	258 MB	5.1.22
      Overwatch	Blizzard Entertainment	04/08/2017	21.206 MB	
      Paquete de controladores de Windows - Julian Löhr (HIDWiimote) HIDClass  (03/03/2016 0.2.7.4)	Julian Löhr	26/04/2017		03/03/2016 0.2.7.4
      Paquete de controladores de Windows - Julian Löhr (HIDWiimote) HIDClass  (09/07/2015 19.47.42.873)	Julian Löhr	26/04/2017		09/07/2015 19.47.42.873
      Photoshop CS5 Extended 12.0		20/04/2017		
      PLAYERUNKNOWN'S BATTLEGROUNDS	Bluehole, Inc.	06/09/2017	7.027 MB	
      Plex Media Server	Plex, Inc.	27/08/2017	284 MB	1.8.1.4139
      QuickTime 7	Apple Inc.	13/08/2017	95,3 MB	7.79.80.95
      Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	21/04/2017	46,7 MB	6.0.1.8105
      Rocket League	Psyonix, Inc.	18/07/2017	6.717 MB	
      Schthack Phantasy Star Online Blue Burst		23/08/2017		
      Skype™ 7.40	Skype Technologies S.A.	20/09/2017	174,2 MB	7.40.103
      Steam	Valve Corporation	20/04/2017		2.10.91.91
      TAP-Windows 9.21.2		24/09/2017		9.21.2
      TeamSpeak 3 Client	TeamSpeak Systems GmbH	23/08/2017	173,6 MB	3.0.14
      TEKKEN 7 Deluxe Edition MULTi11 - ElAmigos versión 1.0	Bandai Namco Entertainment	08/06/2017	58.782 MB	1.0
      The Surge		16/05/2017	2,97 MB	
      USB ACF Modem	Conexant	29/05/2017		2.0.21.50
      Vivaldi	Vivaldi	19/06/2017		1.11.917.43
      VMware Workstation	VMware, Inc.	22/04/2017	1.132 MB	12.0.1
      Vulkan Run Time Libraries 1.0.42.1	LunarG, Inc.	14/08/2017	1,66 MB	1.0.42.1
      WiiU_USB_Helper	WiiU_USB_Helper	11/09/2017		0.6.1.364
      WinRAR 4.20 (64-bit)	win.rar GmbH	21/04/2017	4,75 MB	4.20.0
      Yahoo Search Set	Yahoo Inc.	03/09/2017	0,79 MB	
      µTorrent	BitTorrent Inc.	03/07/2017		3.5.0.43916
      Código:
      Si	HKCU:Run	CyberGhost	"C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
      Si	HKCU:Run	Gyazo	C:\Program Files (x86)\Gyazo\GyStation.exe
      Si	HKCU:Run	Steam	"C:\Program Files (x86)\Steam\steam.exe" -silent
      Si	HKCU:Run	Vivaldi Update Notifier	C:\Users\Pablo\AppData\Local\Vivaldi\Application\update_notifier.exe
      Si	HKLM:Run	APSDaemon	"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      Si	HKLM:Run	HotKeysCmds	"C:\Windows\system32\hkcmd.exe"
      Si	HKLM:Run	IgfxTray	"C:\Windows\system32\igfxtray.exe"
      Si	HKLM:Run	Lightshot	C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
      Si	HKLM:Run	Marsmm5gmmouseRun	"C:\Program Files (x86)\MARS GAMING MM5 MOUSE\rssmon.exe" -runauto
      Si	HKLM:Run	Persistence	"C:\Windows\system32\igfxpers.exe"
      Si	HKLM:Run	RTHDVCPL	"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
      Si	HKLM:Run	ShadowPlay	"C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
      Si	HKLM:Run	SunJavaUpdateSched	"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      Si	HKLM:Run	vmware-tray.exe	"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
      Si	HKLM:Run	WindowsDefender	"%ProgramFiles%\Windows Defender\MSASCuiL.exe"
      Si	HKLM:Run	XboxStat	"C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
      Código:
      ~~~~~~~~~~~| Inicio: 
      
      *IFS (InfoSpyware First Steps) v 1.3
      *www.InfoSpyware.com | www.ForoSpyware.com
      *Iniciado: 25/09/2017 a las 09h.56m.57s
      
      ~~~~~~~~~~~|  Información del Sistema:
      
      OS: Microsoft Windows 10 Pro x64 
      Idioma: Spanish (Spain, International Sort) (España|es-ES)
      Permisos de Administrador / ON
      Windows se Inició en   Modo Normal
      Drive: C:\Windows (Install: \Device\HarddiskVolume2)
      
      ~~~~~~~~~~~| Arquitectura Fisica:
      
      CPU: To Be Filled By O.E.M.
      CPU Modelo: To Be Filled By O.E.M.
      Procesador: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz (x64-BasedPC)
      Memoria RAM: 16 Gb. En Uso: 36 %
      Video: Intel(R) HD Graphics 4000
      Chip: Intel(R) HD Graphics Family Capacidad video:-1984 MB (Internal)
      
      ~~~~~~~~~~~| Unidades
      
      C: [FIXED|NTFS|] - [476.9 Gb][110.9 Gb][366.0 Gb]
      D: [FIXED|NTFS|HDD 500GB] - [465.7 Gb][173.0 Gb][292.7 Gb]
      E: [FIXED|NTFS|HDD SATA 3 1TB] - [931.4 Gb][199.5 Gb][731.9 Gb]
      G: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      H: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      I: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      J: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      K: [CDROM]
      C:\ Fragmentación total 36.13% - Desfragmentar unidad 
      D:\ Fragmentación total 27.99% - Desfragmentar unidad 
      E:\ Fragmentación total 20.39% - Desfragmentar unidad 
      
      ~~~~~~~~~~~| Seguridad del SO
      
      SafeBoot: Inicio en Modo seguro Correcto
      Security Center: Correcto (Servicio Activo)
      Windows Update: El servicio no está activo 
      AV: Windows Defender *Protección Residente [OFF] / Actualizado*
      SP: Windows Defender *Protección Residente [OFF] / Actualizado*
      FW: Windows Firewall *Habilitado*
      
      ~~~~~~~~~~~|  Update Check
      
      Internet Explorer Versión Instalada 11
      Google Chrome Versión Instalada 60.0.3112.113
      Adobe Flash Player Versión Instalada 23.0
      
      ~~~~~~~~~~~| Process List 
      
      
      ~~~~~~~~~~~| Install Check 
      
      
      
      ~~~~~~~~~~~| Registry Check
      
      HKLM\Run(x64): [WindowsDefender] "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
      HKLM\Run(x64): [ShadowPlay] "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
      HKLM\Run(x64): [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
      HKLM\Run(x64): [IgfxTray] "C:\Windows\system32\igfxtray.exe"
      HKLM\Run(x64): [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
      HKLM\Run(x64): [Persistence] "C:\Windows\system32\igfxpers.exe"
      HKLM\Run(x64): [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
      HKLM\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
      HKLM\Run: [Marsmm5gmmouseRun] "C:\Program Files (x86)\MARS GAMING MM5 MOUSE\rssmon.exe" -runauto
      HKLM\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
      HKLM\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      HKLM\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      HKLM\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      HKLM\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
      HKLM\Run: [Vivaldi Update Notifier] C:\Users\Pablo\AppData\Local\Vivaldi\Application\update_notifier.exe
      HKLM\Run: [CyberGhost] "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
      Winlogon(x64): Shell = explorer.exe
      Winlogon: Shell = explorer.exe
      Userinit(x64): Userinit = 
      Userinit: Userinit = 
      
      [HKCR\.\.open\command] -> Navegador Preferido es Internet Explorer
      StarPage:hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
      StarPage:hxxp://go.microsoft.com/fwlink/?LinkId=54896
      
      ~~~~~~~~~~~| PUPs Check
      
      HKLM64\SOFTWARE\Partner
      
      C:\Users\Pablo\AppData\Roaming\hotspot shield
      
      ~~~~~~~~~~~| Listado 7 Días (Predeterminado)
      
      [24/09/2017 21:12] - C:\Windows\PFRO.log
      [25/09/2017 09:36] - C:\Config.Msi
      [25/09/2017 09:56] - C:\FSTool
      [25/09/2017 09:56] - C:\IFS.log
      [19/09/2017 16:43] - C:\UnrealEngine2Runtime
      
      ~~~~~~~~~~~| C:\Windows\Tasks:
      
      [21/04/2017 10:38] - C:\Windows\Tasks\update-S-1-5-21-4113022241-1377415486-1368023204-1001.job
      [21/04/2017 10:38] - C:\Windows\Tasks\update-sys.job
      
      ~~~~~~~~~~~| End Report
      *Finalizado 10:00:37
      *Se limpiaron los archivos temporales
      *[1599815] C:\Users\Pablo\Desktop\IFS.exe
      *Herramienta de Análisis e investigación

    2. #2
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      23.641

      Re: [Ayuda] Limpiando mi PC (Informes Ccleaner + IFS.log)

      Buenas pablo699.

      Para revisar tu maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

      Paso 1.- Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus, mientras realizamos TODOS los pasos.

      Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


      Una vez descargadas, desconectas tu equipo de Internet(apaga el router) << Muy Importante, y Cierras también cualquier otro programa que tengas abierto.

      Paso 2.- Ejecutas las herramientas de una en una y en el orden indicado :

      Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas "Ejecutar como Administrador" para Todos los programas.
      CCleaner.-
      • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
      • Úsalo primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

      Malwarebytes.-
      • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
      • Realiza un Análisis Completo.
      • Seleccionando "TODOS a Cuarentena" para enviarlo a la cuarentena y Reinicias el sistema.
      • En el apartado del manual "Historial" encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

      AdwCleaner.-
      • Ejecuta Adwcleaner.exe.
      • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
      • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
      • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
      • El informe también se puede encontrar en "C:\Program Files(x86)\AdwCleaner\AdwCleaner[C1].txt"

      Junkware Removal Tool.-
      • Ejecuta JRT.exe.
      • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
      • Si en algún momento te pide Reiniciar hazlo.
      • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

      Farbar Recovery Scan Tool.-
      • Ejecuta FRST.exe.
      • En el mensaje de la ventana del Disclaimer, pulsamos Yes.
      • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el análisis.
      • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

      Paso 3.- Poner los informes en tu próxima respuesta de :

      • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.


      Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo.

      - Y nos cuentas como funciona tu equipo, en relación al problema planteado.

      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de pablo699
      Registrado
      ene 2009
      Ubicación
      Barcelona
      Mensajes
      8

      Re: [Ayuda] Limpiando mi PC (Informes Ccleaner + IFS.log)

      Hola javier, antes de nada gracias por la ayuda.

      Acabo de terminar todo el proceso que me dijiste, aqui te dejo los informes en el orden solicitado.

      Código:
      Malwarebytes
      www.malwarebytes.com
      
      -Detalles del registro-
      Fecha del análisis: 25/9/17
      Hora del análisis: 11:48
      Archivo de registro: ab206810-a1d6-11e7-a534-bc5ff46908a4.json
      Administrador: Sí
      
      -Información del software-
      Versión: 3.2.2.2029
      Versión de los componentes: 1.0.188
      Versión del paquete de actualización: 1.0.2879
      Licencia: Prueba
      
      -Información del sistema-
      SO: Windows 10 (Build 14393.0)
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: DESKTOP-BL6N855\Pablo
      
      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 374880
      Amenazas detectadas: 4
      Amenazas en cuarentena: 4
      Tiempo transcurrido: 0 min, 39 seg
      
      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar
      
      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)
      
      Módulo: 0
      (No hay elementos maliciosos detectados)
      
      Clave del registro: 0
      (No hay elementos maliciosos detectados)
      
      Valor del registro: 0
      (No hay elementos maliciosos detectados)
      
      Datos del registro: 0
      (No hay elementos maliciosos detectados)
      
      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)
      
      Carpeta: 1
      Trojan.StolenData, C:\USERS\PABLO\APPDATA\ROAMING\DCLOGS, En cuarentena, [1090], [250094],1.0.2879
      
      Archivo: 2
      Trojan.StolenData, C:\USERS\PABLO\APPDATA\ROAMING\DCLOGS\2017-06-10-7.dc, En cuarentena, [1090], [250094],1.0.2879
      Generic.Malware/Suspicious, C:\USERS\PABLO\DOWNLOADS\SIN CONFIRMAR 761006.CRDOWNLOAD, En cuarentena, [0], [392686],1.0.2879
      
      Sector físico: 0
      (No hay elementos maliciosos detectados)
      
      
      (end)
      Código:
      # AdwCleaner 7.0.2.1 - Logfile created on Mon Sep 25 09:53:43 2017
      # Updated on 2017/29/08 by Malwarebytes 
      # Database: 09-23-2017.2
      # Running on Windows 10 Pro (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support
      
      ***** [ Services ] *****
      
      No malicious services found.
      
      ***** [ Folders ] *****
      
      PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\Local\YSearchUtil
      PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      PUP.Optional.Legacy, C:\Users\Pablo\AppData\Local\YSearchUtil
      PUP.Optional.Legacy, C:\Program Files (x86)\Yahoo!\yset
      
      
      ***** [ Files ] *****
      
      No malicious files found.
      
      ***** [ DLL ] *****
      
      No malicious DLLs found.
      
      ***** [ WMI ] *****
      
      No malicious WMI found.
      
      ***** [ Shortcuts ] *****
      
      No malicious shortcuts found.
      
      ***** [ Tasks ] *****
      
      No malicious tasks found.
      
      ***** [ Registry ] *****
      
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
      
      
      ***** [ Firefox (and derivatives) ] *****
      
      No malicious Firefox entries.
      
      ***** [ Chromium (and derivatives) ] *****
      
      No malicious Chromium entries.
      
      *************************
      
      
      
      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
      Código:
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 10 Pro x64 
      Ran by Pablo (Administrator) on 25/09/2017 at 11:59:32,30
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      
      
      
      
      File System: 8 
      
      Successfully deleted: C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
      Successfully deleted: C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
      Successfully deleted: C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal (File) 
      Successfully deleted: C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File) 
      Successfully deleted: C:\Windows\system32\Tasks\update-S-1-5-21-4113022241-1377415486-1368023204-1001 (Task)
      Successfully deleted: C:\Windows\system32\Tasks\update-sys (Task)
      Successfully deleted: C:\Windows\Tasks\update-S-1-5-21-4113022241-1377415486-1368023204-1001.job (Task) 
      Successfully deleted: C:\Windows\Tasks\update-sys.job (Task) 
      
      
      
      Registry: 0 
      
      
      
      
      
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 25/09/2017 at 12:00:30,90
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    4. #4
      Usuario Avatar de pablo699
      Registrado
      ene 2009
      Ubicación
      Barcelona
      Mensajes
      8

      Re: [Ayuda] Limpiando mi PC (Informes Ccleaner + IFS.log)

      Seguimos aqui :D

      Código:
      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2017
      Ran by Pablo (25-09-2017 12:02:43)
      Running from C:\Users\Pablo\Downloads
      Windows 10 Pro Version 1607 (X64) (2017-04-21 07:40:54)
      Boot Mode: Normal
      ==========================================================
      
      
      ==================== Accounts: =============================
      
      Administrador (S-1-5-21-4113022241-1377415486-1368023204-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-4113022241-1377415486-1368023204-503 - Limited - Disabled)
      defaultuser0 (S-1-5-21-4113022241-1377415486-1368023204-1000 - Limited - Disabled) => C:\Users\defaultuser0
      Invitado (S-1-5-21-4113022241-1377415486-1368023204-501 - Limited - Disabled)
      Pablo (S-1-5-21-4113022241-1377415486-1368023204-1001 - Administrator - Enabled) => C:\Users\Pablo
      
      ==================== Security Center ========================
      
      (If an entry is included in the fixlist, it will be removed.)
      
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      
      ==================== Installed Programs ======================
      
      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
      
      µTorrent (HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
      7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
      Actualización de NVIDIA 27.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 27.1.0.0 - NVIDIA Corporation) Hidden
      Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
      Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
      Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
      Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.28 - NVIDIA Corporation) Hidden
      Aplicación de Blizzard (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
      Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
      Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
      CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - )
      CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
      DDS Thumbnail Viewer (HKLM-x32\...\{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}) (Version: 1.00.000 - )
      DiscJuggler (HKLM-x32\...\DiscJuggler) (Version: 6.0.0.1400 - Padus Incorporated)
      Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
      GameRanger (HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\...\GameRanger) (Version:  - GameRanger Technologies)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
      Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
      Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
      Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
      JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
      KalOnline (HKLM-x32\...\{787F3CDE-B648-4056-939F-4B3DEC4F0EED}) (Version: 1.00.0000 - Inixsoft)
      K-Lite Mega Codec Pack 10.6.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
      L2Informer (HKLM-x32\...\{A44C1C1C-C1B9-444C-88F0-BFFD42DB5DE3}) (Version: 0.3 - IMESoft)
      League of Legends (HKLM-x32\...\{62292933-30AF-4962-B6BB-59191D386D94}) (Version: 4.2.1 - Riot Games) Hidden
      League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
      Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
      Lineage II (HKLM-x32\...\{C15ABFA2-A20A-4CAE-93D1-D8CD589A6727}) (Version: Chronicle 1 - NCsoft)
      Lineage II: Terra (HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\...\nPlay® G1) (Version:  - L2Sublimity)
      MARS GAMING MM5 MOUSE version 1.2 (HKLM-x32\...\{084CA533-32CA-41A5-971E-E54D2C6B3E2E}_is1) (Version: 1.2 - MARS GAMING)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{5c75eda4-d029-43bf-a70b-a73d380f52ee}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
      Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
      Nox APP Player (HKLM-x32\...\Nox) (Version: 5.0.0.0 - Duodian Technology Co. Ltd.)
      NVIDIA Controlador de 3D Vision 385.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.28 - NVIDIA Corporation)
      NVIDIA Controlador de audio HD 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
      NVIDIA Controlador de gráficos 385.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.28 - NVIDIA Corporation)
      NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
      NVIDIA DDS Utilities (HKLM-x32\...\{64963F0E-03F2-4B59-8D1B-1806545E7092}) (Version: 1.0 - )
      NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
      NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 1.00.000 - )
      NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
      NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
      OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.2 - OBS Project)
      OpenVPN 2.3.16-I601  (HKLM\...\OpenVPN) (Version: 2.3.16-I601 - )
      Oracle VM VirtualBox 5.1.22 (HKLM\...\{8D5E4D4D-5E0C-4448-B018-5DDEF1E208D9}) (Version: 5.1.22 - Oracle Corporation)
      Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
      Panel de control de NVIDIA 385.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.28 - NVIDIA Corporation) Hidden
      Paquete de controladores de Windows - Julian Löhr (HIDWiimote) HIDClass  (03/03/2016 0.2.7.4) (HKLM\...\684AB4653668A938037387F754DE61BCFD69EE21) (Version: 03/03/2016 0.2.7.4 - Julian Löhr)
      Paquete de controladores de Windows - Julian Löhr (HIDWiimote) HIDClass  (09/07/2015 19.47.42.873) (HKLM\...\723AAB7AC38B079CC6C62BF667C706D86E0CF93B) (Version: 09/07/2015 19.47.42.873 - Julian Löhr)
      Photoshop CS5 Extended 12.0 (HKLM-x32\...\Photoshop CS5 Extended 12.0) (Version:  - )
      PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
      Plex Media Server (HKLM-x32\...\{24b54b72-161a-4094-93b3-ea284140290c}) (Version: 1.8.1.4139 - Plex, Inc.)
      Plex Media Server (HKLM-x32\...\{952070F2-452A-48FF-A5B2-4586407F9536}) (Version: 1.8.4139 - Plex, Inc.) Hidden
      QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
      Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
      Schthack Phantasy Star Online Blue Burst (HKLM-x32\...\Schthack Phantasy Star Online Blue Burst) (Version:  - )
      Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      Stopping Plex (HKLM-x32\...\{EAAC5F93-0A1F-4218-BA03-CAC93C9D3388}) (Version: 1.8.4139 - Plex, Inc.) Hidden
      TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
      TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
      TEKKEN 7 Deluxe Edition MULTi11 - ElAmigos versión 1.0 (HKLM-x32\...\{6A5D71D7-EE7F-48E3-9AD6-D05D354050B7}_is1) (Version: 1.0 - Bandai Namco Entertainment)
      The Surge (HKLM-x32\...\The Surge_is1) (Version:  - )
      USB ACF Modem (HKLM\...\CNXT_MODEM_USB_ACF) (Version: 2.0.21.50 - Conexant)
      Vivaldi (HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\...\Vivaldi) (Version: 1.11.917.43 - Vivaldi)
      VMware Workstation (HKLM\...\{4B855F64-CB51-4FC3-935F-5AF7D3372BDE}) (Version: 12.0.1 - VMware, Inc.)
      Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
      WiiU_USB_Helper (HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\...\2bfcfdc8f5500a14) (Version: 0.6.1.364 - WiiU_USB_Helper)
      WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
      
      ==================== Custom CLSID (Whitelisted): ==========================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      CustomCLSID: HKU\S-1-5-21-4113022241-1377415486-1368023204-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4113022241-1377415486-1368023204-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4113022241-1377415486-1368023204-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4113022241-1377415486-1368023204-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4113022241-1377415486-1368023204-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-4113022241-1377415486-1368023204-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
      ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)
      ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2015-10-18] (VMware, Inc.)
      ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2015-10-18] (VMware, Inc.)
      ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2016-07-29] (Intel Corporation)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-08-10] (NVIDIA Corporation)
      ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)
      
      ==================== Scheduled Tasks (Whitelisted) =============
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      Task: {0B16A545-7E63-483A-8836-6432A6F5FF3F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
      Task: {24475948-9E06-46AD-9BAD-DB2D6B5A7C8C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
      Task: {3A670F1B-71E0-42C2-8614-6BFCC4A519C3} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
      Task: {53B678F6-DAF2-43EA-896E-04A1536B067F} - System32\Tasks\SafeZone scheduled Autoupdate 1497063066 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
      Task: {6981AE2D-9B20-4129-91E5-556BCEF446E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-21] (Google Inc.)
      Task: {6B5E3FE2-5DC4-442E-AFF7-129A289ECEC3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe
      Task: {8F2661F7-4B85-4CE7-A330-A35892BBAA2A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
      Task: {A97FA725-0736-4E81-8188-095E61A37C28} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
      Task: {B1CC38E2-A466-4454-A419-9BEDDA2ABF32} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
      Task: {C10ABB7E-2BC8-4696-A7E8-4243DBFF53DA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
      Task: {E88CCD28-BE5A-4CB9-B774-58DB29617AC9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
      Task: {EB3DF97D-7D66-4FEC-BDC2-0CF78ACE1D20} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
      Task: {FADBB048-943E-45C7-9627-6A9CC308ACC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-21] (Google Inc.)
      
      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
      
      
      ==================== Shortcuts & WMI ========================
      
      (The entries could be listed to be restored or removed.)
      
      
      Shortcut: C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lineage C1\L2C1 WIN7-Vista.bat.lnk -> C:\Games\L2C1\system\l2.bat (No File)
      
      ==================== Loaded Modules (Whitelisted) ==============
      
      2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
      2016-07-16 13:42 - 2016-07-16 13:42 - 002681200 _____ () C:\Windows\system32\CoreUIComponents.dll
      2015-10-18 18:32 - 2015-10-18 18:32 - 012465856 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
      2016-07-16 13:42 - 2016-07-16 13:42 - 000130048 _____ () C:\Windows\SYSTEM32\CHARTV.dll
      2016-07-16 13:43 - 2016-07-17 00:45 - 009761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
      2016-07-16 13:43 - 2016-07-17 00:45 - 001400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2016-07-16 13:43 - 2016-07-17 00:45 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
      2016-07-16 13:43 - 2016-07-17 00:45 - 002438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
      2016-07-16 13:43 - 2016-07-17 00:45 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
      2016-07-16 13:42 - 2016-07-16 13:42 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
      2016-07-16 13:43 - 2016-07-16 13:43 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
      2017-04-21 10:11 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-08-29 09:33 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
      2017-08-29 09:33 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
      2017-08-08 06:55 - 2017-08-08 06:55 - 000083432 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
      2017-08-08 06:55 - 2017-08-08 06:55 - 000203240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
      2015-10-18 18:32 - 2015-10-18 18:32 - 001301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
      2015-10-18 18:32 - 2015-10-18 18:32 - 000165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
      2015-10-18 18:32 - 2015-10-18 18:32 - 000191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
      2015-10-18 18:32 - 2015-10-18 18:32 - 000388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
      
      ==================== Alternate Data Streams (Whitelisted) =========
      
      (If an entry is included in the fixlist, only the ADS will be removed.)
      
      
      ==================== Safe Mode (Whitelisted) ===================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
      
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
      
      ==================== Association (Whitelisted) ===============
      
      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
      
      
      ==================== Internet Explorer trusted/restricted ===============
      
      (If an entry is included in the fixlist, it will be removed from the registry.)
      
      
      ==================== Hosts content: ==========================
      
      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
      
      2017-07-13 00:54 - 2017-09-24 10:19 - 000001532 _____ C:\Windows\system32\Drivers\etc\hosts
      
      127.0.0.1                   ttoskippline.net
      127.0.0.1                   www.mefeedia.com
      127.0.0.2                   mefeedia.com
      127.0.0.1                   delivery.anchorfree.us/land.php
      127.0.0.1                   hsselite.com/trial/step2.php
      127.0.0.1                   techbrowsing.com/away.php
      127.0.0.2                   mefeedia.com
      127.0.0.1                   hsselite.com/trial/step2.php
      127.0.0.2                   mefeedia.com
      127.0.0.1                   hsselite.com/trial/step2.php
      127.0.0.2                   mefeedia.com
      127.0.0.1                   hsselite.com/trial/step2.php
      127.0.0.2                   mefeedia.com
      127.0.0.1                   hsselite.com/trial/step2.php
      
      ==================== Other Areas ============================
      
      (Currently there is no automatic fix for this section.)
      
      HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
      DNS Servers: 192.168.0.1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
      Windows Firewall is enabled.
      
      ==================== MSCONFIG/TASK MANAGER disabled items ==
      
      HKLM\...\StartupApproved\Run: => "WindowsDefender"
      HKLM\...\StartupApproved\Run: => "XboxStat"
      HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\...\StartupApproved\Run: => "Steam"
      
      ==================== FirewallRules (Whitelisted) ===============
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      FirewallRules: [{0ED66FF4-E52B-4631-8583-D02C729F00D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{32CF5620-D604-4A0D-82B1-13D9AA28A45D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{56D936B9-CC20-4B84-9E30-B902ECFEF283}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{F778557B-46AC-46A0-878C-F1F4C17D7B4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{4EDB51DD-5722-4667-B573-15FFFAC032FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{A3535502-6019-4D7B-A32D-15380ADE61A1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{2BDB919C-6977-403F-AF0C-9412806D10E3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{4C2FE938-7925-41AD-A2A5-E565F2BD6AE9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{913B8FA9-1626-4294-B5A4-E6F306B7E306}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
      FirewallRules: [{543D5FED-4634-4422-BD6F-A00206DA4D14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
      FirewallRules: [{669D3896-3AD1-40D7-8150-284221012487}] => (Allow) C:\Users\Pablo\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{B6893226-48FA-4BDB-8ADF-2E3FD8BC866A}] => (Allow) C:\Users\Pablo\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{9A91386A-CB2D-4211-80D4-EB3DDA591498}] => (Allow) C:\Users\Pablo\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{A16FCB4C-9660-49AE-A8E6-F9AFD47AE637}] => (Allow) C:\Users\Pablo\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{A68C0789-A291-49D9-BE54-2AEE33B0B8E2}] => (Allow) C:\Users\Pablo\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{424152EC-3830-47C0-BC1C-5832E9A0A7CC}] => (Allow) C:\Users\Pablo\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{207B5A04-28BF-4285-BC97-56AB9AA04E70}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
      FirewallRules: [{DE1B129B-F204-448C-B175-23A6E6541F2B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
      FirewallRules: [{3493F3AC-086F-4721-B2AB-544BF6D6DBAE}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
      FirewallRules: [{43EB75B2-7576-4643-83F3-A82518761156}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
      FirewallRules: [{05923060-B413-428E-83B0-FCF474739B56}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
      FirewallRules: [TCP Query User{3FCF69BD-AD62-49A4-B55C-FB23F7E3647D}C:\users\pablo\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\pablo\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
      FirewallRules: [UDP Query User{DD085248-1ABE-4FD3-9D84-E245C1E8B4A0}C:\users\pablo\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\pablo\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
      FirewallRules: [TCP Query User{C80F5E2F-BA81-41A6-81EB-34FA243DB03C}C:\users\pablo\desktop\astroneer.pre-alpha.v0.3.10158.0.cracked-3dm\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\users\pablo\desktop\astroneer.pre-alpha.v0.3.10158.0.cracked-3dm\astro\binaries\win64\astro-win64-shipping.exe
      FirewallRules: [UDP Query User{E7C55519-6115-4DFC-87A6-DCFF23C961A5}C:\users\pablo\desktop\astroneer.pre-alpha.v0.3.10158.0.cracked-3dm\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\users\pablo\desktop\astroneer.pre-alpha.v0.3.10158.0.cracked-3dm\astro\binaries\win64\astro-win64-shipping.exe
      FirewallRules: [{F8FC44DC-4150-4D48-88CA-F741CA9EAA21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
      FirewallRules: [{CEE998E7-44CC-418E-9484-C0F73807DCC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
      FirewallRules: [TCP Query User{796B509A-6C6B-4E20-9521-9F9C1F809A62}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
      FirewallRules: [UDP Query User{3016B2C3-963A-4B2A-A348-ADEB7B88B75C}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
      FirewallRules: [TCP Query User{DE4824E9-9C50-47C0-A8A3-E49DA696209C}E:\t0w3r\mozillafirefox.exe] => (Allow) E:\t0w3r\mozillafirefox.exe
      FirewallRules: [UDP Query User{C7FD581D-1A23-4FBF-AD58-C4C23AD318F6}E:\t0w3r\mozillafirefox.exe] => (Allow) E:\t0w3r\mozillafirefox.exe
      FirewallRules: [TCP Query User{3866032C-4DB7-4591-BB6B-8CD83511C246}C:\l2w_vse.exe] => (Allow) C:\l2w_vse.exe
      FirewallRules: [UDP Query User{4A7CF235-DAD2-4BD9-AB50-3E74BCD1DE6A}C:\l2w_vse.exe] => (Allow) C:\l2w_vse.exe
      FirewallRules: [TCP Query User{3FFCA45E-EDC0-44C6-A242-000DC2955E25}E:\server\l2jfrozen 1004\diskw\usr\local\mysql\bin\mysqld-nt.exe] => (Allow) E:\server\l2jfrozen 1004\diskw\usr\local\mysql\bin\mysqld-nt.exe
      FirewallRules: [UDP Query User{8FB28DC6-75EC-4FBF-9489-A2CD61A9E29E}E:\server\l2jfrozen 1004\diskw\usr\local\mysql\bin\mysqld-nt.exe] => (Allow) E:\server\l2jfrozen 1004\diskw\usr\local\mysql\bin\mysqld-nt.exe
      FirewallRules: [TCP Query User{A6F07515-1003-43F9-8A8E-5E0237ED0FC9}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
      FirewallRules: [UDP Query User{68E93FE5-CDC9-4648-B8EE-78275053A139}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
      FirewallRules: [TCP Query User{F8997118-263A-4422-970D-3D64BC01DCB8}E:\server\l2j classic 1.0\diskw\usr\local\apache2\bin\apache.exe] => (Allow) E:\server\l2j classic 1.0\diskw\usr\local\apache2\bin\apache.exe
      FirewallRules: [UDP Query User{86CCCB3D-B312-4A94-911D-F19999E44103}E:\server\l2j classic 1.0\diskw\usr\local\apache2\bin\apache.exe] => (Allow) E:\server\l2j classic 1.0\diskw\usr\local\apache2\bin\apache.exe
      FirewallRules: [TCP Query User{5C3D4F38-C18F-42B4-8DCD-27F4F40047C1}E:\server\l2j classic 1.0\diskw\usr\local\mysql\bin\mysqld-nt.exe] => (Allow) E:\server\l2j classic 1.0\diskw\usr\local\mysql\bin\mysqld-nt.exe
      FirewallRules: [UDP Query User{96E6349E-5838-4BE7-AF63-5EE6E6FDF07C}E:\server\l2j classic 1.0\diskw\usr\local\mysql\bin\mysqld-nt.exe] => (Allow) E:\server\l2j classic 1.0\diskw\usr\local\mysql\bin\mysqld-nt.exe
      FirewallRules: [{1B811F8A-2DF1-440C-A64E-181FF15A9AC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
      FirewallRules: [{74869403-4543-434D-97D2-CC372FBA554B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
      FirewallRules: [TCP Query User{1843277C-F367-40A9-AA17-184F95239A77}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
      FirewallRules: [UDP Query User{BFA8773A-7421-41C3-9FAC-ECB55FB88EBA}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
      FirewallRules: [{9EF2A074-19F3-40CC-93BA-E618F3847498}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
      FirewallRules: [{6041FFBB-6C4F-4725-BC40-7AD6AC43F5E6}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
      FirewallRules: [TCP Query User{A2B847F3-D80E-4848-87CD-9FCD90FEDC7F}E:\server\server l2 classic award\diskw\usr\local\apache2\bin\apache.exe] => (Allow) E:\server\server l2 classic award\diskw\usr\local\apache2\bin\apache.exe
      FirewallRules: [UDP Query User{F2BD2A22-08BC-4DA3-ADA5-68AC5E36439F}E:\server\server l2 classic award\diskw\usr\local\apache2\bin\apache.exe] => (Allow) E:\server\server l2 classic award\diskw\usr\local\apache2\bin\apache.exe
      FirewallRules: [TCP Query User{F99E7223-2D77-4366-89C0-F98FACC38CD0}E:\server\server l2 classic award\diskw\usr\local\mysql\bin\mysqld-nt.exe] => (Allow) E:\server\server l2 classic award\diskw\usr\local\mysql\bin\mysqld-nt.exe
      FirewallRules: [UDP Query User{D0A16B5F-CBD3-4BCA-A48D-2BAC579DCC75}E:\server\server l2 classic award\diskw\usr\local\mysql\bin\mysqld-nt.exe] => (Allow) E:\server\server l2 classic award\diskw\usr\local\mysql\bin\mysqld-nt.exe
      FirewallRules: [{66FCCA8F-ADD2-4595-992D-01E159C11F8E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
      FirewallRules: [{1D9B5959-3061-4948-89CB-F86DB195B9BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{7714F43B-2871-4AB8-AAAB-64165A23DAE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{6A5F9321-92AF-4E39-9167-CA0EE87D3EE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{942770B2-3947-4C97-B93B-D72EE8624546}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{D95305D0-6704-42F9-AE20-DF46E35DCDF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [TCP Query User{9575FE7F-F714-4917-BFB2-0411745B1796}D:\pso sylverant\pso.exe] => (Allow) D:\pso sylverant\pso.exe
      FirewallRules: [UDP Query User{D9DB73DA-A982-4932-9ECA-4C6D28622330}D:\pso sylverant\pso.exe] => (Allow) D:\pso sylverant\pso.exe
      FirewallRules: [TCP Query User{46706660-14EF-4479-A759-E76E4B42DD25}C:\users\pablo\desktop\wii u hack files\wiiu_usb_helper.exe] => (Allow) C:\users\pablo\desktop\wii u hack files\wiiu_usb_helper.exe
      FirewallRules: [UDP Query User{EC27875D-C6E4-4F57-BCCB-02F722A3E431}C:\users\pablo\desktop\wii u hack files\wiiu_usb_helper.exe] => (Allow) C:\users\pablo\desktop\wii u hack files\wiiu_usb_helper.exe
      FirewallRules: [{81AB9C0D-41CA-49DC-BDDB-CDD14794620B}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
      FirewallRules: [{F73F2452-D7E4-44DF-9554-096AC12B02A3}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
      FirewallRules: [{25E8CAC4-0626-4234-906C-86C78D067418}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
      FirewallRules: [{B7C0F7ED-B1A5-489E-B36D-50F67DC1BEB5}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
      FirewallRules: [{1C0CDAE1-8FEF-4F41-AD19-059CD6D480D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [TCP Query User{4E3B82B7-0697-4314-8C64-4222E691D0A4}C:\users\pablo\appdata\local\apps\2.0\7cja8kq5.rky\x9po4gq7.p9h\wiiu..tion_0000000000000000_0000.0006_5ceab5e860bdf025\wiiu_usb_helper.exe] => (Allow) C:\users\pablo\appdata\local\apps\2.0\7cja8kq5.rky\x9po4gq7.p9h\wiiu..tion_0000000000000000_0000.0006_5ceab5e860bdf025\wiiu_usb_helper.exe
      FirewallRules: [UDP Query User{C45DA879-6C47-41F9-9039-59C73AD82A83}C:\users\pablo\appdata\local\apps\2.0\7cja8kq5.rky\x9po4gq7.p9h\wiiu..tion_0000000000000000_0000.0006_5ceab5e860bdf025\wiiu_usb_helper.exe] => (Allow) C:\users\pablo\appdata\local\apps\2.0\7cja8kq5.rky\x9po4gq7.p9h\wiiu..tion_0000000000000000_0000.0006_5ceab5e860bdf025\wiiu_usb_helper.exe
      FirewallRules: [TCP Query User{D4378883-54BE-47B1-AC96-66194E2053D8}C:\users\pablo\appdata\local\apps\2.0\7cja8kq5.rky\x9po4gq7.p9h\wiiu..tion_0000000000000000_0000.0006_4e22998df6ea1665\wiiu_usb_helper.exe] => (Allow) C:\users\pablo\appdata\local\apps\2.0\7cja8kq5.rky\x9po4gq7.p9h\wiiu..tion_0000000000000000_0000.0006_4e22998df6ea1665\wiiu_usb_helper.exe
      FirewallRules: [UDP Query User{7E6CCB5A-FE6B-44DC-B273-37A0F8CB36C2}C:\users\pablo\appdata\local\apps\2.0\7cja8kq5.rky\x9po4gq7.p9h\wiiu..tion_0000000000000000_0000.0006_4e22998df6ea1665\wiiu_usb_helper.exe] => (Allow) C:\users\pablo\appdata\local\apps\2.0\7cja8kq5.rky\x9po4gq7.p9h\wiiu..tion_0000000000000000_0000.0006_4e22998df6ea1665\wiiu_usb_helper.exe
      FirewallRules: [TCP Query User{4F51963F-E41B-4B18-9397-2794D55E9204}E:\server\l2j classic 1.0\diskw\usr\local\apache2\bin\apache.exe] => (Allow) E:\server\l2j classic 1.0\diskw\usr\local\apache2\bin\apache.exe
      FirewallRules: [UDP Query User{A78604E6-96AC-49EA-9F64-33D2945DC765}E:\server\l2j classic 1.0\diskw\usr\local\apache2\bin\apache.exe] => (Allow) E:\server\l2j classic 1.0\diskw\usr\local\apache2\bin\apache.exe
      FirewallRules: [TCP Query User{A1789094-042A-44D2-839A-D342E5D7B4A8}E:\server\l2j classic 1.0\diskw\usr\local\mysql\bin\mysqld-nt.exe] => (Allow) E:\server\l2j classic 1.0\diskw\usr\local\mysql\bin\mysqld-nt.exe
      FirewallRules: [UDP Query User{77240204-2A9C-484D-B3FE-BD1220F8DADB}E:\server\l2j classic 1.0\diskw\usr\local\mysql\bin\mysqld-nt.exe] => (Allow) E:\server\l2j classic 1.0\diskw\usr\local\mysql\bin\mysqld-nt.exe
      
      ==================== Restore Points =========================
      
      04-09-2017 11:44:56 Punto de control programado
      12-09-2017 16:42:37 Installed Lineage II
      16-09-2017 13:25:24 Installed L2Informer
      19-09-2017 16:49:00 Installed NVIDIA Photoshop Plug-ins
      25-09-2017 09:36:04 Removed Apple Software Update
      25-09-2017 11:57:42 JRT Pre-Junkware Removal
      25-09-2017 11:59:32 JRT Pre-Junkware Removal
      
      ==================== Faulty Device Manager Devices =============
      
      Name: VirtualBox Host-Only Ethernet Adapter
      Description: VirtualBox Host-Only Ethernet Adapter
      Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
      Manufacturer: Oracle Corporation
      Service: VBoxNetAdp
      Problem: : This device is disabled. (Code 22)
      Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
      
      
      ==================== Event log errors: =========================
      
      Application errors:
      ==================
      Error: (09/25/2017 11:59:32 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
      
      Details:
      AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.
      
      System Error:
      Acceso denegado.
      .
      
      Error: (09/25/2017 11:57:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
      
      Details:
      AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.
      
      System Error:
      Acceso denegado.
      .
      
      Error: (09/25/2017 11:55:56 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0xC004F074
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
      
      Error: (09/25/2017 11:55:35 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0xC004F074
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
      
      Error: (09/25/2017 11:55:00 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x8007139F
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
      
      Error: (09/25/2017 11:50:46 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0xC004F074
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
      
      Error: (09/25/2017 11:50:28 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0xC004F074
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
      
      Error: (09/25/2017 09:36:05 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
      
      Details:
      AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.
      
      System Error:
      Acceso denegado.
      .
      
      Error: (09/25/2017 09:32:39 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0xC004F074
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
      
      Error: (09/24/2017 09:16:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0xC004F074
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
      
      
      System errors:
      =============
      Error: (09/25/2017 11:59:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.
      
      Error: (09/25/2017 11:59:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.
      
      Error: (09/25/2017 11:56:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio Servicio de plataforma de dispositivos conectados se cerró con el siguiente error: 
      Error no especificado
      
      Error: (09/25/2017 11:56:14 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.
      
      Error: (09/25/2017 11:55:10 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.
      
      Error: (09/25/2017 11:55:03 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.
      
      Error: (09/25/2017 11:55:00 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.
      
      Error: (09/25/2017 11:54:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio NcaSvc depende del servicio iphlpsvc, el cual no pudo iniciarse debido al siguiente error: 
      No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.
      
      Error: (09/25/2017 11:54:55 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.
      
      Error: (09/25/2017 11:54:44 AM) (Source: sptd) (EventID: 4) (User: )
      Description: El controlador detectó un error interno en la estructura de datos de .
      
      
      CodeIntegrity:
      ===================================
        Date: 2017-07-09 21:44:04.410
        Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\HIDWiimote.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
        Date: 2017-07-09 21:42:51.210
        Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\HIDWiimote.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
        Date: 2017-07-09 21:41:18.403
        Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\HIDWiimote.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
        Date: 2017-05-26 19:35:28.360
        Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\CAXHWCD2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
        Date: 2017-05-25 01:19:21.699
        Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
        Date: 2017-05-25 01:19:21.638
        Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mdmxsdk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
        Date: 2017-05-22 16:08:45.368
        Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
        Date: 2017-05-22 16:08:45.279
        Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mdmxsdk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
        Date: 2017-05-22 16:08:44.309
        Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\CAXHWCD2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
        Date: 2017-05-22 16:06:23.486
        Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
      
      
      ==================== Memory info =========================== 
      
      Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
      Percentage of memory in use: 9%
      Total physical RAM: 16276.7 MB
      Available physical RAM: 14665.59 MB
      Total Virtual: 32276.7 MB
      Available Virtual: 30606.28 MB
      
      ==================== Drives ================================
      
      Drive c: () (Fixed) (Total:476.94 GB) (Free:121.07 GB) NTFS ==>[drive with boot components (obtained from BCD)]
      Drive d: (HDD 500GB) (Fixed) (Total:465.76 GB) (Free:173.01 GB) NTFS ==>[system with boot components (obtained from drive)]
      Drive e: (HDD SATA 3 1TB) (Fixed) (Total:931.41 GB) (Free:203.51 GB) NTFS
      
      ==================== MBR & Partition Table ==================
      
      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FAF8FAF8)
      Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
      
      ========================================================
      Disk: 1 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: C49FA113)
      Partition 1: (Active) - (Size=476.9 GB) - (Type=07 NTFS)
      
      ========================================================
      Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BCE9D2CF)
      Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)
      
      ==================== End of Addition.txt ============================

    5. #5
      Usuario Avatar de pablo699
      Registrado
      ene 2009
      Ubicación
      Barcelona
      Mensajes
      8

      Re: [Ayuda] Limpiando mi PC (Informes Ccleaner + IFS.log)

      Y aqui el ultimo informe :)
      Código:
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2017
      Ran by Pablo (administrator) on DESKTOP-BL6N855 (25-09-2017 12:02:22)
      Running from C:\Users\Pablo\Downloads
      Loaded Profiles: Pablo (Available Profiles: defaultuser0 & Pablo)
      Platform: Windows 10 Pro Version 1607 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************
      
      ==================== Processes (Whitelisted) =================
      
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (Microsoft Corporation) C:\Windows\System32\Locator.exe
      (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
      (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
      (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
      (CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
      () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      
      ==================== Registry (Whitelisted) ===========================
      
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      
      HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
      HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18290688 2017-03-30] (Realtek Semiconductor)
      HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
      HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
      HKLM-x32\...\Run: [Marsmm5gmmouseRun] => C:\Program Files (x86)\MARS GAMING MM5 MOUSE\rssmon.exe [3343360 2014-08-15] ()
      HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104128 2015-10-18] (VMware, Inc.)
      HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
      Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-08-28] (Valve Corporation)
      HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\...\Run: [Vivaldi Update Notifier] => C:\Users\Pablo\AppData\Local\Vivaldi\Application\update_notifier.exe [4243576 2017-08-21] (Vivaldi Technologies AS)
      HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1248848 2017-08-31] (CyberGhost S.A.)
      IFEO\l2.exe: [Debugger] 
      GroupPolicy: Restriction <==== ATTENTION
      
      ==================== Internet (Whitelisted) ====================
      
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{40e44ce0-e265-4e24-a582-708205e0cd1d}: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{5c73f0c1-a589-4086-abbe-90ac08a3cd12}: [DhcpNameServer] 185.156.172.178 185.93.180.131 83.143.245.42
      Tcpip\..\Interfaces\{7be42597-7aea-473d-8294-5491c33adc44}: [DhcpNameServer] 8.8.8.8
      
      Internet Explorer:
      ==================
      HKU\S-1-5-21-4113022241-1377415486-1368023204-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
      SearchScopes: HKU\S-1-5-21-4113022241-1377415486-1368023204-1001 -> {89298493-A76A-4639-A678-EF3178E2E9AE} URL = hxxps://es.search.yahoo.com/search?p={searchTerms}&intl=es&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-04] (Oracle Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-04] (Oracle Corporation)
      
      FireFox:
      ========
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2017-06-28] ()
      FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2017-06-28] ()
      FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-04] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-04] (Oracle Corporation)
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-10] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-10] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
      
      Chrome: 
      =======
      CHR HomePage: Default -> hxxps://www.google.es/
      CHR StartupUrls: Default -> "hxxps://www.google.es/"
      CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
      CHR DefaultSearchKeyword: Default -> Yahoo
      CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
      CHR Profile: C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default [2017-09-25]
      CHR Extension: (Presentaciones de Google) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-21]
      CHR Extension: (Google Docs) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-21]
      CHR Extension: (Google Drive) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-21]
      CHR Extension: (MEGA) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2017-09-23]
      CHR Extension: (YouTube) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-21]
      CHR Extension: (Chrome IG Story) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2017-09-19]
      CHR Extension: (Hojas de cálculo de Google) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-21]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-21]
      CHR Extension: (AdBlock) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-12]
      CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-09-25]
      CHR Extension: (Yahoo Partner) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbfklbaljofpaanmpaeadejijfdddco [2017-06-26]
      CHR Extension: (Video Downloader GetThemAll) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-07-30]
      CHR Extension: (Yahoo Partner) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\njpedbdniajflhgfoipnjkednnlkngbj [2017-07-19]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
      CHR Extension: (AdF.ly Skipper ★WORKING: 9/13/2017★) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2017-09-13]
      CHR Extension: (Gmail) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-21]
      CHR Extension: (Chrome Media Router) - C:\Users\Pablo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-04]
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [njpedbdniajflhgfoipnjkednnlkngbj] - hxxps://clients2.google.com/service/update2/crx
      
      ==================== Services (Whitelisted) ====================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-07-08] ()
      R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [232528 2017-08-31] (CyberGhost S.A.)
      S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3833776 2016-03-03] (INCA Internet Co., Ltd.)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
      R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-10] (NVIDIA Corporation)
      R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation)
      R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2091496 2017-08-08] (Plex, Inc.)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
      R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465856 2015-10-18] ()
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
      
      ===================== Drivers (Whitelisted) ======================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      R0 asstahci64; C:\Windows\System32\drivers\asstahci64.sys [89960 2016-05-17] (Asmedia Technology)
      S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
      S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-06-09] (Disc Soft Ltd)
      S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-05-22] (LogMeIn Inc.)
      S3 hcwE5bda; C:\Windows\system32\drivers\hcwE5bda.sys [994448 2016-08-11] (Hauppauge Computer Work, Inc.)
      S3 HIDMiniport; C:\Windows\System32\drivers\HIDMiniport.sys [7744 2016-03-03] ()
      S3 HIDWiimote; C:\Windows\System32\drivers\HIDWiimote.sys [25232 2016-03-03] ()
      R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
      R2 mdmxsdk; C:\Windows\system32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)
      S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
      S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.)
      R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9ab613610b40aa98\nvlddmkm.sys [15610296 2017-08-10] (NVIDIA Corporation)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
      R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-06-21] (NVIDIA Corporation)
      S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2016-06-15] (The OpenVPN Project)
      S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2015-08-22] (Scarlet.Crush Productions)
      S0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2017-06-09] (Duplex Secure Ltd.)
      S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
      R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42088 2015-12-19] (Anchorfree Inc.)
      S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation)
      R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205952 2017-04-28] (Oracle Corporation)
      S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-04-28] (Oracle Corporation)
      R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-10-18] (VMware, Inc.)
      R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
      S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
      S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
      S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
      R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-08-04] (BigNox Corporation)
      S3 CAXHWCD2; \SystemRoot\system32\DRIVERS\CAXHWCD2.sys [X]
      S3 HSF_DPV; \SystemRoot\system32\DRIVERS\CAX_DPV.sys [X]
      S3 winachsf; \SystemRoot\system32\DRIVERS\CAX_CNXT.sys [X]
      S3 X6va064; \??\C:\Windows\SysWoW64\Drivers\X6va064 [X]
      
      ==================== NetSvcs (Whitelisted) ===================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      
      ==================== One Month Created files and folders ========
      
      (If an entry is included in the fixlist, the file/folder will be moved.)
      
      2017-09-25 12:02 - 2017-09-25 12:02 - 000016729 _____ C:\Users\Pablo\Downloads\FRST.txt
      2017-09-25 12:02 - 2017-09-25 12:02 - 000000000 ____D C:\FRST
      2017-09-25 12:01 - 2017-09-25 12:01 - 002399744 _____ (Farbar) C:\Users\Pablo\Downloads\FRST64.exe
      2017-09-25 12:00 - 2017-09-25 12:00 - 000001532 _____ C:\Users\Pablo\Desktop\JRT.txt
      2017-09-25 11:57 - 2017-09-25 11:57 - 001790024 _____ (Malwarebytes) C:\Users\Pablo\Downloads\JRT.exe
      2017-09-25 11:53 - 2017-09-25 11:53 - 000001283 _____ C:\Users\Pablo\Desktop\AdwCleaner[S0].txt
      2017-09-25 11:51 - 2017-09-25 11:52 - 000001741 _____ C:\Users\Pablo\Desktop\malwarebytes.txt
      2017-09-25 11:49 - 2017-09-25 11:49 - 000230592 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-09-25 11:43 - 2017-09-25 11:43 - 000003259 _____ C:\Users\Pablo\Desktop\test.txt
      2017-09-25 11:42 - 2017-09-25 11:42 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-09-25 11:41 - 2017-09-25 11:54 - 000000000 ____D C:\AdwCleaner
      2017-09-25 11:41 - 2017-09-25 11:42 - 068408664 _____ (Malwarebytes ) C:\Users\Pablo\Downloads\mb3-setup-consumer-3.2.2.2029.exe
      2017-09-25 11:41 - 2017-09-25 11:41 - 008182736 _____ (Malwarebytes) C:\Users\Pablo\Downloads\AdwCleaner.exe
      2017-09-25 09:49 - 2017-09-25 09:49 - 009809688 _____ (Piriform Ltd) C:\Users\Pablo\Downloads\ccsetup535.exe
      2017-09-25 09:41 - 2017-09-25 09:41 - 000000587 _____ C:\Users\Pablo\Desktop\L2Data C1.lnk
      2017-09-25 09:29 - 2017-09-25 09:29 - 000000000 ____D C:\Program Files\TAP-Windows
      2017-09-24 21:13 - 2017-09-25 09:29 - 000001769 _____ C:\Users\Pablo\Desktop\CyberGhost 6.lnk
      2017-09-24 21:13 - 2017-09-25 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6
      2017-09-24 21:12 - 2017-09-25 11:50 - 000000000 ____D C:\Program Files\CyberGhost 6
      2017-09-24 21:07 - 2017-09-25 09:29 - 000000000 ____D C:\Users\Pablo\AppData\Local\CyberGhost
      2017-09-24 21:07 - 2017-03-09 12:45 - 000277504 _____ () C:\Program Files\CyberGhost.RESTCommunicator.dll
      2017-09-24 21:06 - 2017-09-24 21:06 - 015607581 _____ C:\Users\Pablo\Downloads\Cyb3rGh0st-v6.0.6.2540-FU11-CW.rar
      2017-09-24 21:05 - 2017-09-24 21:05 - 000474177 _____ ( ) C:\Users\Pablo\Downloads\Express_VPN_2017_Crack.exe
      2017-09-24 10:49 - 2017-09-24 21:07 - 000000000 ____D C:\ProgramData\Betternet
      2017-09-24 10:49 - 2017-09-24 10:49 - 000000000 ____D C:\Users\Pablo\AppData\Local\Downloaded Installations
      2017-09-24 10:48 - 2017-09-24 10:48 - 011535280 _____ (Betternet Technologies Inc.) C:\Users\Pablo\Downloads\BetternetForWindows390.exe
      2017-09-24 10:47 - 2017-09-24 10:47 - 000000600 _____ C:\Users\Pablo\PUTTY.RND
      2017-09-24 10:46 - 2017-09-24 10:46 - 002569224 _____ C:\Users\Pablo\Downloads\u.zip
      2017-09-24 10:39 - 2017-09-24 10:42 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\Psiphon3
      2017-09-24 10:28 - 2017-09-24 10:29 - 031499665 _____ C:\Users\Pablo\Downloads\Hotspot Shield VPN Elite 7.20.7 + Patch (1).rar
      2017-09-24 10:27 - 2017-09-24 10:42 - 000000000 ____D C:\Program Files (x86)\No-IP
      2017-09-24 10:27 - 2017-09-24 10:27 - 000241736 _____ C:\Users\Pablo\Downloads\DUCSetup_v4_1_1.exe
      2017-09-24 10:27 - 2017-09-24 10:27 - 000000000 ____D C:\Users\Pablo\AppData\Local\Vitalwerks
      2017-09-24 10:27 - 2017-09-24 10:27 - 000000000 ____D C:\ProgramData\Vitalwerks
      2017-09-24 10:26 - 2017-09-24 10:27 - 031499665 _____ C:\Users\Pablo\Downloads\Hotspot Shield VPN Elite 7.20.7 + Patch.rar
      2017-09-22 20:59 - 2017-09-24 10:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
      2017-09-22 15:27 - 2017-09-22 15:27 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\Hotspot Shield
      2017-09-22 15:25 - 2017-09-22 15:25 - 017319496 _____ (AnchorFree Inc.) C:\Users\Pablo\Downloads\HotspotShield-7.1.3-12763287.exe
      2017-09-22 14:02 - 2017-09-22 14:02 - 000000032 _____ C:\Users\Pablo\Downloads\downloadurl.txt
      2017-09-21 21:43 - 2017-09-21 21:52 - 000000000 ____D C:\Users\Pablo\Desktop\CD Parche Elwyn
      2017-09-21 12:34 - 2017-09-21 12:34 - 000003130 _____ C:\Users\Pablo\Downloads\l2ini fullscreen.rar
      2017-09-21 12:26 - 2017-09-21 23:51 - 000001739 _____ C:\Users\Pablo\Desktop\L2C1 Elwyn x10.lnk
      2017-09-19 17:16 - 2017-09-19 17:16 - 006986131 _____ C:\Users\Pablo\Downloads\性感美麗女友的自拍照[95P]-自拍樂園-嘿軍團.zip
      2017-09-19 16:49 - 2017-09-19 16:49 - 000000000 ____D C:\Program Files (x86)\Presets
      2017-09-19 16:49 - 2017-09-19 16:49 - 000000000 ____D C:\Program Files (x86)\Plug-Ins
      2017-09-19 16:43 - 2017-09-20 17:47 - 000000000 ____D C:\UnrealEngine2Runtime
      2017-09-19 16:40 - 2017-09-19 16:40 - 059486815 _____ C:\Users\Pablo\Downloads\Soft Pack.rar
      2017-09-19 16:38 - 2017-09-19 16:38 - 000874007 _____ C:\Users\Pablo\Downloads\HxDSetupES.zip
      2017-09-19 16:38 - 2017-09-19 16:38 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\Mael
      2017-09-19 16:15 - 2017-09-19 16:15 - 006310904 _____ C:\Users\Pablo\Downloads\GxPatchC4v2.0.rar
      2017-09-19 16:12 - 2017-09-19 16:13 - 094371840 _____ C:\Users\Pablo\Downloads\GxTexturasInterlude_v1.2.part2.rar
      2017-09-19 16:12 - 2017-09-19 16:13 - 094371840 _____ C:\Users\Pablo\Downloads\GxTexturasInterlude_v1.2.part1.rar
      2017-09-19 16:12 - 2017-09-19 16:13 - 066936657 _____ C:\Users\Pablo\Downloads\GxTexturasInterlude_v1.2.part3.rar
      2017-09-19 16:12 - 2017-09-19 16:12 - 000076969 _____ C:\Users\Pablo\Downloads\GxTexturasInterlude_v1.2_update.rar
      2017-09-19 13:45 - 2017-09-19 13:46 - 028810374 _____ C:\Users\Pablo\Downloads\system2.rar
      2017-09-19 13:36 - 2017-09-19 13:36 - 000112400 _____ C:\Users\Pablo\Downloads\Patch.rar
      2017-09-19 09:32 - 2017-09-19 09:32 - 130795234 _____ C:\Users\Pablo\Downloads\Zafiro_v4.rar
      2017-09-19 01:11 - 2017-09-19 01:11 - 000018186 _____ C:\Users\Pablo\Downloads\l2font-pt.zip
      2017-09-19 01:06 - 2017-09-19 01:06 - 000081759 _____ C:\Users\Pablo\Downloads\Letra Ñ para H5 By Delacroixs.rar
      2017-09-18 15:13 - 2017-09-18 15:13 - 000689786 _____ C:\Users\Pablo\Downloads\GxZone ES.zip
      2017-09-18 13:04 - 2017-09-18 13:04 - 044066174 _____ C:\Users\Pablo\Downloads\10-17-plinea-byneon.pdf
      2017-09-17 21:31 - 2017-09-17 21:31 - 000520279 _____ C:\Users\Pablo\Desktop\GM Commands C2.pdf
      2017-09-16 22:52 - 2017-09-16 22:52 - 000011669 _____ C:\Users\Pablo\Downloads\98951_baywatch-los-vigilantes-de-la-playa-version-extendida-bluray-rip-ac3-5-1-espaa-a-ol-castellano-2017.torrent
      2017-09-16 16:28 - 2017-09-16 16:28 - 000406910 _____ C:\Users\Pablo\Downloads\MultiOkno.rar
      2017-09-16 16:25 - 2017-09-16 16:25 - 000067346 _____ C:\Users\Pablo\Downloads\npcname-e (1).rar
      2017-09-16 16:25 - 2017-09-16 16:25 - 000028750 _____ C:\Users\Pablo\Downloads\L2_SkillTime.rar
      2017-09-16 13:42 - 2017-09-16 13:43 - 262302455 _____ C:\Users\Pablo\Downloads\[c1]c3textures_v1.2.rar
      2017-09-16 13:36 - 2017-09-24 15:19 - 000000000 ____D C:\Users\Pablo\Desktop\L2c1x1Com
      2017-09-16 13:33 - 2017-09-16 13:36 - 1297689674 _____ C:\Users\Pablo\Downloads\L2c1x1Com.rar
      2017-09-16 13:30 - 2017-09-17 22:50 - 061186648 _____ C:\Users\Pablo\Downloads\System_For_Win_10.zip
      2017-09-16 13:26 - 2017-09-16 13:26 - 000002749 _____ C:\Users\Public\Desktop\L2Informer C1.lnk
      2017-09-16 13:26 - 2017-09-16 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\l2informer
      2017-09-16 13:26 - 2017-09-16 13:26 - 000000000 ____D C:\Program Files (x86)\L2Informer
      2017-09-16 13:25 - 2017-09-16 13:25 - 008481736 _____ C:\Users\Pablo\Downloads\C1 - L2Informer 0.6.rar
      2017-09-16 13:24 - 2017-09-16 13:24 - 000901915 _____ C:\Users\Pablo\Downloads\Сrafter.rar
      2017-09-16 13:24 - 2017-09-16 13:24 - 000227682 _____ C:\Users\Pablo\Downloads\Lineage_Server.rar
      2017-09-16 13:24 - 2017-09-16 13:24 - 000008249 _____ C:\Users\Pablo\Downloads\chargrp.rar
      2017-09-16 13:23 - 2017-09-16 13:23 - 000067346 _____ C:\Users\Pablo\Downloads\npcname-e.rar
      2017-09-16 13:22 - 2017-09-16 13:23 - 002349478 _____ C:\Users\Pablo\Downloads\L2DataC1.zip
      2017-09-16 12:51 - 2017-09-16 12:51 - 064694432 _____ C:\Users\Pablo\Downloads\L2LifeDrain_system_v4.zip
      2017-09-16 12:28 - 2017-09-16 12:28 - 000110033 _____ C:\Users\Pablo\Downloads\Decrease Background Performance.zip
      2017-09-16 12:23 - 2017-09-16 12:23 - 000086605 _____ C:\Users\Pablo\Downloads\noSleep Interlude.7z
      2017-09-16 11:23 - 2017-09-16 11:23 - 000000000 __SHD C:\Users\Pablo\AppData\Roaming\Common
      2017-09-16 11:23 - 2017-09-16 11:23 - 000000000 ____D C:\Users\Pablo\AppData\Local\FileSeek
      2017-09-16 09:07 - 2017-09-16 09:07 - 002919683 _____ ( ) C:\Users\Pablo\Downloads\reshacker_setup.exe
      2017-09-15 17:49 - 2017-09-15 17:51 - 005366004 _____ C:\Users\Pablo\Downloads\WeaponsValakasFullEffect.rar
      2017-09-15 12:53 - 2017-09-15 12:53 - 015756368 _____ (TeamViewer GmbH) C:\Users\Pablo\Downloads\TeamViewer_Setup (1).exe
      2017-09-15 09:47 - 2017-09-15 09:47 - 000000599 _____ C:\Users\Pablo\Desktop\Fraps.lnk
      2017-09-15 09:47 - 2017-09-15 09:47 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
      2017-09-15 09:47 - 2017-09-15 09:47 - 000000000 ____D C:\Fraps
      2017-09-15 02:19 - 2017-09-15 02:19 - 008026744 _____ C:\Users\Pablo\Downloads\system.zip
      2017-09-15 02:18 - 2017-09-15 02:18 - 000974839 _____ C:\Users\Pablo\Downloads\L2OSUpdater.zip
      2017-09-13 14:44 - 2017-09-13 14:44 - 000070144 _____ C:\Users\Pablo\Downloads\l2encdec.exe
      2017-09-13 12:07 - 2017-09-13 12:08 - 387778643 _____ C:\Users\Pablo\Downloads\c6 systextures - B grade work.rar
      2017-09-12 20:45 - 2017-09-12 20:45 - 000012871 _____ C:\Users\Pablo\Downloads\Chicago.ovpn
      2017-09-12 20:45 - 2017-09-12 20:45 - 000012847 _____ C:\Users\Pablo\Downloads\Madrid.ovpn
      2017-09-12 20:11 - 2017-09-25 09:27 - 000000000 ____D C:\Program Files (x86)\OpenVPN Technologies
      2017-09-12 20:11 - 2017-09-12 20:11 - 030914224 _____ (OpenVPN Technologies) C:\Users\Pablo\Downloads\privatetunnel-win-2.8.exe
      2017-09-12 19:05 - 2017-09-12 19:05 - 006950507 _____ C:\Users\Pablo\Downloads\L2FileEdit-master.zip
      2017-09-12 18:21 - 2017-09-12 18:21 - 000002075 _____ C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberGhost 6.lnk
      2017-09-12 18:19 - 2017-09-12 18:19 - 015605344 _____ C:\Users\Pablo\Downloads\CyberGhost VPN 6.0.6.2540 Stable Setup + Crack.rar
      2017-09-12 16:42 - 2017-09-17 02:42 - 000000000 ____D C:\Users\Pablo\Desktop\L2 C2
      2017-09-12 16:42 - 2017-09-12 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lineage II
      2017-09-12 16:36 - 2017-09-12 16:36 - 000742459 _____ C:\Users\Pablo\Downloads\Updater.rar
      2017-09-12 16:35 - 2017-09-12 16:40 - 1756288374 _____ C:\Users\Pablo\Downloads\L2_C2_Installer.zip
      2017-09-12 15:28 - 2017-09-12 15:28 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lineage C1
      2017-09-12 15:18 - 2017-09-24 13:42 - 000000000 ____D C:\Users\Pablo\Desktop\encryption
      2017-09-12 15:16 - 2017-09-12 15:17 - 202310434 _____ C:\Users\Pablo\Downloads\l2_c1_sina2012_client_c2_patch.7z
      2017-09-12 15:12 - 2017-09-12 15:13 - 204263758 _____ C:\Users\Pablo\Downloads\l2_c1_sina2017.7z
      2017-09-12 15:12 - 2017-09-12 15:13 - 081972838 _____ C:\Users\Pablo\Downloads\l2_c1_sina2017_p2.7z
      2017-09-12 15:12 - 2017-09-12 15:13 - 000964412 _____ C:\Users\Pablo\Downloads\0_l2_c1_sina2017_update.7z
      2017-09-12 14:56 - 2017-09-12 15:01 - 1992942282 _____ C:\Users\Pablo\Downloads\lineage ii c1 (1).exe
      2017-09-12 14:55 - 2017-09-12 14:55 - 000021837 _____ C:\Users\Pablo\Downloads\Lineage2C1.torrent
      2017-09-12 13:20 - 2017-09-12 13:20 - 000000000 ____D C:\Users\Pablo\AppData\Local\GHISLER
      2017-09-12 13:19 - 2017-09-25 09:37 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\GHISLER
      2017-09-12 13:19 - 2017-09-12 13:19 - 004987672 _____ (Ghisler Software GmbH) C:\Users\Pablo\Downloads\tcmd900ax64.exe
      2017-09-12 12:29 - 2017-09-12 12:36 - 1833888948 _____ C:\Users\Pablo\Downloads\L2Firebird_CH2.exe
      2017-09-12 10:11 - 2017-09-12 10:11 - 184833600 _____ C:\Users\Pablo\Downloads\ProjectC2-Beta4.rar
      2017-09-12 10:07 - 2017-09-12 10:08 - 179249443 _____ C:\Users\Pablo\Downloads\LineageII_C1.rar
      2017-09-06 18:36 - 2017-09-06 18:36 - 000000022 _____ C:\Users\Pablo\Downloads\MEGA-RECOVERYKEY.txt
      2017-09-04 09:38 - 2017-09-25 11:54 - 000000000 ____D C:\Program Files (x86)\Yahoo!
      2017-09-02 10:24 - 2017-09-03 10:09 - 000001754 _____ C:\Users\Pablo\Desktop\WiiU_USB_Helper.lnk
      2017-08-28 19:30 - 2017-08-28 19:33 - 000000000 ____D C:\Users\Pablo\Desktop\cemu_1.9.1
      2017-08-28 19:28 - 2017-08-02 08:25 - 000000000 ____D C:\Users\Pablo\Desktop\cemu_1.9.0
      2017-08-27 18:15 - 2017-08-27 18:17 - 000000000 ____D C:\Users\Pablo\AppData\Local\Plex Media Server
      2017-08-27 18:15 - 2017-08-27 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
      2017-08-27 18:15 - 2017-08-27 18:15 - 000000000 ____D C:\Program Files (x86)\Plex
      2017-08-26 13:47 - 2017-08-26 13:47 - 000029000 _____ C:\Windows\SysWOW64\Drivers\X6va064_2017.08.26.11.47.39
      2017-08-26 13:29 - 2017-08-29 22:13 - 000000000 ____D C:\Users\Pablo\Desktop\wii u hack files
      2017-08-26 13:29 - 2017-08-26 13:32 - 000000000 ____D C:\Users\Pablo\AppData\Local\Hikari06
      
      ==================== One Month Modified files and folders ========
      
      (If an entry is included in the fixlist, the file/folder will be moved.)
      
      2017-09-25 12:00 - 2017-04-21 09:43 - 003515036 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-09-25 12:00 - 2016-07-17 00:40 - 001597256 _____ C:\Windows\system32\perfh00A.dat
      2017-09-25 12:00 - 2016-07-17 00:40 - 000412010 _____ C:\Windows\system32\perfc00A.dat
      2017-09-25 11:59 - 2017-04-21 09:46 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-09-25 11:54 - 2017-04-23 18:49 - 000000000 ____D C:\ProgramData\VMware
      2017-09-25 11:54 - 2017-04-21 09:37 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-09-25 11:54 - 2016-07-16 08:04 - 000524288 _____ C:\Windows\system32\config\BBI
      2017-09-25 11:45 - 2017-04-25 12:53 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\TeamViewer
      2017-09-25 11:45 - 2017-04-21 20:18 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\MPC-HC
      2017-09-25 11:42 - 2017-04-23 18:50 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\VMware
      2017-09-25 11:42 - 2017-04-23 18:50 - 000000000 ____D C:\Users\Pablo\AppData\Local\VMware
      2017-09-25 11:42 - 2017-04-21 10:09 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\TS3Client
      2017-09-25 10:32 - 2017-08-04 09:37 - 000000000 ____D C:\Users\Pablo\AppData\Local\Nox
      2017-09-25 10:21 - 2017-08-05 09:50 - 000000000 ____D C:\Users\Pablo\vmlogs
      2017-09-25 10:21 - 2017-08-04 09:38 - 000000000 ____D C:\Users\Pablo\.BigNox
      2017-09-25 10:21 - 2017-07-22 01:03 - 000000000 ____D C:\Users\Pablo\.android
      2017-09-25 10:07 - 2017-04-21 10:33 - 000000000 ____D C:\Program Files (x86)\Steam
      2017-09-25 10:07 - 2017-04-21 09:48 - 000000000 ____D C:\Users\Pablo\AppData\Local\CrashDumps
      2017-09-25 10:07 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF
      2017-09-25 09:25 - 2017-04-21 09:36 - 000000000 ____D C:\Windows\system32\SleepStudy
      2017-09-24 21:04 - 2017-04-21 21:49 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\uTorrent
      2017-09-24 10:47 - 2017-04-21 09:41 - 000000000 ____D C:\Users\Pablo
      2017-09-24 10:22 - 2017-04-21 10:09 - 000000000 ____D C:\ProgramData\Package Cache
      2017-09-24 10:15 - 2017-04-21 09:43 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\Skype
      2017-09-21 17:40 - 2017-08-04 09:38 - 000001040 _____ C:\Users\Pablo\Desktop\Nox.lnk
      2017-09-21 17:40 - 2017-06-20 19:37 - 000002371 _____ C:\Users\Pablo\Desktop\Vivaldi.lnk
      2017-09-21 17:40 - 2017-06-19 02:03 - 000001019 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
      2017-09-21 17:40 - 2017-06-14 03:57 - 000001279 _____ C:\Users\Public\Desktop\OBS Studio.lnk
      2017-09-21 17:40 - 2017-05-20 12:13 - 000001938 _____ C:\Users\Public\Desktop\ImgBurn.lnk
      2017-09-21 17:40 - 2017-05-19 19:46 - 000002198 _____ C:\Users\Public\Desktop\DiscJuggler.lnk
      2017-09-21 17:40 - 2017-05-19 16:44 - 000002232 _____ C:\Users\Pablo\Desktop\JDownloader 2.lnk
      2017-09-21 17:40 - 2017-05-12 12:43 - 000000898 _____ C:\Users\Public\Desktop\Overwatch.lnk
      2017-09-21 17:40 - 2017-05-12 12:34 - 000000996 _____ C:\Users\Public\Desktop\Aplicación de Blizzard.lnk
      2017-09-21 17:40 - 2017-05-05 21:31 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
      2017-09-21 17:40 - 2017-04-23 18:49 - 000001276 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
      2017-09-21 17:40 - 2017-04-21 10:33 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
      2017-09-21 17:40 - 2017-04-21 10:16 - 000001442 _____ C:\Users\Pablo\Desktop\Photoshop CS5 Extended.lnk
      2017-09-21 17:40 - 2017-04-21 10:09 - 000001031 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
      2017-09-21 17:40 - 2017-04-21 09:55 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-09-21 09:51 - 2017-05-01 20:27 - 000000000 ___RD C:\Program Files (x86)\Skype
      2017-09-21 09:51 - 2017-05-01 20:27 - 000000000 ____D C:\ProgramData\Skype
      2017-09-20 11:26 - 2017-04-26 12:01 - 000000132 _____ C:\Users\Pablo\AppData\Roaming\Adobe PNG Format CS5 Prefs
      2017-09-19 16:50 - 2017-04-28 13:15 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
      2017-09-19 16:50 - 2017-04-21 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
      2017-09-19 16:50 - 2017-04-21 09:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2017-09-16 15:10 - 2017-06-09 16:01 - 000000000 ____D C:\Games
      2017-09-15 10:31 - 2017-04-23 18:57 - 000000000 ____D C:\Users\Pablo\Documents\Virtual Machines
      2017-09-12 18:21 - 2017-04-21 09:42 - 000000000 ____D C:\Users\Pablo\AppData\Local\VirtualStore
      2017-09-12 09:29 - 2017-04-21 20:26 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\USB_HELPER
      2017-09-12 09:28 - 2017-04-21 20:25 - 000000000 ____D C:\Users\Pablo\AppData\Local\Deployment
      2017-09-08 14:33 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness
      2017-09-07 17:04 - 2017-07-08 09:33 - 000000222 _____ C:\Users\Pablo\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
      2017-09-07 10:22 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
      2017-09-06 16:04 - 2017-06-09 05:00 - 000000000 ____D C:\Users\Pablo\AppData\Local\MegaDownloader
      2017-09-04 09:36 - 2017-06-26 17:09 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
      2017-09-04 09:36 - 2017-06-26 17:09 - 000000000 ____D C:\Program Files (x86)\Java
      2017-09-04 09:36 - 2017-04-22 01:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2017-09-04 09:36 - 2017-04-21 10:41 - 000000000 ____D C:\ProgramData\Oracle
      2017-08-30 16:32 - 2017-04-21 10:43 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2017-08-29 09:33 - 2017-04-21 09:55 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-08-28 19:33 - 2017-07-22 14:57 - 000000000 ____D C:\Users\Pablo\Desktop\cemu_1.8.1b
      2017-08-26 13:32 - 2017-04-21 20:25 - 000000000 ____D C:\Users\Pablo\Desktop\WII U HACK
      2017-08-26 13:28 - 2017-06-22 13:15 - 000000000 ____D C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WiiU_USB_Helper
      
      ==================== Files in the root of some directories =======
      
      2017-09-24 21:07 - 2017-03-09 12:45 - 000277504 _____ () C:\Program Files\CyberGhost.RESTCommunicator.dll
      2017-04-26 12:01 - 2017-09-20 11:26 - 000000132 _____ () C:\Users\Pablo\AppData\Roaming\Adobe PNG Format CS5 Prefs
      2017-04-27 13:42 - 2017-04-27 13:42 - 000000431 _____ () C:\Users\Pablo\AppData\Roaming\WiinUSoft_prefs.config
      2017-05-30 03:27 - 2017-05-30 03:28 - 000001456 _____ () C:\Users\Pablo\AppData\Local\Adobe Guardar para Web 11.0 Prefs
      2017-05-29 00:37 - 2017-05-29 00:37 - 000000017 _____ () C:\Users\Pablo\AppData\Local\resmon.resmoncfg
      2017-04-21 10:38 - 2017-04-21 10:38 - 000000003 _____ () C:\Users\Pablo\AppData\Local\updater.log
      2017-04-21 10:38 - 2017-05-06 22:53 - 000000425 _____ () C:\Users\Pablo\AppData\Local\UserProducts.xml
      2017-04-21 17:41 - 2017-04-21 17:41 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
      
      ==================== Bamital & volsnap ======================
      
      (There is no automatic fix for files that do not pass verification.)
      
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      
      LastRegBack: 2017-09-12 09:53
      
      ==================== End of FRST.txt ============================

    6. #6
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      23.641

      Re: [Ayuda] Limpiando mi PC (Informes Ccleaner + IFS.log)

      Bien...... y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :


      • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

      • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

      • Pulsar en Run.

      Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

      Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad: (Se excluye la palabra código)

      Código:
      START
      CREATERESTOREPOINT:
      CLOSEPROCESSES:
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      Shortcut: C:\Users\Pablo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lineage C1\L2C1 WIN7-Vista.bat.lnk -> C:\Games\L2C1\system\l2.bat (No File)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      IFEO\l2.exe: [Debugger]
      GroupPolicy: Restriction <==== ATTENTION
      FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
      S3 CAXHWCD2; \SystemRoot\system32\DRIVERS\CAXHWCD2.sys [X]
      S3 HSF_DPV; \SystemRoot\system32\DRIVERS\CAX_DPV.sys [X]
      S3 winachsf; \SystemRoot\system32\DRIVERS\CAX_CNXT.sys [X]
      S3 X6va064; \??\C:\Windows\SysWoW64\Drivers\X6va064 [X]
      2017-09-24 21:07 - 2017-03-09 12:45 - 000277504 _____ () C:\Program Files\CyberGhost.RESTCommunicator.dll
      2017-04-26 12:01 - 2017-09-20 11:26 - 000000132 _____ () C:\Users\Pablo\AppData\Roaming\Adobe PNG Format CS5 Prefs
      2017-04-27 13:42 - 2017-04-27 13:42 - 000000431 _____ () C:\Users\Pablo\AppData\Roaming\WiinUSoft_prefs.config
      2017-05-30 03:27 - 2017-05-30 03:28 - 000001456 _____ () C:\Users\Pablo\AppData\Local\Adobe Guardar para Web 11.0 Prefs
      2017-05-29 00:37 - 2017-05-29 00:37 - 000000017 _____ () C:\Users\Pablo\AppData\Local\resmon.resmoncfg
      2017-04-21 10:38 - 2017-04-21 10:38 - 000000003 _____ () C:\Users\Pablo\AppData\Local\updater.log
      2017-04-21 10:38 - 2017-05-06 22:53 - 000000425 _____ () C:\Users\Pablo\AppData\Local\UserProducts.xml
      2017-04-21 17:41 - 2017-04-21 17:41 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      CMD: netsh advfirewall reset
      CMD: netsh advfirewall set allprofiles state ON
      CMD: netsh int ipv4 reset
      CMD: netsh int ipv6 reset
      END
      Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio <<< Esto es muy importante.

      Nota: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo



      • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas "Ejecutar como Administrador")
      • Presionar el botón FIX y aguardar a que termine.
      • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).


      Pegar el contenido de este fichero en tu próxima respuesta.

      Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de pablo699
      Registrado
      ene 2009
      Ubicación
      Barcelona
      Mensajes
      8

      Re: [Ayuda] Limpiando mi PC (Informes Ccleaner + IFS.log)

      Gracias amigo, me va todo perfecto.

      Un saludo

    8. #8
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      23.641

      Re: [Ayuda] Limpiando mi PC (Informes Ccleaner + IFS.log)

      Hola.

      NO hemos todavia terminado, pon el informe de ese ultimo proceso para que pueda evaluarlo y luego te daré pasos finales de eliminación de herramientas.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.