Tengo una ventana de Regasm.exe que se abre y se cierra casa 2 minutos, ayuda

la ventana se abre y se cierra en todo momento. el nombre de la ventana es C:\Users\Tirado\AppData\Roaming\wwfejse

Se abre a cada rato?

siii, esta abierta ahora mismo minimizada. se inicia desde que enciendo la pc, se cierra sola y se abre sola a cada rato

Amigo efectivamente tienes malware

Buenas y con permiso

@mia155 bienvenid@ al foro

Te dejo algunos temas de interés y utilidad:

Si te parece vamos a iniciar revisando que esta pasando con exactitud. Realiza lo siguiente:

:white_check_mark: Revisa el siguiente manual a detalle y ejecuta FRST:

  • No olvides ejecutarlo desde el escritorio.
  • Presta especial atención a las instrucciones de como pegar el reporte.

Nos traerías los reportes de FRST: Frst.txt y Adition.txt.

Saludos

NOTAS IMPORTANTES:

° Evite realizar procedimientos fuera de este tema a partir de este punto.

° NO descargue o instale mas programas mientras terminamos la desinfección.

° No vuelva a ejecutar ningún otro programa antivirus/antimalwares ni FRST hasta que vuelva con una respuesta.

FRST.txt

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 14-08-2021
Ejecutado por Tirado (administrador) sobre DESKTOP-K4U02BT (Dell Inc. Inspiron 5570) (17-08-2021 20:51:24)
Ejecutado desde C:\Users\Tirado\Downloads
Perfiles cargados: Tirado
Platform: Windows 10 Home Versión 20H2 19042.1110 (X64) Idioma: Español (México)
Navegador predeterminado: Edge
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Tirado\Downloads\adwcleaner_8.3.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-01-25] (Adobe Inc. -> )
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-08-05] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [2194792 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Run: [utweb] => C:\Users\Tirado\AppData\Roaming\uTorrent Web\utweb.exe [5836832 2021-04-19] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Run: [uTorrent] => C:\Users\Tirado\AppData\Roaming\uTorrent\uTorrent.exe [1964072 2021-06-27] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Run: [btweb] => C:\Users\Tirado\AppData\Roaming\BitTorrent Web\btweb.exe [5885472 2021-04-19] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Run: [Opera Browser Assistant] => C:\Users\Tirado\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4079824 2021-07-07] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Run: [MicrosoftEdgeAutoLaunch_41BB6C54C59B534B62A3EA335B917C6A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65096 2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-17] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\91.0.10364.115\Installer\chrmstp.exe [2021-06-26] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {19CDC807-55F7-450E-A5B1-51B80685CC1A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {2CEB4274-3548-4BC7-A483-65C892E27668} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0" /ENABLE
Task: {2CEB4274-3548-4BC7-A483-65C892E27668} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {2CEB4274-3548-4BC7-A483-65C892E27668} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {2CEB4274-3548-4BC7-A483-65C892E27668} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\OneDrive Per-Machine Standalone Update Task" /ENABLE
Task: {2CEB4274-3548-4BC7-A483-65C892E27668} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1620425354" /ENABLE
Task: {2CEB4274-3548-4BC7-A483-65C892E27668} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1620425341" /ENABLE
Task: {2CEB4274-3548-4BC7-A483-65C892E27668} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {44365E31-1FD6-4B0F-8E6F-4DA3A6E2E3C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {45E52DB4-B140-4F8D-B8C8-2CD9304326D4} - System32\Tasks\Opera scheduled Autoupdate 1620425341 => C:\Users\Tirado\AppData\Local\Programs\Opera\launcher.exe
Task: {4EDEA218-7EA2-4CBB-B4F5-CA85B372F668} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722536 2021-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {51034CAF-0770-41E0-A3DF-5CEB9DEC81E9} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2277640 2021-05-31] (Avast Software s.r.o. -> AVAST Software)
Task: {59BBD0DC-9983-4A26-9641-6CA48CBC9CAD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-07] (Google LLC -> Google LLC)
Task: {624BCDD1-300D-4D48-975B-837D4C24D03B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-07] (Avast Software s.r.o. -> AVAST Software)
Task: {65939936-8839-49D0-AD22-7A3D604BCD4C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {77E5303A-C6EC-4A6D-BC83-038B21513ED8} - System32\Tasks\Opera scheduled assistant Autoupdate 1620425354 => C:\Users\Tirado\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Tirado\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {7AF8C1F5-3299-43F4-81FC-9F0AFFEF75A3} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7F5FC704-5922-4404-B206-559D8BD049B9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {885FD6B7-018C-48C5-BD1E-4DB3E3935AE5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722536 2021-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {91A47E40-F28C-4B2B-8B4C-E92DEEC35FE8} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {9DE50C02-0DA2-4027-A447-A2D89CF0D3DD} - System32\Tasks\ioloAVDefsDownloader => C:\Program Files\Norton Utilities Premium\SSDefs.exe
Task: {A9A2261B-757C-41B9-8DB1-1A2A39E52695} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AD1BF219-9B4F-4CD6-965F-538CE89E4472} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB957EAD-888D-4378-B4F9-5065EF756C4A} - System32\Tasks\Firefox Default Browser Agent 033797C168DD9FAE => C:\Users\Tirado\AppData\Roaming\wwfejse [65440 2021-07-01] (Microsoft Corporation -> Microsoft Corporation) <==== ATENCIÓN
Task: {C33D621B-4256-453B-A62F-7A4EE8FF704E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-07] (Avast Software s.r.o. -> AVAST Software)
Task: {C715D4D6-B77E-4EAD-A89B-6C980BD32CAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-07] (Google LLC -> Google LLC)
Task: {C73370B6-4D73-45EB-AA8A-ED679BBC385C} - System32\Tasks\ioloSystemShield => C:\Program Files\Norton Utilities Premium\ioloSSTray.exe
Task: {C97015F3-E404-4F25-952D-E1E4705125E1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2277640 2021-05-31] (Avast Software s.r.o. -> AVAST Software)
Task: {C9A27B95-8B06-40D6-88D4-11F5380D44F6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDA9F16D-09C5-470B-94C8-294FF83C1CEF} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2837864 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{5578d9d3-16b1-4e0f-95c9-46a65a697a58}: [DhcpNameServer] 10.0.0.1

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge Profile: C:\Users\Tirado\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-17]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-27]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-08-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-07] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-07] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-08-05] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default [2021-08-17]
CHR Notifications: Default -> hxxps://forospyware.com; hxxps://meet.google.com
CHR Extension: (Presentaciones) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-07]
CHR Extension: (Safe Torrent Scanner) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-07-01]
CHR Extension: (Documentos) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-07]
CHR Extension: (Google Drive) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-07]
CHR Extension: (YouTube) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-08-07]
CHR Extension: (Hojas de cálculo) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-27]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-08-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-17]
CHR Extension: (uTorrent Link Sender) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jakpnimgfpjlkigbndhbfhhamkdfokpb [2021-06-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-07]
CHR Extension: (Gmail) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-25]
CHR Profile: C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-17]
CHR Profile: C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-08-17]
CHR Extension: (Presentaciones) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-30]
CHR Extension: (Documentos) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-06-30]
CHR Extension: (Google Drive) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-30]
CHR Extension: (YouTube) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-06-30]
CHR Extension: (Hojas de cálculo) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-30]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-30]
CHR Extension: (Gmail) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-06-30]
CHR Extension: (Chrome Media Router) - C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-30]
CHR Profile: C:\Users\Tirado\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera: 
=======
OPR Profile: C:\Users\Tirado\AppData\Roaming\Opera Software\Opera Stable [2021-08-17]
OPR Extension: (Rich Hints Agent) - C:\Users\Tirado\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-05-07]
OPR Extension: (Safe Torrent Scanner) - C:\Users\Tirado\AppData\Roaming\Opera Software\Opera Stable\Extensions\gpabaecgmgbeapjghcfhohnbljcocknl [2021-05-07]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-08-05] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-07] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-07] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\91.0.10364.115\elevation_service.exe [1421288 2021-06-18] (Avast Software s.r.o. -> AVAST Software)
S2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-06] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142128 2021-08-05] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\FileSyncHelper.exe [2380152 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-17] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\OneDriveUpdaterService.exe [2738552 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AndDiag; C:\WINDOWS\System32\drivers\lganddiag64.sys [27648 2019-01-14] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [30208 2019-01-14] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [117472 2020-10-12] (Tenorshare Co.,Ltd. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-17] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-17] (Malwarebytes Inc -> Malwarebytes)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [52960 2020-10-12] (Tenorshare Co.,Ltd. -> QUALCOMM Incorporated)
S3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2021-06-28] (Bitdefender SRL -> Bitdefender)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-08-17 20:33 - 2021-08-17 20:41 - 000037969 _____ C:\Users\Tirado\Downloads\Addition.txt
2021-08-17 20:27 - 2021-08-17 20:54 - 000025742 _____ C:\Users\Tirado\Downloads\FRST.txt
2021-08-17 20:25 - 2021-08-17 20:53 - 000000000 ____D C:\FRST
2021-08-17 20:25 - 2021-08-17 20:25 - 002300416 _____ (Farbar) C:\Users\Tirado\Downloads\FRST64.exe
2021-08-17 20:24 - 2021-08-17 20:24 - 000000552 _____ C:\Users\Tirado\Documents\cc_20210817_202404.reg
2021-08-17 20:21 - 2021-08-17 20:21 - 000002702 _____ C:\Users\Tirado\Documents\cc_20210817_202133.reg
2021-08-17 20:20 - 2021-08-17 20:20 - 000049844 _____ C:\Users\Tirado\Documents\cc_20210817_202021.reg
2021-08-17 19:59 - 2021-08-17 19:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-17 19:59 - 2021-08-17 19:59 - 000002890 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-08-17 19:59 - 2021-08-17 19:59 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-08-17 19:59 - 2021-08-17 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-08-17 19:59 - 2021-08-17 19:59 - 000000000 ____D C:\Program Files\CCleaner
2021-08-17 19:57 - 2021-08-17 19:57 - 036246064 _____ (Piriform Software Ltd) C:\Users\Tirado\Downloads\ccsetup583 (1).exe
2021-08-17 19:33 - 2021-08-17 19:52 - 000000000 ____D C:\AdwCleaner
2021-08-17 19:33 - 2021-08-17 19:33 - 008553680 _____ (Malwarebytes) C:\Users\Tirado\Downloads\adwcleaner_8.3.0.exe
2021-08-17 19:23 - 2021-08-17 19:23 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-17 19:23 - 2021-08-17 19:23 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-17 19:22 - 2021-08-17 19:22 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-17 19:22 - 2021-08-17 19:21 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-17 19:22 - 2021-08-17 19:21 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-17 19:20 - 2021-08-17 19:20 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-17 19:14 - 2021-08-17 19:14 - 002120496 _____ (Malwarebytes) C:\Users\Tirado\Downloads\MBSetup.exe
2021-08-16 18:29 - 2021-08-16 18:29 - 000000000 ___HD C:\$WinREAgent
2021-08-10 17:22 - 2021-08-10 17:22 - 000738411 _____ C:\Users\Tirado\Desktop\reel prueba 2.mp4
2021-08-10 17:09 - 2021-08-10 17:09 - 001829515 _____ C:\Users\Tirado\Desktop\reel prueba 1.mp4
2021-08-06 18:54 - 2021-08-06 18:54 - 000065908 _____ C:\Users\Tirado\Downloads\Mia Bella Romero CV  (1).pdf
2021-08-06 18:12 - 2021-08-06 18:12 - 082496826 _____ C:\Users\Tirado\Desktop\Mia Romero-Editor demo reel .mp4
2021-08-06 18:06 - 2021-08-06 18:06 - 000212548 _____ C:\Users\Tirado\Desktop\reel Mia_work in progress Copy.prproj
2021-08-06 18:06 - 2021-08-06 18:06 - 000212546 _____ C:\Users\Tirado\Desktop\reel Mia_1 Copy.prproj
2021-08-05 22:06 - 2021-08-05 22:06 - 082510454 _____ C:\Users\Tirado\Desktop\Mia Romero- Editor demo reel.mp4
2021-08-05 21:58 - 2021-08-10 17:22 - 000000000 ____D C:\Users\Tirado\Desktop\Adobe Premiere Pro Auto-Save
2021-08-05 21:58 - 2021-08-07 02:51 - 000212886 _____ C:\Users\Tirado\Desktop\reel Mia_1.prproj
2021-08-05 20:12 - 2021-08-05 20:12 - 000659594 _____ C:\Users\Tirado\Downloads\MIA.mov
2021-08-05 18:23 - 2021-08-05 18:23 - 000000000 ____D C:\Users\Tirado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-08-05 17:59 - 2021-08-10 16:59 - 000001299 _____ C:\Users\Tirado\Desktop\Adobe Premiere Pro 2020.lnk
2021-08-05 17:59 - 2021-08-05 17:59 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2021-08-05 17:17 - 2021-08-05 17:17 - 000000000 ____D C:\Users\Tirado\Downloads\Adobe Premiere Pro 2020 v14.7.0.23 (x64) Patched
2021-08-05 17:12 - 2021-08-05 17:12 - 000000000 ____D C:\Users\Tirado\Downloads\Adobe Premiere Pro 2020 v14.0.3.1 (x64) (Pre-Activated) {B4tman}
2021-08-05 17:08 - 2021-08-05 17:08 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2019.lnk
2021-08-05 17:06 - 2021-08-05 17:06 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2021-08-05 16:59 - 2021-08-05 17:22 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-08-05 16:59 - 2021-08-05 17:22 - 000001352 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2021-08-05 16:39 - 2021-08-05 16:54 - 1818573550 _____ C:\Users\Tirado\Downloads\Adobe Premiere Pro CC 2019 Pre-Cracked.zip
2021-08-05 16:28 - 2021-08-05 16:28 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2021.lnk
2021-08-05 16:26 - 2021-08-05 16:23 - 005887488 _____ (Microsoft Corporation) C:\Users\Tirado\AppData\Roaming\DataExchangeHost.exe
2021-08-05 16:25 - 2021-08-05 16:24 - 001035776 _____ (Microsoft Corporation) C:\Users\Tirado\AppData\Roaming\LaunchTM.exe
2021-08-05 16:23 - 2021-08-17 19:49 - 000000000 ____D C:\Users\Tirado\AppData\Roaming\Cached files
2021-08-05 16:20 - 2021-08-05 16:20 - 000000000 ____D C:\Program Files (x86)\Adobe]
2021-08-05 15:49 - 2021-08-05 15:49 - 000000000 ____D C:\Users\Tirado\Downloads\Adobe Premiere Pro 2021 v15.2.0.35 FULL Multi (x64) Pre-Patched
2021-08-05 04:52 - 2021-08-05 05:40 - 1732968035 _____ C:\Users\Tirado\Downloads\iCarly.2021.S01E09.HDR.2160p.WEB.H265-GGWP[eztv.re].mkv
2021-08-05 04:27 - 2021-08-05 04:43 - 1823972593 _____ C:\Users\Tirado\Downloads\iCarly.2021.S01E07.1080p.WEB.H264-GGWP.mkv
2021-08-05 03:15 - 2021-08-05 04:09 - 1743490038 _____ C:\Users\Tirado\Downloads\iCarly.2021.S01E06.1080p.WEB.H264-GLHF.mkv
2021-08-05 03:04 - 2021-08-05 03:05 - 000000000 ____D C:\Users\Tirado\Desktop\Icarly
2021-08-05 03:03 - 2021-08-05 03:11 - 000000000 ____D C:\Users\Tirado\Desktop\Gossip girl
2021-08-05 03:02 - 2021-08-05 04:27 - 1752671305 _____ C:\Users\Tirado\Downloads\iCarly.2021.S01E05.HDR.2160p.WEB.H265-GGWP.mkv
2021-08-05 00:54 - 2021-08-05 00:55 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-08-05 00:53 - 2021-08-17 19:03 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-08-03 18:54 - 2021-08-03 18:54 - 000065908 _____ C:\Users\Tirado\Downloads\Mia Bella Romero CV .pdf
2021-08-02 20:20 - 2021-08-02 20:20 - 000066430 _____ C:\Users\Tirado\Downloads\CV Mia Bella Romero.pdf
2021-08-02 18:29 - 2021-08-02 18:29 - 000104135 _____ C:\Users\Tirado\Downloads\tarifa primavera 2021.pdf
2021-08-02 18:10 - 2021-08-05 00:37 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-08-02 18:09 - 2021-08-02 18:09 - 000000040 ____H C:\216D83F6EECA
2021-08-02 18:08 - 2021-08-02 18:08 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-08-02 18:08 - 2021-08-02 18:08 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-08-02 18:08 - 2021-08-02 18:08 - 000002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2021-08-02 17:44 - 2021-08-02 17:47 - 000000000 ____D C:\Users\Tirado\Desktop\Adobe Acrobat XI
2021-08-02 17:36 - 2021-08-02 17:36 - 000000000 ____D C:\Users\Tirado\Downloads\Adobe Acrobat XI Pro 11.0.20 + Crack [Tech-Tools.ME]
2021-08-02 17:06 - 2021-08-02 18:17 - 000056077 _____ C:\Users\Tirado\Downloads\Screen Shot 2020-08-04 at 10.51.23 AM.pdf
2021-07-30 15:22 - 2021-07-30 15:22 - 000071069 _____ C:\Users\Tirado\Downloads\Azul Minimalista Infografía Currículum.pdf
2021-07-30 03:03 - 2021-07-30 03:03 - 000000000 _____ C:\WINDOWS\system32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2021-07-29 23:14 - 2021-07-29 23:14 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2021-07-29 23:14 - 2021-07-29 23:14 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2021-07-29 22:17 - 2021-07-29 22:17 - 000000000 ____D C:\Users\Tirado\AppData\Local\Comodo
2021-07-29 02:43 - 2021-07-29 02:44 - 000044574 _____ C:\TDSSKiller.3.1.0.28_29.07.2021_02.43.39_log.txt
2021-07-29 01:32 - 2021-07-29 01:32 - 000000000 ____D C:\SUPERDelete
2021-07-28 19:52 - 2021-07-30 03:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2021-07-28 19:52 - 2021-07-28 19:52 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2021-07-28 19:15 - 2021-07-28 19:26 - 000000000 ____D C:\Users\Tirado\AppData\Local\NPE
2021-07-28 19:12 - 2021-07-28 19:13 - 000000000 ____D C:\Users\Tirado\Downloads\Norton_Utilities_Premium_v21.4.1.199
2021-07-28 19:05 - 2021-07-29 01:25 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2021-07-28 19:05 - 2021-07-28 19:40 - 000000000 ____D C:\ProgramData\NortonInstaller
2021-07-28 19:05 - 2021-07-28 19:40 - 000000000 ____D C:\Program Files (x86)\Norton AntiVirus
2021-07-28 18:55 - 2021-07-28 18:55 - 000004060 _____ C:\WINDOWS\system32\Tasks\ioloAVDefsDownloader
2021-07-28 18:55 - 2021-07-28 18:55 - 000003478 _____ C:\WINDOWS\system32\Tasks\ioloSystemShield
2021-07-28 18:51 - 2021-08-17 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NortonLifeLock
2021-07-28 18:51 - 2021-07-28 18:55 - 000000000 ____D C:\Users\Tirado\AppData\Roaming\Norton
2021-07-28 18:51 - 2021-07-28 18:51 - 000000000 ____D C:\Program Files\Common Files\Norton
2021-07-28 18:50 - 2021-08-17 19:11 - 000000000 ____D C:\ProgramData\Norton
2021-07-28 18:49 - 2021-07-28 18:50 - 000000000 ____D C:\Users\Tirado\Downloads\Norton Utilities Premium 17.0.3.658 + Crack
2021-07-28 18:37 - 2021-07-28 18:43 - 000002162 _____ C:\WINDOWS\epplauncher.mif
2021-07-28 03:12 - 2021-07-28 03:55 - 000005028 ____H C:\Users\Tirado\Downloads\.ca1833701b5b1cfa9a10f73bc3336ff8ab1d5d85.parts
2021-07-28 02:28 - 2021-07-28 02:28 - 000000000 ____D C:\Users\Tirado\Downloads\Space.Jam.A.New.Legacy.2021.SPANiSH.1080p.HMAX.WEB-DL.x264-dem3nt3
2021-07-28 02:24 - 2021-07-28 02:24 - 000000000 ____D C:\Users\Tirado\Downloads\One.Day.at.Disney.2019.1080p.WEB.h264-WALT[TGx]
2021-07-28 02:17 - 2021-07-28 02:19 - 000005267 ____H C:\Users\Tirado\Downloads\.a6a7d61b4c6dae3ecf5f960da08bf658f4ee6ab5.parts
2021-07-28 02:17 - 2021-07-28 02:17 - 000000000 ____D C:\Users\Tirado\Downloads\Space Jam a New Legacy 2021 YG
2021-07-26 18:20 - 2021-07-26 18:20 - 000188336 _____ C:\Users\Tirado\Downloads\Caja Chica.pdf
2021-07-26 18:15 - 2021-07-26 18:15 - 000188336 _____ C:\Users\Tirado\Downloads\Inversion ciclo 7 Vanessa Garcia_organized (1).pdf
2021-07-26 18:14 - 2021-07-26 18:14 - 000446681 _____ C:\Users\Tirado\Downloads\Inversion ciclo 7 Vanessa Garcia_organized.pdf
2021-07-26 16:59 - 2021-07-26 16:59 - 000633800 _____ C:\Users\Tirado\Downloads\Inversion ciclo 7 Vanessa Garcia.pdf
2021-07-26 16:57 - 2021-07-26 20:55 - 000562122 _____ C:\Users\Tirado\Downloads\Image (4) (1).jpeg
2021-07-26 16:57 - 2021-07-26 20:55 - 000473545 _____ C:\Users\Tirado\Downloads\Image (5) (1)~4.jpeg
2021-07-26 16:57 - 2021-07-26 20:55 - 000427453 _____ C:\Users\Tirado\Downloads\Image (5) (1).jpeg
2021-07-26 16:57 - 2021-07-26 20:55 - 000425359 _____ C:\Users\Tirado\Downloads\Image (5) (1)~3.jpeg
2021-07-26 16:57 - 2021-07-26 20:55 - 000090332 _____ C:\Users\Tirado\Downloads\Image (7).jpeg
2021-07-26 16:57 - 2021-07-26 20:55 - 000085216 _____ C:\Users\Tirado\Downloads\Image (6).jpeg
2021-07-26 16:57 - 2021-07-26 20:55 - 000079283 _____ C:\Users\Tirado\Downloads\Image.jpeg
2021-07-26 16:56 - 2021-07-26 16:56 - 002144204 _____ C:\Users\Tirado\Downloads\OneDrive-2021-07-26 (2).zip
2021-07-26 16:33 - 2021-07-26 16:33 - 002295609 _____ C:\Users\Tirado\Downloads\Viaticos Ciclo 7 Vanessa Garcia.pdf
2021-07-26 16:33 - 2021-07-26 16:33 - 002295609 _____ C:\Users\Tirado\Downloads\organized.pdf
2021-07-26 16:30 - 2021-07-26 16:32 - 002295609 _____ C:\Users\Tirado\Downloads\PDF Viaticos ciclo7 Vanessa Garcia
2021-07-26 16:25 - 2021-07-26 16:25 - 000112605 _____ C:\Users\Tirado\Downloads\Image (4)_2.pdf
2021-07-26 16:24 - 2021-07-26 16:24 - 000478808 _____ C:\Users\Tirado\Downloads\Image (4)_2.jpeg
2021-07-26 16:17 - 2021-07-26 16:17 - 000263645 _____ C:\Users\Tirado\Downloads\Image (4) (1).pdf
2021-07-26 16:16 - 2021-07-26 16:16 - 001124518 _____ C:\Users\Tirado\Downloads\OneDrive-2021-07-26 (1).zip
2021-07-26 16:13 - 2021-07-26 16:13 - 000152253 _____ C:\Users\Tirado\Downloads\Image (2)_2.pdf
2021-07-26 16:12 - 2021-07-26 16:12 - 000553372 _____ C:\Users\Tirado\Downloads\Image (2)_2.jpeg
2021-07-26 16:06 - 2021-07-26 16:06 - 002012542 _____ C:\Users\Tirado\Downloads\Image (1).pdf
2021-07-26 16:04 - 2021-07-26 16:04 - 002836237 _____ C:\Users\Tirado\Downloads\Image (1)-1.jpeg
2021-07-26 16:02 - 2021-07-26 16:48 - 000315694 _____ C:\Users\Tirado\Downloads\Image (1).jpeg
2021-07-26 16:01 - 2021-07-26 16:01 - 008144824 _____ C:\Users\Tirado\Downloads\OneDrive-2021-07-26.zip
2021-07-24 02:40 - 2021-07-24 02:40 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-24 02:40 - 2021-07-24 02:40 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-24 02:40 - 2021-07-24 02:40 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-24 02:40 - 2021-07-24 02:40 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-24 02:39 - 2021-07-24 02:39 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-23 22:59 - 2021-07-23 22:59 - 000000000 ___HD C:\ProgramData\dc38eac0b5044b42beb18fbb1d8281f3$dpx$.tmp
2021-07-23 22:59 - 2021-07-23 22:59 - 000000000 ____D C:\Users\Tirado\AppData\Local\NetSupport
2021-07-23 22:59 - 2021-07-23 22:59 - 000000000 ____D C:\ProgramData\regid.1993-06.com.microsoft
2021-07-23 22:15 - 2021-07-23 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-07-23 02:46 - 2021-07-23 02:47 - 000073144 _____ C:\Users\Tirado\Documents\cc_20210723_024627.reg
2021-07-23 01:39 - 2021-07-23 01:39 - 000000000 ____D C:\Users\Tirado\AppData\Local\Yandex
2021-07-23 01:18 - 2021-07-23 01:18 - 036238456 _____ (Piriform Software Ltd) C:\Users\Tirado\Downloads\ccsetup583.exe
2021-07-23 01:16 - 2021-07-23 01:16 - 008306923 _____ C:\Users\Tirado\Downloads\the-cleaner-1-8-10.apk
2021-07-23 00:53 - 2021-07-23 01:48 - 000000000 ____D C:\WINDOWS\Minidump

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-08-17 20:43 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-17 20:38 - 2021-05-07 18:05 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-17 20:11 - 2021-05-13 22:10 - 000000000 ____D C:\Users\Tirado\AppData\Local\CrashDumps
2021-08-17 19:49 - 2020-11-20 13:21 - 000000000 ____D C:\Users\Tirado\AppData\LocalLow\nb98wqnehe8bw89hb
2021-08-17 19:40 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-17 19:39 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-17 19:22 - 2021-06-29 01:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-17 19:22 - 2021-06-29 01:44 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-17 19:22 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-17 19:11 - 2021-06-27 22:55 - 000000000 ____D C:\Users\postgres
2021-08-17 19:03 - 2021-05-07 18:06 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-17 19:03 - 2020-04-22 14:35 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-17 18:38 - 2020-09-27 08:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-16 19:47 - 2021-05-07 15:33 - 000000000 ____D C:\Users\Tirado\AppData\Local\Packages
2021-08-16 19:24 - 2021-05-13 19:49 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-16 18:22 - 2020-09-27 08:53 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-16 18:22 - 2020-09-27 08:53 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-16 17:55 - 2020-09-27 08:53 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-16 17:55 - 2020-09-27 08:53 - 000003456 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-16 17:47 - 2020-04-22 11:19 - 000000000 __SHD C:\Users\Tirado\IntelGraphicsProfiles
2021-08-16 17:46 - 2020-09-27 08:50 - 000455032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-16 17:43 - 2021-05-13 20:06 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-08-16 17:43 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-16 17:43 - 2020-09-19 07:01 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-16 17:43 - 2020-04-22 11:19 - 000000000 ____D C:\Intel
2021-08-16 17:43 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-16 17:38 - 2021-06-27 21:19 - 000000000 ____D C:\Users\Tirado\AppData\Roaming\uTorrent Web
2021-08-16 17:38 - 2020-04-22 11:15 - 000000000 ___RD C:\Users\Tirado\OneDrive
2021-08-10 17:22 - 2021-06-25 23:53 - 000000000 ____D C:\Users\Tirado\AppData\Roaming\vlc
2021-08-10 17:17 - 2021-05-07 18:24 - 000000000 ____D C:\Users\Tirado\AppData\Local\BitTorrentHelper
2021-08-10 17:04 - 2021-02-11 15:35 - 000000000 ____D C:\Users\Tirado\Desktop\Adobe Premiere Pro Audio Previews
2021-08-10 17:04 - 2020-11-12 17:15 - 000000000 ____D C:\Users\Tirado\Desktop\Adobe Premiere Pro Video Previews
2021-08-07 02:40 - 2021-05-07 18:53 - 000000000 ____D C:\Users\Tirado\AppData\Local\D3DSCache
2021-08-07 02:31 - 2021-06-27 23:18 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-08-07 02:31 - 2021-05-13 20:06 - 000002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-07 02:31 - 2021-04-06 15:01 - 000000000 ___RD C:\Users\postgres\OneDrive
2021-08-07 02:31 - 2020-11-02 01:43 - 000000000 ___RD C:\Users\Default\OneDrive
2021-08-05 18:23 - 2021-05-07 15:46 - 000000000 ____D C:\Users\Tirado\AppData\Roaming\Zoom
2021-08-05 18:23 - 2020-12-15 03:56 - 000001934 _____ C:\Users\Tirado\Desktop\Zoom.lnk
2021-08-05 18:16 - 2021-05-07 15:33 - 000000000 ____D C:\Users\Tirado\AppData\Roaming\Adobe
2021-08-05 17:59 - 2021-05-07 18:53 - 000000000 ____D C:\Program Files\Adobe
2021-08-05 17:27 - 2021-07-02 23:20 - 000000000 ___RD C:\Users\Tirado\Creative Cloud Files
2021-08-05 17:26 - 2021-06-27 22:55 - 000000000 ____D C:\Users\Tirado
2021-08-05 17:26 - 2021-05-07 18:48 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-08-05 17:25 - 2021-05-07 18:56 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-08-05 17:08 - 2020-04-22 17:55 - 000000000 ____D C:\Users\Public\Documents\Adobe
2021-08-05 17:02 - 2021-07-09 01:01 - 000000000 ____D C:\Users\Tirado\Downloads\One.Day.at.Disney.Shorts.S01.COMPLETE.720p.DSNP.WEBRip.x264-GalaxyTV[TGx]
2021-08-05 16:24 - 2021-07-05 04:14 - 000003736 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent 033797C168DD9FAE
2021-08-05 00:37 - 2021-05-07 18:40 - 000000000 ____D C:\Users\Tirado\AppData\Local\Adobe
2021-08-05 00:33 - 2021-06-27 23:18 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 00:33 - 2021-06-27 23:18 - 000003434 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-05 00:26 - 2021-07-02 01:48 - 000002470 _____ C:\Users\Tirado\Desktop\Stremio.lnk
2021-08-03 17:07 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-08-02 18:12 - 2021-05-07 18:40 - 000000000 ____D C:\ProgramData\Adobe
2021-08-02 18:11 - 2020-10-04 23:27 - 000000000 ____D C:\Users\Tirado\AppData\LocalLow\Adobe
2021-08-02 18:09 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-30 17:44 - 2021-07-02 19:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-07-30 16:37 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-07-30 03:03 - 2021-06-27 22:03 - 000002075 _____ C:\Users\Tirado\Desktop\uTorrent Web.lnk
2021-07-30 03:03 - 2021-06-27 21:10 - 000002854 _____ C:\Users\Tirado\Desktop\µTorrent.lnk
2021-07-29 23:16 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-29 20:18 - 2021-07-17 04:57 - 000000000 ___HD C:\Users\Tirado\.opera
2021-07-29 20:17 - 2021-06-27 23:08 - 001677940 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-29 20:17 - 2019-12-07 11:03 - 000749562 _____ C:\WINDOWS\system32\perfh00A.dat
2021-07-29 20:17 - 2019-12-07 11:03 - 000145368 _____ C:\WINDOWS\system32\perfc00A.dat
2021-07-29 20:13 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-29 03:03 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-07-29 02:35 - 2021-07-05 04:14 - 000000000 ____D C:\Users\Tirado\AppData\Local\license
2021-07-28 19:27 - 2021-07-04 01:28 - 000000000 _RSHD C:\Users\Tirado\AppData\Roaming\Google
2021-07-28 18:59 - 2021-07-08 21:27 - 000000000 ____D C:\Users\Tirado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stremio
2021-07-28 18:59 - 2021-06-27 21:33 - 000000000 ____D C:\Users\Tirado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebTorrent
2021-07-28 18:59 - 2021-04-06 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.5
2021-07-28 18:59 - 2021-03-29 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2021-07-28 18:59 - 2021-03-22 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.2
2021-07-28 18:59 - 2021-03-10 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\digiCamControl
2021-07-28 18:59 - 2020-11-27 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCareFone for WhatsApp Transfer
2021-07-28 18:59 - 2020-11-26 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-07-28 18:59 - 2020-11-22 20:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-07-28 18:59 - 2020-11-22 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2021-07-28 18:59 - 2020-11-20 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2021-07-28 18:59 - 2020-11-14 01:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WizTree
2021-07-28 18:59 - 2020-11-05 15:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2021-07-28 18:59 - 2020-10-04 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip
2021-07-28 18:59 - 2020-10-04 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-07-28 18:59 - 2020-08-31 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
2021-07-28 18:59 - 2020-05-05 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soundplant 47
2021-07-28 18:59 - 2020-04-23 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-LAN
2021-07-28 18:59 - 2020-04-22 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-07-28 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-28 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-28 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-28 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-26 15:32 - 2021-05-07 15:44 - 000000000 ____D C:\Users\Tirado\AppData\Local\PlaceholderTileLogoFolder
2021-07-23 01:48 - 2021-06-10 14:31 - 000000000 ___DC C:\WINDOWS\Panther
2021-07-23 01:30 - 2021-07-05 03:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-23 01:00 - 2021-07-05 03:43 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Archivos en la raíz de algunos directorios ========

2021-07-01 22:50 - 2021-07-01 22:50 - 000248375 ___SH () C:\Users\Tirado\AppData\Roaming\addhjht
2021-08-05 16:26 - 2021-08-05 16:23 - 005887488 _____ (Microsoft Corporation) C:\Users\Tirado\AppData\Roaming\DataExchangeHost.exe
2021-08-05 16:25 - 2021-08-05 16:24 - 001035776 _____ (Microsoft Corporation) C:\Users\Tirado\AppData\Roaming\LaunchTM.exe
2021-07-01 22:50 - 2021-07-01 22:50 - 000065440 ___SH (Microsoft Corporation) C:\Users\Tirado\AppData\Roaming\wwfejse
2021-05-07 18:48 - 2021-07-04 01:14 - 000000615 _____ () C:\Users\Tirado\AppData\Local\oobelibMkey.log
2021-07-17 05:00 - 2021-07-17 05:00 - 000007601 _____ () C:\Users\Tirado\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================`Texto preformateado`
Addition.txt
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 14-08-2021
Ejecutado por Tirado (17-08-2021 20:56:32)
Ejecutado desde C:\Users\Tirado\Downloads
Windows 10 Home Versión 20H2 19042.1110 (X64) (2021-06-28 03:19:13)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

9EA0C49729E74132AA70 (S-1-5-21-2879950493-2689463129-398557555-1005 - Limited - Enabled)
Administrador (S-1-5-21-2879950493-2689463129-398557555-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2879950493-2689463129-398557555-1002 - Limited - Disabled)
DE18F2CC239C4BD8AC92 (S-1-5-21-2879950493-2689463129-398557555-1003 - Limited - Enabled)
DefaultAccount (S-1-5-21-2879950493-2689463129-398557555-503 - Limited - Disabled)
Invitado (S-1-5-21-2879950493-2689463129-398557555-501 - Limited - Disabled)
postgres (S-1-5-21-2879950493-2689463129-398557555-1006 - Limited - Enabled) => C:\Users\postgres
Tirado (S-1-5-21-2879950493-2689463129-398557555-1001 - Administrator - Enabled) => C:\Users\Tirado
WDAGUtilityAccount (S-1-5-21-2879950493-2689463129-398557555-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\uTorrent) (Version: 3.5.5.46016 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.5.0.617 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_3) (Version: 14.0.3 - Adobe Inc.)
Adobe Premiere Pro 2021 (HKLM-x32\...\{2B1EBFAA-E2D6-494D-9E24-DA06217F5FA2}) (Version: 1.0.0 - IGI)
Adobe Premiere Pro 2021 (HKLM-x32\...\PPRO_15_2) (Version: 15.2 - Adobe Inc.)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Inc.)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 91.0.10364.115 - Los creadores de Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14228.20222 - Microsoft Corporation) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.2.1.17 - Popcorn Time) <==== ATENCIÓN
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.)
Stremio (HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Stremio) (Version: 4.4.142 - Smart Code Ltd)
uTorrent Web (HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\utweb) (Version: 1.2.2 - BitTorrent, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\ZoomUMX) (Version: 5.7.4 (804) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-08-05] (Adobe Systems Incorporated)
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-23] (INTEL CORP) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-07-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-07-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-07-17] (Netflix, Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-2879950493-2689463129-398557555-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-ACF8FEE77CBA} -> [Creative Cloud Files] => C:\Users\Tirado\Creative Cloud Files [2021-07-02 23:20]
CustomCLSID: HKU\S-1-5-21-2879950493-2689463129-398557555-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2879950493-2689463129-398557555-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-2879950493-2689463129-398557555-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-05] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-05] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-05] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-05] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-16] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.139.0711.0001\amd64\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-05] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-16] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Tirado\Desktop\mia - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"

==================== Módulos cargados (Lista blanca) =============

2015-03-16 18:34 - 2015-03-16 18:34 - 000013824 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-03] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\localhost -> localhost

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2021-05-07 15:46 - 2021-05-07 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-2879950493-2689463129-398557555-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2879950493-2689463129-398557555-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\StartupFolder: => "WSAppHelper.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WSAndroidAppHelper.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\StartupApproved\Run: => "sws"
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\StartupApproved\Run: => "ServicesDim32.exe"
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\StartupApproved\Run: => "Services64System.exe"
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{34842E96-74C1-4B10-AAB6-F009E52419DA}] => (Allow) C:\Users\Tirado\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{693BFAC2-F784-43A8-8806-A5B2EC99B8D3}] => (Allow) C:\Users\Tirado\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7C1D5A92-A05F-4CAF-81A8-5E04A9B82ACE}] => (Allow) C:\Users\Tirado\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3E3D3809-7E31-469E-9DAB-6A94A8DE9D39}] => (Allow) C:\Users\Tirado\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BC17B37D-4B50-4002-B5E0-64454A0A9A54}] => (Allow) C:\Users\Tirado\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{12BE04E5-7091-46F0-8AAC-892DB2BB9387}] => (Allow) C:\Users\Tirado\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9A10EFE3-5652-4C68-B81F-8E88A640A93F}] => (Allow) C:\Users\Tirado\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A9D8F045-5761-4F2D-8BDE-EBB5AAFA1005}] => (Allow) C:\Users\Tirado\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B0D1B9EE-0A9B-4B8E-AA31-4AA158CB3C55}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6138EBE3-3944-46FA-BE43-06E2EE333014}] => (Allow) C:\Users\Tirado\AppData\Local\Programs\Opera\77.0.4054.90\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{9A08BAE1-1E54-4D72-AB18-22F869F52788}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E22C48A9-9580-48DF-9776-CC8A479CAE04}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{37679928-DB74-4D0C-A288-33A77EC0DC4B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BD897278-E503-4E2B-80BD-57B41F0F9137}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F16DA006-9461-476C-A8FC-381E9A5D0356}] => (Allow) C:\Users\Tirado\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3765A2E1-5E98-440D-947A-8A55A5EFB5FB}] => (Allow) C:\Users\Tirado\AppData\Local\Programs\Opera\77.0.4054.172\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{32EABFDC-9791-4AA2-8138-062830568F75}C:\users\tirado\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\tirado\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Stremio (Smart Code OOD) -> Stremio Runtime)
FirewallRules: [UDP Query User{0635E0AF-DCBB-4DEB-A583-0BD50208F04C}C:\users\tirado\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\tirado\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Stremio (Smart Code OOD) -> Stremio Runtime)
FirewallRules: [{97CA3B3F-F7E3-4065-8EDD-D483A3AC2158}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{23952725-C783-400A-9737-39146FA1B561}C:\programdata\regid.1993-06.com.microsoft\svrwebui.exe] => (Allow) C:\programdata\regid.1993-06.com.microsoft\svrwebui.exe (NetSupport Ltd -> NetSupport Ltd)
FirewallRules: [UDP Query User{3016619B-5ADE-4482-A1FD-1616C8A133C6}C:\programdata\regid.1993-06.com.microsoft\svrwebui.exe] => (Allow) C:\programdata\regid.1993-06.com.microsoft\svrwebui.exe (NetSupport Ltd -> NetSupport Ltd)
FirewallRules: [{2858F0E9-139F-4316-93EC-C20CA5354D72}] => (Allow) C:\Users\Tirado\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{885095A7-7DE4-430D-B3DD-BE30ADD45325}] => (Allow) C:\Users\Tirado\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{56CD97CE-7422-4404-B905-D7FC2BB401DC}] => (Allow) C:\Users\Tirado\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8072F2C8-CEAF-4800-A50A-6C67E2A3E86B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

05-08-2021 16:11:29 Installed Adobe Premiere Pro 2021

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (08/17/2021 08:47:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en Reservado para el sistema debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)

Error: (08/17/2021 07:53:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.1073, marca de tiempo: 0x60f9d1c9
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x603971ce
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219dc5
Identificador del proceso con errores: 0x25d4
Hora de inicio de la aplicación con errores: 0x01d793bed7fb513e
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 75592545-30e8-4119-ac86-82d19e0103cb
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/16/2021 09:24:31 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en Reservado para el sistema debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)

Error: (08/16/2021 06:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: DataExchangeHost.exe, versión: 10.0.17763.1, marca de tiempo: 0x826a4900
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.1110, marca de tiempo: 0x4809adf2
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000000000034ed9
Identificador del proceso con errores: 0x27e4
Hora de inicio de la aplicación con errores: 0x01d792e929c093e3
Ruta de acceso de la aplicación con errores: C:\Users\Tirado\AppData\Local\Temp\DataExchangeHost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 4bc62aa5-f440-482e-afd6-a490b0f92d5c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/16/2021 06:03:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: DataExchangeHost.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.InvalidOperationException
   en System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
   en System.Diagnostics.Process.Kill()
   en ConsoleApp38.Program.Main(System.String[])

Error: (08/07/2021 06:46:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa AdobeNotificationClient.exe (versión 5.2.0.121) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 3ec

Hora de Inicio: 01d78a404e6a0299

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe

Id. de informe: e8944286-f6d5-425c-bdc9-ae322cc98dda

Nombre completo del paquete con errores: AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc

Id. de la aplicación relativa al paquete con errores: App

Tipo de bloqueo: Quiesce

Error: (08/05/2021 06:51:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa acrodist.exe (versión 15.23.20053.15062) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 2e48

Hora de Inicio: 01d78a4c6ea7f586

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe

Id. de informe: eb24d456-d45c-4f9a-aa64-b8aea80e8acc

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Top level window is idle

Error: (08/05/2021 06:09:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchApp.exe, versión: 10.0.19041.1110, marca de tiempo: 0xa6e985d6
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.1110, marca de tiempo: 0x4809adf2
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x000000000010bd3e
Identificador del proceso con errores: 0x1448
Hora de inicio de la aplicación con errores: 0x01d78a41d5452062
Ruta de acceso de la aplicación con errores: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 5ecd626b-24ec-4435-a93c-635fc15afe95
Nombre completo del paquete con errores: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI


Errores del sistema:
=============
Error: (08/17/2021 08:42:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-K4U02BT)
Description: El servidor {C2033652-2F07-34CC-9416-76BC5C9AD5F7} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (08/17/2021 08:41:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-K4U02BT)
Description: El servidor {C2033652-2F07-34CC-9416-76BC5C9AD5F7} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (08/17/2021 08:18:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-K4U02BT)
Description: El servidor {C2033652-2F07-34CC-9416-76BC5C9AD5F7} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (08/17/2021 08:18:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-K4U02BT)
Description: El servidor {C2033652-2F07-34CC-9416-76BC5C9AD5F7} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (08/17/2021 07:52:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (08/17/2021 07:52:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Waves Audio Services se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/17/2021 07:52:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (08/17/2021 07:52:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Platform and Thermal Framework service se terminó de manera inesperada. Esto ha sucedido 1 veces.


CodeIntegrity:
===============
Date: 2021-08-16 17:50:12
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Avast Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-07-30 03:00:18
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Información de la memoria =========================== 

BIOS: Dell Inc. 1.3.1 10/05/2020
Placa base: Dell Inc. 0D65FD
Procesador: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Porcentaje de memoria en uso: 41%
RAM física total: 11941.62 MB
RAM física disponible: 6941.91 MB
Virtual total: 13861.62 MB
Virtual disponible: 9137.01 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:930.28 GB) (Free:31.07 GB) NTFS

\\?\Volume{0dc7ade0-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.57 GB) (Free:0.53 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0DC7ADE0)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Hola nuevamente.

Ya analizando tus reportes pude detectar algunos problemas. Para resolverlos realiza lo siguiente:

:one: Crea una copia de seguridad del registro con Registry Backup, no importa si es la versión portable o instalable:

Tweaking Registry Backup

  • Después de instalar o descomprimir ejecuta el programa (de ser portable es el ejecutable TweakingRegistryBackup.exe).
  • Asegurate que en la pestaña Registry Backup este todo moarcado.
  • En Backup Name puedes dejarlo por defecto o asignar algún nombre
  • Presiona el botón BackUp now

:two: Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?

:three: En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de windows y escribiendo notepad.exe

Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:

Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {BB957EAD-888D-4378-B4F9-5065EF756C4A} - System32\Tasks\Firefox Default Browser Agent 033797C168DD9FAE => C:\Users\Tirado\AppData\Roaming\wwfejse [65440 2021-07-01] (Microsoft Corporation -> Microsoft Corporation) <==== ATENCIÓN
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
S3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2021-06-28] (Bitdefender SRL -> Bitdefender)
C:\WINDOWS\System32\drivers\trufos.sys
C:\Users\Tirado\AppData\Roaming\wwfejse
2021-08-02 18:09 - 2021-08-02 18:09 - 000000040 ____H C:\216D83F6EECA
2021-07-23 22:59 - 2021-07-23 22:59 - 000000000 ___HD C:\ProgramData\dc38eac0b5044b42beb18fbb1d8281f3$dpx$.tmp
2021-07-23 01:39 - 2021-07-23 01:39 - 000000000 ____D C:\Users\Tirado\AppData\Local\Yandex
2021-08-17 19:49 - 2020-11-20 13:21 - 000000000 ____D C:\Users\Tirado\AppData\LocalLow\nb98wqnehe8bw89hb
2021-07-01 22:50 - 2021-07-01 22:50 - 000248375 ___SH () C:\Users\Tirado\AppData\Roaming\addhjht

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers 
EmptyTemp:
End
  • Vaya a Archivo y selecciona Guardar Como.
  • En la parte de Codificación eliga Unicode o UTF8 según le de la opción.
  • Guardelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

¡:warning:ATENCIÓN! El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

  • Ejecute Frst.exe. y presione el botón Fix / Corregir
  • Espere pacientemente a que termine y no use el equipo. Al terminar el equipo podría reiniciarse
  • La Herramienta guardara el reporte en su escritorio (Fixlog.txt).

:four: Recomiendo que desinstales el siguiente programa si no te suena de algo. Puedes usar la opción de windows o RevoUninstaller:

  • Popcorn Time

Nos traerías:

  • El reporte de FixLog
  • Comentarios de como te fue y como sigue el sistema

Saludos

Fixlog.txt
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 14-08-2021
Ejecutado por Tirado (18-08-2021 19:13:12) Run:1
Ejecutado desde C:\Users\Tirado\Desktop
Perfiles cargados: Tirado & postgres & Mia
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2879950493-2689463129-398557555-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {BB957EAD-888D-4378-B4F9-5065EF756C4A} - System32\Tasks\Firefox Default Browser Agent 033797C168DD9FAE => C:\Users\Tirado\AppData\Roaming\wwfejse [65440 2021-07-01] (Microsoft Corporation -> Microsoft Corporation) <==== ATENCIÓN
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
S3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2021-06-28] (Bitdefender SRL -> Bitdefender)
C:\WINDOWS\System32\drivers\trufos.sys
C:\Users\Tirado\AppData\Roaming\wwfejse
2021-08-02 18:09 - 2021-08-02 18:09 - 000000040 ____H C:\216D83F6EECA
2021-07-23 22:59 - 2021-07-23 22:59 - 000000000 ___HD C:\ProgramData\dc38eac0b5044b42beb18fbb1d8281f3$dpx$.tmp
2021-07-23 01:39 - 2021-07-23 01:39 - 000000000 ____D C:\Users\Tirado\AppData\Local\Yandex
2021-08-17 19:49 - 2020-11-20 13:21 - 000000000 ____D C:\Users\Tirado\AppData\LocalLow\nb98wqnehe8bw89hb
2021-07-01 22:50 - 2021-07-01 22:50 - 000248375 ___SH () C:\Users\Tirado\AppData\Roaming\addhjht

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers 
EmptyTemp:
End
*****************

SystemRestore: On => Error -> 1%
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
"HKU\S-1-5-21-2879950493-2689463129-398557555-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowRun" => no encontrado
"HKU\S-1-5-21-2879950493-2689463129-398557555-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\\1" => no encontrado
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BB957EAD-888D-4378-B4F9-5065EF756C4A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB957EAD-888D-4378-B4F9-5065EF756C4A}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Firefox Default Browser Agent 033797C168DD9FAE => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Firefox Default Browser Agent 033797C168DD9FAE" => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => eliminado correctamente
HKLM\System\CurrentControlSet\Services\trufos => eliminado correctamente
trufos => servicio eliminado correctamente
C:\WINDOWS\System32\drivers\trufos.sys => movido correctamente
C:\Users\Tirado\AppData\Roaming\wwfejse => movido correctamente
C:\216D83F6EECA => movido correctamente
C:\ProgramData\dc38eac0b5044b42beb18fbb1d8281f3$dpx$.tmp => movido correctamente
C:\Users\Tirado\AppData\Local\Yandex => movido correctamente
C:\Users\Tirado\AppData\LocalLow\nb98wqnehe8bw89hb => movido correctamente
C:\Users\Tirado\AppData\Roaming\addhjht => movido correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::cb4:4586:f8b9:907%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 10.0.0.227
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 10.0.0.1

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {6F10CD0A-F73D-4E67-975E-F5EACA910E27}.
0 out of 1 jobs canceled.

========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 47469936 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2403592 B
Edge => 43764 B
Chrome => 73965415 B
Firefox => 0 B
Opera => 5002616 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 10570 B
NetworkService => 10570 B
Tirado => 24940258 B
postgres => 24940258 B
Mia => 24955129 B

RecycleBin => 1772609863 B
EmptyTemp: => 1.8 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 19:13:36 ====`Texto preformateado`

Cita

Excelente, ya la ventana no se abre y puedo usar mi pc tranquila sin molestias. muchas gracias!!!

Buenas

:white_check_mark: Como paso final descarga la siguiente herramienta:

KrPm

  • Ejecútala, acepta el declaimer.
  • Asegurate de que solo este marcada las opciones:
    • Delete Tools/ Eliminar herramientas
    • Delete now/Eliminar ahora (área de eliminar cuarentenas).
  • Presiona en Run / Ejecutar.

Si queda alguna duda/problema comentanos. Si consideras que esta todo en orden porfavor procede a dar el tema por solucionado. Para poder dar el tema por solucionado habría que marcar una respuesta como tal. Te dejo información:

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.