WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93099 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Infected computers

Started by bussw83 , Mar 07 2022 09:43 PM

hacker spyware

This topic is locked

6 replies to this topic

#1 bussw83

New Member

New Member
3 posts

Posted 07 March 2022 - 09:43 PM

I have had someone hacking me, spying on me and harrasing me for years now.

This person used to tell me things that I have in my computer and no one else know.

Even though I blocked him he always keeps doing the same stuff. He even deleted messages sent to me on my whatsapp

when I used to connect my phone to the wifi in my house.

My cpu over Works and my computer gets stuck, the internet gets slow and there is a bold black mark around some of the programs in my PC like my VPN, Firefox etc.

I have a desktop with Windows 7 and a laptop with Windows 10.

Please help me to get rid of this person for Good.

This are the results for my laptop:

FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 27-02-2022

Ejecutado por usuario (administrador) sobre DESKTOP-4OO4NRC (Dell Inc. Latitude E6220) (07-03-2022 20:29:35)

Ejecutado desde C:\Users\usuario\Desktop

Perfiles cargados: usuario

Plataforma: Microsoft Windows 10 Pro Versión 21H2 19044.1526 (X64) Idioma: Español (España, internacional)

Navegador predeterminado: Edge

Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(C:\Program Files (x86)\Windscribe\Windscribe.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeEngine.exe

(C:\Program Files (x86)\Windscribe\WindscribeService.exe ->) (Windscribe Limited -> The OpenVPN Project) C:\Program Files (x86)\Windscribe\windscribeopenvpn_2_5_4.exe

(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>

(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(C:\Users\usuario\Desktop\opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\usuario\Desktop\opera\84.0.4316.31\opera_crashreporter.exe

(explorer.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe

(explorer.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe

(explorer.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe

(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe

(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\usuario\AppData\Roaming\Telegram Desktop\Telegram.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE

(Opera Software AS -> Opera Software) C:\Users\usuario\Desktop\opera\opera.exe <39>

(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe

(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe

(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe

(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\Windscribe.exe

(Windscribe Limited -> Windscribe Limited) C:\Users\usuario\AppData\Local\Temp\_iu14D2N.tmp

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2014-03-13] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)

HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o (Ningún archivo)

HKU\S-1-5-21-3735610940-3711455475-3248009252-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2618248 2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-3735610940-3711455475-3248009252-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)

HKU\S-1-5-21-3735610940-3711455475-3248009252-1001\...\Run: [MicrosoftEdgeAutoLaunch_4A601B1257B2F39E22044BE56AC4339E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5

Startup: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jarvee.lnk [2021-12-22]

ShortcutTarget: Jarvee.lnk -> C:\Users\usuario\AppData\Roaming\Jarvee\Jarvee.exe (ABC E-COMMERCE SERVICES -> Jarvee)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1DFCBB60-53B1-44BB-ACB7-B439DB10E015} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)

Task: {1FC4DDD5-0403-4F07-BBCA-7641316C7931} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {2C6D4991-972C-4D9D-ADCF-C0CA36944161} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)

Task: {37A46D47-C58C-44ED-93C3-729421078709} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {493AF638-DE6E-49AB-85FA-CDE997EE601E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)

Task: {4A2602E9-155E-41FD-848D-88D263E5D5D4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138160 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {72924BEF-4849-430A-84F2-F867D365C226} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {75776275-F8D3-4E48-9F5D-2B86A9CF3DD3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580640 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {7D99FFD4-A44A-4576-9F9D-57F8794D732E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {AA7660F8-2A85-4E7D-8B9C-7CD5D8C1EDE6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138160 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {ADC51C0E-BCA6-4EF4-A67A-0042C1BE67BE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {C186D9FD-58E8-49A0-A860-86EBE85FD9E9} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4158856 2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

Task: {CBDFE05D-79D0-4D1E-B5B9-3BA7C276D172} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580640 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {D3052549-CF5E-4C9D-9F1A-B098E0038F10} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {E6976EE4-1460-43FA-86C0-A9D2CD729E78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {E79242BD-0B3C-4902-9B1D-8C583151E9D4} - System32\Tasks\CCleanerSkipUAC - usuario => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {E8E7755A-07B2-451F-9796-9C60F7763DBA} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3735610940-3711455475-3248009252-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4158856 2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\..\Interfaces\{2a8b176c-d8cc-40bb-9136-05ad249595ef}: [DhcpNameServer] 190.113.97.11 190.113.97.3

Tcpip\..\Interfaces\{2be1fad5-6e81-4f43-a45e-1b1edcba35df}: [DhcpNameServer] 192.168.44.1

Tcpip\..\Interfaces\{e8ca9627-cc2a-485c-8c87-877705fbeb97}: [NameServer] 10.255.255.2

Tcpip\..\Interfaces\{f0d06277-d941-457b-8f3c-5908149b9384}: [DhcpNameServer] 192.168.43.1

Edge:

=======

Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]

Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]

Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]

Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]

Edge DefaultProfile: Default

Edge Profile: C:\Users\usuario\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-07]

FireFox:

========

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:

=======

CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default [2022-03-07]

CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-03]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-03-27] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncHelper.exe [3380616 2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.022.0130.0001\OneDriveUpdaterService.exe [3851128 2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6136536 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [1337216 2022-03-03] (Windscribe Limited -> Windscribe Limited)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49272 2014-12-28] (ManyCam -> Visicom Media Inc.)

R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (ManyCam -> Visicom Media Inc.)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2022-02-20] (Windscribe Limited -> The OpenVPN Project)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)

S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2021-10-05] (Nemea Mjukvaruutveckling AB -> Basil Projects)

S3 WindscribeSplitTunnel; C:\WINDOWS\system32\DRIVERS\WindscribeSplitTunnel.sys [35752 2022-03-03] (Windscribe Limited -> )

R3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2022-02-20] (Windscribe Limited -> WireGuard LLC)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-03-07 20:29 - 2022-03-07 20:31 - 000015609 _____ C:\Users\usuario\Desktop\FRST.txt

2022-03-07 20:27 - 2022-03-07 20:30 - 000000000 ____D C:\FRST

2022-03-07 20:26 - 2022-03-07 20:26 - 002312192 _____ (Farbar) C:\Users\usuario\Desktop\FRST64.exe

2022-03-06 18:55 - 2022-03-06 18:55 - 000071212 _____ C:\Users\usuario\Downloads\FIvwQN_WUAIdMVk.jfif

2022-03-06 02:03 - 2022-03-06 02:03 - 000064371 _____ C:\Users\usuario\Downloads\FNJL2ZHVIAQLPYX.jfif

2022-03-06 02:03 - 2022-03-06 02:03 - 000056803 _____ C:\Users\usuario\Downloads\FNJL2YgVcAIig1s.jfif

2022-03-06 01:49 - 2022-03-06 01:49 - 000880172 _____ C:\Users\usuario\Downloads\FL_hzGZXEAMasbL.jfif

2022-03-05 14:40 - 2022-03-05 22:25 - 000000000 ____D C:\Users\usuario\Downloads\Telegram Desktop

2022-03-05 00:31 - 2022-03-05 00:31 - 000000000 ____D C:\Users\usuario\Downloads\Snapchat

2022-03-05 00:30 - 2022-03-05 00:30 - 000000022 _____ C:\Users\usuario\Downloads\Nuevo WinRAR ZIP archive.zip

2022-03-04 00:35 - 2022-03-04 00:36 - 064569444 _____ C:\Users\usuario\Downloads\Snapchat.zip

2022-03-03 22:50 - 2022-03-07 19:34 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Telegram Desktop

2022-03-03 22:50 - 2022-03-03 22:50 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop

2022-03-03 22:47 - 2022-03-03 22:49 - 035090144 _____ (Telegram FZ-LLC ) C:\Users\usuario\Downloads\tsetup-x64.3.5.1.exe

2022-03-03 14:27 - 2022-03-03 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe

2022-03-03 14:26 - 2022-03-03 14:26 - 000001144 _____ C:\Users\Public\Desktop\Windscribe.lnk

2022-03-03 14:25 - 2022-03-03 14:27 - 000000000 ____D C:\Program Files (x86)\Windscribe

2022-03-03 14:25 - 2022-03-03 14:25 - 000035752 _____ C:\WINDOWS\system32\Drivers\WindscribeSplitTunnel.sys

2022-03-03 14:24 - 2022-03-03 14:25 - 019552128 _____ (Windscribe Limited) C:\Users\usuario\Downloads\Windscribe (1).exe

2022-03-03 03:28 - 2022-03-03 03:28 - 099090432 _____ C:\WINDOWS\system32\config\SOFTWARE

2022-03-03 00:46 - 2022-03-03 00:46 - 000170727 _____ C:\Users\usuario\Downloads\FM0p3QnXIAIDCcj.jfif

2022-03-02 19:52 - 2022-03-02 19:54 - 010623636 _____ (Google) C:\Users\usuario\Downloads\picasa39-setup.exe.opdownload

2022-03-02 19:50 - 2022-03-02 19:50 - 001077248 _____ C:\Users\usuario\Downloads\Setup_EXIFeditor_en.msi

2022-03-02 16:39 - 2022-03-02 16:39 - 000137229 _____ C:\Users\usuario\Downloads\FM0Yq-FXIAwNUrP.jfif

2022-03-02 09:09 - 2022-03-02 09:09 - 000063352 _____ C:\Users\usuario\Downloads\FMv7PQHXwAIJup3.jfif

2022-03-01 23:47 - 2022-03-01 23:47 - 000151079 _____ C:\Users\usuario\Downloads\FM0WRdAVUAUqMLt.jfif

2022-03-01 13:57 - 2022-03-01 13:57 - 000220988 _____ C:\Users\usuario\Downloads\FMs1zkfXsAAq8Yo.jfif

2022-03-01 12:44 - 2022-03-01 12:44 - 000389745 _____ C:\Users\usuario\Downloads\FD-FhRNVIAAbkyx.jfif

2022-03-01 12:44 - 2022-03-01 12:44 - 000283722 _____ C:\Users\usuario\Downloads\FMtFg3KXEAMvzH9.jfif

2022-02-28 18:47 - 2022-02-28 18:47 - 000230492 _____ C:\Users\usuario\Downloads\FMdq15FWYAUO1pw.jfif

2022-02-28 18:47 - 2022-02-28 18:47 - 000147456 _____ C:\Users\usuario\Downloads\FMdq15OWQAEGHYF.jfif.opdownload

2022-02-28 17:31 - 2022-02-28 17:31 - 000263531 _____ C:\Users\usuario\Downloads\FMmZDqSVkAMTroS.jfif

2022-02-28 17:18 - 2022-02-28 17:18 - 000184443 _____ C:\Users\usuario\Downloads\FMtx9H8XsAAWktr.jfif

2022-02-28 16:55 - 2022-02-28 16:55 - 000000780 _____ C:\Users\usuario\Downloads\Documentos - Acceso directo (2).lnk

2022-02-28 15:29 - 2022-02-28 15:29 - 000211292 _____ C:\Users\usuario\Downloads\FMYbCHdUUAYawiO.jfif

2022-02-27 23:30 - 2022-02-27 23:30 - 000250042 _____ C:\Users\usuario\Downloads\FLupUSdXIAAOQNd.jfif

2022-02-27 13:47 - 2022-02-27 13:47 - 000193488 _____ C:\Users\usuario\Downloads\FLZpci8WQAA0_vK.jfif

2022-02-27 12:22 - 2022-02-28 15:44 - 000000000 ____D C:\Users\usuario\Downloads\SFS

2022-02-27 12:17 - 2022-02-27 12:17 - 000166412 _____ C:\Users\usuario\Downloads\insta story sfs.jfif

2022-02-26 19:55 - 2022-02-26 19:55 - 000326778 _____ C:\Users\usuario\Downloads\E_QKyHpWQAMMsVM.jfif

2022-02-26 19:51 - 2022-02-26 19:51 - 000489222 _____ C:\Users\usuario\Downloads\E6e606yVIAEcTGp.jfif

2022-02-26 15:56 - 2022-02-26 15:56 - 000248346 _____ C:\Users\usuario\Downloads\FMc8Fc7WYAcyXTT.jfif

2022-02-26 11:37 - 2022-02-26 11:37 - 000310411 _____ C:\Users\usuario\Downloads\FMYQFXKXMAIycmb.jfif

2022-02-26 09:24 - 2022-02-26 09:24 - 000293419 _____ C:\Users\usuario\Downloads\FLzqo8bVgAcYjEK.jfif

2022-02-26 07:26 - 2022-02-26 07:26 - 004365897 _____ C:\Users\usuario\Downloads\watermarked-images.zip

2022-02-25 23:49 - 2022-02-25 23:50 - 027897365 _____ C:\Users\usuario\Downloads\Playboy USA - November 1968 ( PDFDrive ).pdf

2022-02-25 23:47 - 2022-02-25 23:47 - 002017973 _____ C:\Users\usuario\Downloads\Specialist of Boobs Growth Your Boobs Look Very Sexy Within 2 Weeks - HOW TO GET SEXY BREAST NATURALLY ( PDFDrive ).pdf

2022-02-25 23:45 - 2022-02-25 23:48 - 040735845 _____ C:\Users\usuario\Downloads\FHM Special Collectors Edition 2016 ( PDFDrive ).pdf

2022-02-25 23:42 - 2022-02-25 23:45 - 060659314 _____ C:\Users\usuario\Downloads\Penthouse Australia - July - August 2015 ( PDFDrive ).pdf

2022-02-25 23:38 - 2022-02-25 23:41 - 062035751 _____ C:\Users\usuario\Downloads\Playboy Special Collector's Edition Country Girls ( PDFDrive ).pdf

2022-02-25 23:37 - 2022-02-25 23:38 - 023465038 _____ C:\Users\usuario\Downloads\Playboy Special Collector's Edition 2015 10 ( PDFDrive ).pdf

2022-02-25 23:36 - 2022-02-25 23:37 - 024259534 _____ C:\Users\usuario\Downloads\Playboys Sexy 100 - 2010.pdf ( PDFDrive ).pdf

2022-02-25 23:36 - 2022-02-25 23:37 - 021212889 _____ C:\Users\usuario\Downloads\Playboy Special Collectors edition Wet & Wild ( PDFDrive ).pdf

2022-02-25 23:33 - 2022-02-25 23:33 - 004091947 _____ C:\Users\usuario\Downloads\Studio Lightingfor Nude - Nude Photography Blog - StudioPrague.com ( PDFDrive ) (1).pdf

2022-02-25 23:32 - 2022-02-25 23:33 - 004091947 _____ C:\Users\usuario\Downloads\Studio Lightingfor Nude - Nude Photography Blog - StudioPrague.com ( PDFDrive ).pdf

2022-02-25 23:31 - 2022-02-25 23:31 - 004641780 _____ C:\Users\usuario\Downloads\Garage Glamour_ Digital Nude and Beauty Photography Made Simple ( PDFDrive ).pdf

2022-02-25 20:15 - 2022-02-25 20:15 - 000540562 _____ C:\Users\usuario\Downloads\FIDOOmlXIAEjjvw.jfif

2022-02-25 19:12 - 2022-02-25 19:12 - 000120358 _____ C:\Users\usuario\Downloads\FMP9ntqXoAI3mcO.jfif

2022-02-25 19:10 - 2022-02-25 19:10 - 000022187 _____ C:\Users\usuario\Downloads\FMUMBuCWQAYNZY9.jfif

2022-02-25 19:09 - 2022-02-25 19:09 - 000459148 _____ C:\Users\usuario\Downloads\FMUMBuCWQAE_Sh8.jfif

2022-02-25 19:09 - 2022-02-25 19:09 - 000215621 _____ C:\Users\usuario\Downloads\FMZ5_EVVkA8r1Hj.jfif

2022-02-25 19:02 - 2022-02-25 19:02 - 000310174 _____ C:\Users\usuario\Downloads\FLlw1efVEAA1mAx.jfif

2022-02-25 19:02 - 2022-02-25 19:02 - 000125746 _____ C:\Users\usuario\Downloads\FMdwWzIXoAIOUbi.jfif

2022-02-25 19:01 - 2022-02-25 19:01 - 000500472 _____ C:\Users\usuario\Downloads\FJ98fsLWQA0Qo-0.jfif

2022-02-25 18:55 - 2022-02-25 18:55 - 000365712 _____ C:\Users\usuario\Downloads\FJUx_oeVgAIgqeq.jfif

2022-02-25 18:52 - 2022-02-25 18:52 - 000230038 _____ C:\Users\usuario\Downloads\FMS-kBiVgAECeYZ.jfif

2022-02-25 18:50 - 2022-02-25 18:50 - 000111589 _____ C:\Users\usuario\Downloads\FMeMCXOVUAM83PY.jfif

2022-02-25 18:48 - 2022-02-25 18:48 - 000253380 _____ C:\Users\usuario\Downloads\FL-MNEjWQAUjroP.jfif

2022-02-25 18:27 - 2022-02-25 18:27 - 000076855 _____ C:\Users\usuario\Downloads\FMOZAD4WYAMssXV.jfif

2022-02-25 18:25 - 2022-02-25 18:25 - 000182571 _____ C:\Users\usuario\Downloads\FMZ0-H4XEAQT0pw.jfif

2022-02-25 18:24 - 2022-02-25 18:24 - 000189794 _____ C:\Users\usuario\Downloads\FMUolDwXMAc5X_u.jfif

2022-02-25 18:23 - 2022-02-25 18:23 - 000216802 _____ C:\Users\usuario\Downloads\FMTbcxjXEAUdam8.jfif

2022-02-25 18:23 - 2022-02-25 18:23 - 000025602 _____ C:\Users\usuario\Downloads\FMdcnIlVIAAHSkd.jfif

2022-02-25 18:23 - 2022-02-25 18:23 - 000023856 _____ C:\Users\usuario\Downloads\FMdcnIjUYAABEoo.jfif

2022-02-25 18:22 - 2022-02-25 18:22 - 000178621 _____ C:\Users\usuario\Downloads\FMLbc6SX0AEdK6X.jfif

2022-02-25 18:22 - 2022-02-25 18:22 - 000166262 _____ C:\Users\usuario\Downloads\FMLbc5fXEAASYTD.jfif

2022-02-25 18:22 - 2022-02-25 18:22 - 000165105 _____ C:\Users\usuario\Downloads\FMLbc5gXEAYxrUC.jfif

2022-02-25 18:22 - 2022-02-25 18:22 - 000158471 _____ C:\Users\usuario\Downloads\FMLbc5hXIAAweZn.jfif

2022-02-25 18:21 - 2022-02-25 18:21 - 000097147 _____ C:\Users\usuario\Downloads\FMZcvnbXEAE0uJO.jfif

2022-02-25 18:21 - 2022-02-25 18:21 - 000048286 _____ C:\Users\usuario\Downloads\FMEkkhNXoAM5wdO.jfif

2022-02-25 18:20 - 2022-02-25 18:20 - 000159106 _____ C:\Users\usuario\Downloads\FMUnnNbVEAAjRBG.jfif

2022-02-25 18:20 - 2022-02-25 18:20 - 000149407 _____ C:\Users\usuario\Downloads\FMToAyQXIAgNSI2.jfif

2022-02-25 18:20 - 2022-02-25 18:20 - 000130987 _____ C:\Users\usuario\Downloads\FMd3qdsUUAAkl2p.jfif

2022-02-25 18:19 - 2022-02-25 18:19 - 000176732 _____ C:\Users\usuario\Downloads\FMKGxT4XsAAHSXT.jfif

2022-02-25 18:18 - 2022-02-25 18:18 - 000344110 _____ C:\Users\usuario\Downloads\FMd2KuiXoAE4n6f.jfif

2022-02-25 18:17 - 2022-02-25 18:17 - 000223106 _____ C:\Users\usuario\Downloads\FMJOaQoXIAwOeFl.jfif

2022-02-25 18:15 - 2022-02-25 18:15 - 000176445 _____ C:\Users\usuario\Downloads\FMeLVApWQAYIOM6.jfif

2022-02-25 18:15 - 2022-02-25 18:15 - 000123099 _____ C:\Users\usuario\Downloads\FMeLVAnXMAAniVi.jfif

2022-02-25 18:15 - 2022-02-25 18:15 - 000123099 _____ C:\Users\usuario\Downloads\FMeLVAnXMAAniVi (1).jfif

2022-02-25 18:14 - 2022-02-25 18:14 - 000181114 _____ C:\Users\usuario\Downloads\FMZ0KqhXIAMM1yM (1).jfif

2022-02-25 18:14 - 2022-02-25 18:14 - 000161809 _____ C:\Users\usuario\Downloads\FMZ0KqiWUAU17au.jfif

2022-02-25 18:13 - 2022-02-25 18:13 - 000181114 _____ C:\Users\usuario\Downloads\FMZ0KqhXIAMM1yM.jfif

2022-02-24 23:14 - 2022-02-28 00:59 - 000000000 ____D C:\Users\usuario\Downloads\sources IG

2022-02-24 22:37 - 2022-02-24 22:37 - 000006682 _____ C:\Users\usuario\Downloads\full-list-of-bad-words_comma-separated-text-file_2021_01_18.zip

2022-02-24 22:36 - 2022-02-24 22:36 - 000006465 _____ C:\Users\usuario\Downloads\full-list-of-bad-words_text-file_2021_01_18.zip

2022-02-24 22:36 - 2022-02-24 22:36 - 000001135 _____ C:\Users\usuario\Downloads\spanish-bad-words-list_comma-separated-text-file.zip

2022-02-24 22:36 - 2022-02-24 22:36 - 000001110 _____ C:\Users\usuario\Downloads\spanish-bad-words-list_text-file.zip

2022-02-24 22:36 - 2022-02-24 22:36 - 000000715 _____ C:\Users\usuario\Downloads\base-list-of-bad-words_text-file_2021_01_18.zip

2022-02-24 00:13 - 2022-02-24 00:13 - 000167064 _____ C:\Users\usuario\Downloads\FMVt1pqXMAEzTVn.jfif

2022-02-23 16:16 - 2022-02-23 16:16 - 000000874 _____ C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\more sw resources.lnk

2022-02-23 15:32 - 2022-02-23 15:32 - 000590199 _____ C:\Users\usuario\Downloads\FIxuU2HVIAICp2O.jfif

2022-02-23 15:32 - 2022-02-23 15:32 - 000506389 _____ C:\Users\usuario\Downloads\FIxuU2GVUAE1vUz.jfif

2022-02-23 15:32 - 2022-02-23 15:32 - 000453795 _____ C:\Users\usuario\Downloads\FIxuU2GVkAQvLtA.jfif

2022-02-22 23:01 - 2022-02-22 23:01 - 000298364 _____ C:\Users\usuario\Downloads\FMQISM8XEAIf8EA.jfif

2022-02-22 23:00 - 2022-02-22 23:00 - 000381084 _____ C:\Users\usuario\Downloads\FMQISM-XwAIh58h.jfif

2022-02-22 23:00 - 2022-02-22 23:00 - 000238691 _____ C:\Users\usuario\Downloads\FMQIR_sWUAE0kCF.jfif

2022-02-22 13:48 - 2022-02-22 13:48 - 000761962 _____ C:\Users\usuario\Downloads\codigos sagrados ventas.pdf

2022-02-22 10:14 - 2022-02-22 10:14 - 000105118 _____ C:\Users\usuario\Downloads\tTCENbFB.jpg_medium

2022-02-22 00:32 - 2022-02-22 00:32 - 000123388 _____ C:\Users\usuario\Downloads\limpieza profunda 9 dias.jfif

2022-02-22 00:29 - 2022-02-22 00:31 - 051035520 _____ C:\Users\usuario\Downloads\Y2Mate.is - LIMPIEZA PROFUNDA de 9 DÍAS con CÓDIGOS SAGRADOS 📿de Agesta-z8YaqXVXn-Y-160k-1645511167290.mp3.opdownload

2022-02-21 23:44 - 2022-02-21 23:44 - 034333039 _____ C:\Users\usuario\Downloads\remover implantes.mp4

2022-02-21 12:44 - 2022-02-21 12:44 - 000077006 _____ C:\Users\usuario\Downloads\FLMczE6XIAcql99.jfif

2022-02-21 11:19 - 2022-02-21 11:19 - 000090762 _____ C:\Users\usuario\Downloads\FMEzLCaXsAYLY2n.jfif

2022-02-20 06:47 - 2022-03-03 03:28 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware

2022-02-20 02:03 - 2022-02-20 02:03 - 000057768 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapwindscribe0901.sys

2022-02-20 02:03 - 2022-02-20 02:03 - 000047544 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\windtun420.sys

2022-02-20 02:02 - 2022-02-20 02:02 - 000000000 ____D C:\Users\usuario\AppData\Local\Windscribe

2022-02-19 12:46 - 2022-02-19 12:46 - 000104688 _____ C:\Users\usuario\Downloads\RT group.jfif

2022-02-18 11:43 - 2022-02-18 11:43 - 000006544 _____ C:\Users\usuario\Downloads\posting day 2 Updated.csv

2022-02-18 11:41 - 2022-02-18 11:41 - 000006576 _____ C:\Users\usuario\Downloads\posting day 1 Updated.csv

2022-02-18 01:17 - 2022-02-18 01:17 - 000008772 _____ C:\Users\usuario\Documents\posts_export_bg1golh1.csv

2022-02-18 01:06 - 2022-02-18 01:06 - 000000261 _____ C:\Users\usuario\Downloads\PowerDeleteSuiteExport.csv

2022-02-16 13:04 - 2022-02-16 13:04 - 000006207 _____ C:\Users\usuario\Downloads\posting day 1.csv

2022-02-15 13:51 - 2022-02-15 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Watermark

2022-02-15 13:51 - 2022-02-15 13:51 - 000000000 ____D C:\Program Files (x86)\Mass Watermark

2022-02-15 13:49 - 2022-02-15 13:50 - 045773608 _____ (masswatermark.com ) C:\Users\usuario\Downloads\setup.exe

2022-02-15 13:36 - 2022-02-15 13:36 - 000001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\123watermark.lnk

2022-02-15 13:36 - 2022-02-15 13:36 - 000000000 ____D C:\Users\usuario\Documents\123 Watermark

2022-02-15 13:36 - 2022-02-15 13:36 - 000000000 ____D C:\Users\usuario\AppData\Roaming\123Watermark

2022-02-15 13:36 - 2022-02-15 13:36 - 000000000 ____D C:\Users\usuario\AppData\Local\123_Watermark

2022-02-15 13:36 - 2022-02-15 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\123watermark

2022-02-15 13:36 - 2022-02-15 13:36 - 000000000 ____D C:\ProgramData\123 Watermark

2022-02-15 13:36 - 2022-02-15 13:36 - 000000000 ____D C:\Program Files (x86)\123watermark

2022-02-15 13:35 - 2022-02-15 13:36 - 012194680 _____ (123watermark ) C:\Users\usuario\Downloads\123watermark.exe

2022-02-14 18:47 - 2022-02-14 18:47 - 000007081 _____ C:\Users\usuario\Downloads\posting day 3.csv

2022-02-14 18:41 - 2022-02-14 18:41 - 000007080 _____ C:\Users\usuario\Downloads\posting day 2.csv

2022-02-14 15:21 - 2022-02-14 15:21 - 000120114 _____ C:\Users\usuario\Downloads\scanerator.html

2022-02-14 10:22 - 2022-02-14 10:22 - 019552128 _____ (Windscribe Limited) C:\Users\usuario\Downloads\Windscribe.exe

2022-02-13 20:23 - 2022-02-13 20:23 - 000101258 _____ C:\Users\usuario\Downloads\inspo.jfif

2022-02-12 21:10 - 2022-02-12 21:46 - 000000000 ____D C:\Users\usuario\FastCopy

2022-02-12 21:10 - 2022-02-12 21:10 - 003423024 _____ (FastCopy Lab, LLC.) C:\Users\usuario\Downloads\FastCopy4.0.5_installer.exe

2022-02-12 21:10 - 2022-02-12 21:10 - 000000929 _____ C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FastCopy.lnk

2022-02-11 21:09 - 2022-02-11 21:09 - 000056897 _____ C:\Users\usuario\Downloads\semiphemeral-export-angel_caribe-2022-02-12.csv

2022-02-10 15:03 - 2022-02-10 15:03 - 000007080 _____ C:\Users\usuario\Downloads\posts_export_24zs5nrt final week.csv

2022-02-10 13:12 - 2022-02-10 13:12 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

2022-02-10 13:11 - 2022-02-10 13:11 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe

2022-02-10 13:10 - 2022-02-10 13:10 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll

2022-02-10 13:10 - 2022-02-10 13:10 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe

2022-02-10 13:10 - 2022-02-10 13:10 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

2022-02-10 12:19 - 2022-02-10 12:19 - 000000000 ___HD C:\$WinREAgent

2022-02-10 00:44 - 2022-03-03 02:48 - 000000000 ____D C:\Users\usuario\AppData\Local\Google

2022-02-10 00:29 - 2022-02-10 00:29 - 000003217 _____ C:\Users\usuario\Downloads\Comprobante637800497972732354.pdf

2022-02-10 00:29 - 2022-02-10 00:29 - 000003148 _____ C:\Users\usuario\Downloads\Comprobante637800497550003572.pdf

2022-02-08 00:11 - 2022-02-08 00:13 - 109234365 _____ C:\Users\usuario\Downloads\limpieza codigos sagrados.mp4

2022-02-07 11:05 - 2022-02-07 11:05 - 010120448 _____ C:\Users\usuario\Downloads\Photo Exif Editor Metadata Editor_v2.2.11_apkpure.com.apk

2022-02-06 23:55 - 2022-02-06 23:55 - 000000000 ____D C:\Users\usuario\Downloads\GoogleChromePortable 3

2022-02-06 23:33 - 2022-02-06 23:34 - 000000000 ____D C:\Users\usuario\Downloads\GoogleChromePortable2

2022-02-06 23:26 - 2022-02-06 23:26 - 000027819 _____ C:\Users\usuario\Downloads\pexels-photo-736230.jpeg

2022-02-06 23:10 - 2022-02-06 23:12 - 000000000 ____D C:\Users\usuario\Downloads\GoogleChromePortable

2022-02-06 23:10 - 2022-02-06 23:10 - 001409720 _____ (PortableApps.com) C:\Users\usuario\Downloads\GoogleChromePortable_98.0.4758.80_online.paf.exe

2022-02-06 22:29 - 2022-02-06 22:29 - 000001022 _____ C:\Users\usuario\Downloads\Personal_data_9722971.zip

2022-02-06 21:05 - 2022-02-06 21:05 - 000190011 _____ C:\Users\usuario\Downloads\Factura Telecable-2pdf.com-edit-metadata.pdf

2022-02-06 21:01 - 2022-02-06 21:01 - 000189262 _____ C:\Users\usuario\Downloads\Factura Telecable.pdf

2022-02-06 20:59 - 2022-02-06 20:59 - 000208108 _____ C:\Users\usuario\Downloads\Factura Telecable Marzo (2) (1).pdf

2022-02-06 20:51 - 2022-02-06 20:51 - 000198273 _____ C:\Users\usuario\Downloads\Factura Telecable Marzo (2).pdf

2022-02-06 20:32 - 2022-02-06 20:34 - 000143150 _____ C:\Users\usuario\Downloads\Factura Telecable Enero.pdf

2022-02-06 20:26 - 2022-02-06 20:26 - 000173951 _____ C:\Users\usuario\Downloads\Factura Telecable Marzo (1).pdf

2022-02-06 20:10 - 2022-02-06 20:10 - 000190831 _____ C:\Users\usuario\Downloads\Factura Telecable Marzo.pdf

2022-02-06 11:43 - 2022-02-06 11:43 - 000000000 ____D C:\Users\usuario\Documents\Archivos perdidos (1674)

2022-02-06 10:57 - 2022-02-06 10:57 - 000000000 ____D C:\Users\usuario\AppData\Roaming\QtProject

2022-02-06 10:56 - 2022-02-06 11:41 - 000000000 ____D C:\Program Files (x86)\MiniToolPowerDataRecovery

2022-02-06 10:56 - 2022-02-06 10:56 - 000000226 _____ C:\Users\usuario\Downloads\pdr-ol-log.txt

2022-02-06 10:56 - 2022-02-06 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery

2022-02-06 10:56 - 2021-12-13 20:28 - 045064712 _____ (MiniTool Software Limited ) C:\Users\usuario\Downloads\pdr-free-x64.exe

2022-02-06 10:55 - 2022-02-06 10:55 - 002318176 _____ (MiniTool Software Limited) C:\Users\usuario\Downloads\pdr-free-online.exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2022-03-07 19:23 - 2021-12-28 12:14 - 000004224 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{23BAA7FA-4138-4721-9D23-2B595BA857C2}

2022-03-07 19:04 - 2021-08-14 19:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2022-03-07 19:04 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2022-03-07 12:25 - 2021-10-14 14:05 - 000000000 ____D C:\Program Files\CCleaner

2022-03-07 11:25 - 2021-10-14 14:05 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

2022-03-06 11:56 - 2021-08-05 20:34 - 000000000 ____D C:\Program Files\Microsoft Office

2022-03-06 02:18 - 2021-12-03 13:08 - 000000000 ____D C:\Users\usuario\Documents\SW

2022-03-06 00:38 - 2022-01-13 14:45 - 000000000 ____D C:\Users\usuario\Desktop\Nueva carpeta

2022-03-05 23:55 - 2021-12-22 14:28 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Jarvee

2022-03-05 21:09 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps

2022-03-05 21:09 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness

2022-03-05 20:06 - 2021-12-22 14:28 - 000000000 ____D C:\Users\usuario\AppData\Roaming\ucs

2022-03-04 11:26 - 2021-08-14 19:12 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2022-03-04 11:12 - 2021-10-14 13:22 - 000000000 ____D C:\Users\usuario\Desktop\opera

2022-03-03 14:15 - 2021-08-03 15:24 - 000000000 ____D C:\Users\usuario\AppData\Local\Packages

2022-03-03 10:37 - 2021-08-14 19:22 - 001683676 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2022-03-03 10:37 - 2019-12-07 08:55 - 000753390 _____ C:\WINDOWS\system32\perfh00A.dat

2022-03-03 10:37 - 2019-12-07 08:55 - 000148032 _____ C:\WINDOWS\system32\perfc00A.dat

2022-03-03 10:37 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF

2022-03-03 10:29 - 2021-08-14 19:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2022-03-03 10:29 - 2021-08-14 19:06 - 000008192 ___SH C:\DumpStack.log.tmp

2022-03-03 10:17 - 2021-08-14 19:12 - 000000000 ____D C:\Users\usuario

2022-03-03 10:17 - 2019-12-07 03:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2022-03-03 10:10 - 2021-10-07 15:54 - 000000000 ____D C:\Program Files\Microsoft OneDrive

2022-03-02 08:34 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp

2022-02-26 20:26 - 2021-08-05 20:20 - 000000000 ____D C:\Users\usuario\AppData\Local\PlaceholderTileLogoFolder

2022-02-24 12:21 - 2021-08-14 19:33 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task

2022-02-24 12:20 - 2021-12-11 14:02 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3735610940-3711455475-3248009252-1001

2022-02-24 12:20 - 2021-08-05 20:42 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2022-02-18 12:14 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2022-02-18 03:16 - 2021-10-07 16:15 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

2022-02-16 12:49 - 2022-01-24 21:25 - 000041614 ____H C:\Users\usuario\Documents\~WRL0005.tmp

2022-02-14 00:43 - 2022-01-13 15:49 - 000000000 ____D C:\Users\usuario\AppData\Local\ElevatedDiagnostics

2022-02-11 12:44 - 2021-08-14 17:07 - 000000000 ____D C:\WINDOWS\system32\MRT

2022-02-11 12:38 - 2021-08-14 17:07 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2022-02-11 12:36 - 2021-08-03 15:25 - 000002354 _____ C:\Users\usuario\Desktop\Microsoft Edge.lnk

2022-02-11 12:29 - 2021-08-14 19:07 - 000436080 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2022-02-10 23:32 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2022-02-10 23:32 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources

2022-02-10 23:32 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\et-EE

2022-02-10 23:32 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\es-MX

2022-02-10 23:32 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism

2022-02-10 23:32 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\appraiser

2022-02-10 23:31 - 2019-12-07 08:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection

2022-02-10 23:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellExperiences

2022-02-10 23:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2022-02-10 23:31 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr

2022-02-10 23:31 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\servicing

2022-02-10 23:14 - 2022-01-02 13:43 - 000000000 ____D C:\Users\usuario\AppData\Local\ManyCam

2022-02-10 13:10 - 2021-08-14 19:10 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2022-02-10 10:46 - 2021-08-03 15:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2022-02-05 22:53 - 2022-01-13 14:38 - 000000000 ____D C:\Users\usuario\Documents\switch

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== restaurado correctamente

==================== Final de FRST.txt ========================

ADDITION

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 27-02-2022

Ejecutado por usuario (07-03-2022 20:34:05)

Ejecutado desde C:\Users\usuario\Desktop

Microsoft Windows 10 Pro Versión 21H2 19044.1526 (X64) (2021-08-15 01:35:33)

Modo de Inicio: Normal

==========================================================

==================== Cuentas: =============================

(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-3735610940-3711455475-3248009252-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-3735610940-3711455475-3248009252-503 - Limited - Disabled)

defaultuser0 (S-1-5-21-3735610940-3711455475-3248009252-1000 - Limited - Disabled)

Invitado (S-1-5-21-3735610940-3711455475-3248009252-501 - Limited - Disabled)

usuario (S-1-5-21-3735610940-3711455475-3248009252-1001 - Administrator - Enabled) => C:\Users\usuario

WDAGUtilityAccount (S-1-5-21-3735610940-3711455475-3248009252-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

123watermark 3.0.0 (HKLM-x32\...\{2F588905-719A-4599-A775-087C8FE045FC}}_is1) (Version: 3.0.0 - 123watermark)

CCleaner (HKLM\...\CCleaner) (Version: 5.90 - Piriform)

Comprobación de estado de PC Windows (HKLM\...\{75741B4B-FC87-494A-A380-0EBA06DB89F9}) (Version: 3.2.2110.14001 - Microsoft Corporation)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.)

FastCopy (HKU\S-1-5-21-3735610940-3711455475-3248009252-1001\...\FastCopy) (Version: 4.0.5 - H.Shirouzu & FastCopy Lab, LLC.)

Jarvee (HKLM-x32\...\{CB42768B-7BF0-47BC-8278-23892EC6DF1D}) (Version: 19.3 - Jarvee) Hidden

Jarvee (HKLM-x32\...\Jarvee 19.3) (Version: 19.3 - Jarvee)

ManyCam 5.0.5 (HKLM-x32\...\ManyCam) (Version: 5.0.5 - Visicom Media Inc.)

Mass Watermark version 1.9.2 (HKLM-x32\...\{25BB9D52-8471-4C26-BC79-D3B33BB1A4A7}_is1) (Version: 1.9.2 - masswatermark.com)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.30 - Microsoft Corporation)

Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.14931.20120 - Microsoft Corporation)

Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.14931.20120 - Microsoft Corporation)

Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.022.0130.0001 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)

MiniTool Power Data Recovery 10.2 (HKLM\...\{E1BCD081-4BF4-4E2F-832A-911EC42EF3C5}_is1) (Version: 10.2 - MiniTool Software Limited)

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden

Socinator (HKLM-x32\...\{A0DC4487-E552-4C75-AF45-949F8E99F084}) (Version: 1.0.125 - Socinator)

SysTools XPS Viewer v3.0 (HKLM-x32\...\{172915EF-82C5-4A1D-8305-5909B67938D2}_is1) (Version: - SysTools Software Pvt. Ltd.)

Telegram Desktop (HKU\S-1-5-21-3735610940-3711455475-3248009252-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.5.1 - Telegram FZ-LLC)

Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{3800CCFC-4006-4B30-A103-416AF26A885C}) (Version: 2.71.0.0 - Microsoft Corporation)

Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.3 Build 16 - Windscribe Limited)

WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:

=========

Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation)

Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-17] (Microsoft Corporation)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-25] (Microsoft Studios) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3735610940-3711455475-3248009252-1001_Classes\CLSID\{04271989-C4D2-BC0B-9DEB-54F884EEFFB4} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.022.0130.0001\FileSyncShell64.dll [2022-02-24] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

Shortcut: C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Users\usuario\Downloads\GoogleChromePortable\App\Chrome-bin\chrome.exe (Google LLC)

ShortcutWithArgument: C:\Users\usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e5fad960c7874134\Google Chrome.lnk -> C:\Users\usuario\Downloads\GoogleChromePortable\App\Chrome-bin\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2022-03-03 14:25 - 2022-03-03 14:25 - 002854912 _____ () [Archivo no firmado] C:\Program Files (x86)\Windscribe\libGLESv2.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 000074752 _____ () [Archivo no firmado] C:\Program Files (x86)\Windscribe\zlib1.dll

2021-08-05 20:40 - 2021-08-05 20:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll

2021-08-05 20:40 - 2021-08-05 20:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 000168448 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [Archivo no firmado] C:\Program Files (x86)\Windscribe\cares.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 000419840 _____ (The curl library, hxxps://curl.se/) [Archivo no firmado] C:\Program Files (x86)\Windscribe\libcurl.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 002227200 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Windscribe\libcrypto-1_1.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 000532480 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Windscribe\libssl-1_1.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 000025600 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Windscribe\imageformats\qico.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 001171456 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Windscribe\platforms\qwindows.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 005104640 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Windscribe\Qt5Core.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 004101120 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Windscribe\Qt5Gui.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 001072128 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Windscribe\Qt5Network.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 000270336 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Windscribe\Qt5Svg.dll

2022-03-03 14:25 - 2022-03-03 14:25 - 004573696 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files (x86)\Windscribe\Qt5Widgets.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2022-02-20 12:51 - 2022-02-20 12:51 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-3735610940-3711455475-3248009252-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 10.255.255.2 - 190.113.97.11

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)

Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{26701E90-FF61-44D9-9937-3ACD1AD54470}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{3CE1086A-FC50-4A91-991E-92C3826DFC2D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{3F5D4FA7-A2FA-4014-BF7B-E62A6ADF217E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{A3F8CA52-2DE4-4183-B3C5-7F14A53BE150}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{B9082581-EC02-45D0-BABD-560922FBEFE4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{759C9465-0123-4232-82FA-66538ADAC965}C:\users\usuario\desktop\opera\opera.exe] => (Block) C:\users\usuario\desktop\opera\opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [UDP Query User{B58A0DB9-9DE9-4889-A3D7-D8B7D7FE7EF1}C:\users\usuario\desktop\opera\opera.exe] => (Block) C:\users\usuario\desktop\opera\opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [TCP Query User{C548F041-0E16-4279-A39B-3F05A22DFB7A}C:\users\usuario\desktop\opera\opera.exe] => (Block) C:\users\usuario\desktop\opera\opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [UDP Query User{2ED6FDBA-BA4C-4D37-B087-CDA42C7749BE}C:\users\usuario\desktop\opera\opera.exe] => (Block) C:\users\usuario\desktop\opera\opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [{A2DF6123-C05A-48E8-B6C6-BE1BF8FD4211}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{1F8173BB-0FB3-4547-9F64-7ABD043B192F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{7732D452-5004-4926-A399-D716704DF26E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{7E3596EB-DF6C-47D6-9789-C4B04E5BA8B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [TCP Query User{CDB1572B-E382-40E9-8720-26F8F117E904}C:\users\usuario\downloads\googlechromeportable\app\chrome-bin\chrome.exe] => (Block) C:\users\usuario\downloads\googlechromeportable\app\chrome-bin\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [UDP Query User{D7F84EB9-EDB6-406F-A2DA-05146D9C86AC}C:\users\usuario\downloads\googlechromeportable\app\chrome-bin\chrome.exe] => (Block) C:\users\usuario\downloads\googlechromeportable\app\chrome-bin\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

22-02-2022 20:10:43 Punto de control programado

02-03-2022 08:32:20 Instalador de Módulos de Windows

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Broadcom USH

Description: Broadcom USH

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Puerto serie PCI

Description: Puerto serie PCI

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora de dispositivo de almacenamiento

Description: Controladora de dispositivo de almacenamiento

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Errores del registro de eventos: ========================

Errores de aplicación:

==================

Error: (03/07/2022 08:38:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: Error de la activación de licencia (slui.exe) con el siguiente código:

hr=0xC004F074