Virus de la doble tilde de nuevo

Buenas, tengo el problema de muchos con el virus de la doble tilde. He probado todos los pasos que se han comentado a otros en otras conversaciones, pasando todos los programas citados (ccleaner, Malwarebites, Adw y ccleaner de nuevo) pero en ninguno de ellos me ha encontrado nada relevante salvo preinstalaciones del ordenador. Por si acaso, voy a poner los registros por si pudierais ayudarme con ello. Gracias de antemano

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 26/11/21
Hora del análisis: 16:20
Archivo de registro: 58afa7a6-4ecc-11ec-a021-c85b761d472a.json

-Información del software-
Versión: 4.4.11.149
Versión de los componentes: 1.0.1513
Versión del paquete de actualización: 1.0.47706
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 19042.1348)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-EASMTIFI\Tamara

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 370058
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 15 min, 18 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build:    11-18-2021
# Database: 2021-11-18.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-26-2021
# Duration: 00:00:10
# OS:       Windows 10 Home
# Scanned:  32012
# Detected: 36


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.CyberLinkShellExtension   Registry   HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} 
Preinstalled.LenovoCCSDK   Folder   C:\Program Files (x86)\LENOVO\CCSDK 
Preinstalled.LenovoCCSDK   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{67827BB6-4B05-6181-921A-E49FC484E859} 
Preinstalled.LenovoIMController   Folder   C:\ProgramData\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Folder   C:\Users\Tamara\AppData\Local\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Folder   C:\Windows\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Folder   C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER 
Preinstalled.LenovoIMController   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1 
Preinstalled.LenovoPower2Go   Folder   C:\Program Files (x86)\LENOVO\POWER2GO 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLMLServer_For_P2G8 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLVirtualDrive 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2} 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2} 
Preinstalled.LenovoPowerDVD   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E830EF65-5A52-4C46-9EAA-11D0335187B8}  
Preinstalled.LenovoPowerDVD   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A} 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A} 
Preinstalled.LenovoPowerDVD   Task   C:\Windows\System32\Tasks\PDVDSERV12 TASK 
Preinstalled.LenovoQuickOptimizer   Folder   C:\Program Files\LENOVO\QUICKOPTIMIZER 
Preinstalled.LenovoQuickOptimizer   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA} 
Preinstalled.LenovoREACHit   Folder   C:\Program Files (x86)\LENOVO\REACHIT 
Preinstalled.LenovoREACHit   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\REACHIT 
Preinstalled.LenovoREACHit   Folder   C:\Users\Tamara\AppData\Local\LENOVO\REACHIT 
Preinstalled.LenovoREACHit   Registry   HKLM\Software\Classes\CLSID\{2B3256D4-49AA-11D1-8429-0050AE509033} 
Preinstalled.LenovoREACHit   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{2B3256D4-49AA-11D1-8429-0050AE509033} 
Preinstalled.LenovoREACHit   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4532E4C5-C84D-4040-A044-ECFCC5C6995B} 
Preinstalled.LenovoSHAREit   Folder   C:\Program Files (x86)\LENOVO\SHAREIT 
Preinstalled.LenovoSHAREit   Folder   C:\Users\Tamara\AppData\Local\LENOVO\SHAREIT 
Preinstalled.LenovoSHAREit   Registry   HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B} 
Preinstalled.LenovoSHAREit   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1 
Preinstalled.LenovoSolutionCenter   Folder   C:\Program Files\LENOVO\LENOVO SOLUTION CENTER 
Preinstalled.LenovoSolutionCenter   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E442BFFD-8406-4C6D-BE7E-0CF6E61EE363} 
Preinstalled.LenovoUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility 
Preinstalled.LenovoUtility   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility 


AdwCleaner[S00].txt - [1250 octets] - [01/04/2019 23:21:27]
AdwCleaner[S01].txt - [1311 octets] - [08/04/2019 16:13:23]
AdwCleaner[S02].txt - [1372 octets] - [04/06/2019 16:56:59]
AdwCleaner[S03].txt - [1860 octets] - [13/08/2019 13:42:37]
AdwCleaner_Debug.log - [64823 octets] - [23/09/2019 22:59:29]
AdwCleaner[S04].txt - [5994 octets] - [23/09/2019 23:00:14]
AdwCleaner[S05].txt - [6055 octets] - [23/09/2019 23:00:58]
AdwCleaner[S06].txt - [5929 octets] - [23/07/2020 11:20:07]
AdwCleaner[S07].txt - [5990 octets] - [23/12/2020 12:09:10]
AdwCleaner[S08].txt - [6141 octets] - [23/11/2021 19:10:32]
AdwCleaner[S09].txt - [6192 octets] - [25/11/2021 20:55:14]
AdwCleaner[S10].txt - [6253 octets] - [26/11/2021 14:43:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S11].txt ##########Malwarebytes
www.malwarebytes.com

Sigue estos pasos:

1. Actualiza tu antivirus.
2. Actualiza MalwareBytes.
3. Reinicia el ordenador en modo seguro.
4. Ejecuta tu antivirus, eliminando todo lo que te encuentre.
5. Ejecuta MalwareBytes y elimina todo lo que te encuentre.
6. Reinicia tu ordenador en modo normal y repite los pasos 4 y 5.

Después comenta los resultados aquí.

Buenas, gracias por contestar. Hice todo lo que describiste, pero sigue sin aparecer en los analisis y el virus sigue activo… Cuando escribo inicialmente, el virus parece haber sido eliminado, pero a los pocos segundos vuelve a activarse y ha darme fallos las tildes… no se que hacer a continuacion…

os comentó que dicho tipo malware tiene cierta persistencia en el sistema y no se dejará eliminar así como así. Herramientas automatizadas o semi-automatizadas no le harán ni cosquillas. No lo podrán eliminar del sistema, aunque lo detecten, no podrán con este bicho. Así que dejémonos de rodeos, vamos a por faena… eso es vamos directamente con la artillería pesada.

Antes de seguir, con el permiso del compañero @Gwain40 yo seguiré con este caso (de momento, hasta que el malware sea erradicado por completo, después, seguirá el compañero @Gwain40 con las indicaciones finales que él considere oportunas). El hecho que de momento siga Yo con el caso, es debido a que deberemos de utilizar FRST y ciertas metodologías de eliminación de malware muy concretas para este caso específico.

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

@MIXU, no te preocupes, por mí no hay ningún problema. Además así aprendo una nueva forma de solucionar este tipo de problemas .

Gracias por echarme una mano. Lo hago y os comento

Buenas, ya he terminado el análisis y paso aquí los reportes. Acabo de comprobar el uso de las tildes, y solucionado, de momento no ha vuelto a activarse. Lo observaré durante la mañana por si de nuevo volviera a aparecer. De nuevo, muchas gracias

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-11-2021
Ejecutado por Tamara (administrador) sobre LAPTOP-EASMTIFI (LENOVO 80SM) (28-11-2021 20:03:09)
Ejecutado desde C:\Users\Tamara\Desktop
Perfiles cargados: Tamara
Plataforma: Microsoft Windows 10 Home Versión 20H2 19042.1348 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Users\Tamara\AppData\Local\Microsoft\winsession.exe
() [Archivo no firmado] C:\Users\Tamara\AppData\Local\Windows\ttwin.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Conexant Systems, Inc.) [Archivo no firmado] C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files\EPSON\Epson Data Collection Agent\DataCollectionAgentController.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files\EPSON\Epson Data Collection Agent\DCAgent.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIWLE.EXE <2>
(Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe <2>
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe <2>

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [DataCollectionAgentController] => C:\Program Files\EPSON\Epson Data Collection Agent\DataCollectionAgentController.exe [394864 2020-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831768 2016-08-29] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [Archivo no firmado]
HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\Run: [winsession] => C:\Users\Tamara\AppData\Local\Windows\ttwin.exe [4872776 2018-01-19] () [Archivo no firmado]
HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIWLE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIWLE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\EPSON XP-970 Series 64MonitorBE: C:\Windows\system32\E_YLMBWLE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Archivo no firmado]
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\Windows\system32\nitrolocalmon9.dll [29704 2013-10-07] (Nitro PDF Software -> Nitro PDF Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-19] (Google LLC -> Google LLC)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1D1B0D21-2B74-4231-8754-72219F6D4DF3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-08] (Google Inc -> Google Inc.)
Task: {1F17DE7B-C46A-4BE5-8B35-E0484A50E775} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2754B2FF-B667-497B-9CEF-58258FC387DA} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {32AD119B-BF08-4B47-8DF4-F5A80E596A95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-08] (Google Inc -> Google Inc.)
Task: {3542E814-FBD1-4A10-98EB-474A4190AB71} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9386aec5-5e42-47b5-9e8b-1d8276d277b2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {426CEE16-4E7F-44EB-9647-5E33AE8B8DBE} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [270304 2016-01-25] (LENOVO -> Lenovo)
Task: {42B22998-B7E6-4AF0-87AD-7376BF571C4D} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {446845CF-C744-4723-9B7F-1B80CDA63883} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\eedf4305-acc2-4901-b141-b96b6fc3fc3c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {4F8E4AB4-1F34-424C-B335-A752CC0CFEED} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {5531616C-35D8-4E03-ACE5-44E51F58E82E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DD4BE35-B7C2-4CCE-BA75-8A5E464056EB} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {631471FF-09B5-45B7-9CE9-FC2D3E6BD33A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6941E871-35AB-41ED-8488-31B49DEC7E90} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {6EB2800B-DB2F-4103-88BC-C58BEC0A84F4} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [564664 2015-06-12] (LENOVO -> Lenovo)
Task: {6FF60FE4-24EE-4694-B34C-8B4FFD1BC9D2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {72C3EDAF-4731-428A-AC9F-132B669DCD16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7482E5F3-8AE8-4539-8026-93C1F5E3B799} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\82e061df-8a23-42cc-8e7a-8c8b9536d2f0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {764FC1D2-005B-4ECE-82E6-DFDC15251BD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76FD8853-191A-4417-A0E3-ECFFD0A82D0F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {779D41F8-EE17-4452-8BA0-AF9E44A261D0} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {7F4F483F-A05F-48B0-B482-5267F41081C0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {87C2FFD6-BD2E-41F1-98C0-0BF422B9A954} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {98A54361-F4B7-4C9F-AC35-8C4E3CA1F232} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {A10D930B-8F5F-4B9E-9217-DEC8361A461D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7BFD2E8-1BA7-41B5-B631-8F80F7518F91} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9773024 2016-01-25] (LENOVO -> Lenovo)
Task: {AB44ABE0-1EAE-4871-8CB9-120884C65441} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {BADF9E02-4FBD-4CB2-99B9-A3FEE4207C35} - System32\Tasks\EPSON XP-970 Series Update {F1F8BAE2-1930-41A7-A620-6CED41E2A350} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWLE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {BD685ADB-71FC-4B33-85D1-66E9E0A93BF6} - System32\Tasks\CCleanerSkipUAC - Tamara => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BFE7040C-E244-4EF2-A8F0-31529BD1316F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (Ningún archivo)
Task: {D51FC4F7-A2DE-4B80-8A63-6E2A7BCD3311} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\afd52713-35c4-49af-9cbd-478815a32ed5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {D63030E9-1D1D-4314-8ABE-B7B12C6A9E56} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9773024 2016-01-25] (LENOVO -> Lenovo)
Task: {DB64FD03-72C3-481C-8D56-E3F4F2782A35} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {DBEFC28A-7424-4354-9F8E-1E862F9DB954} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-06] (LENOVO -> Lenovo)
Task: {DE619116-7842-43FA-8D63-AAE65DBBDE83} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8957db68-3760-40c6-8952-8b9177fbcdeb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {E17AA331-C85F-4DD4-94AE-B06AB931DDD3} - System32\Tasks\EPSON XP-970 Series Update {41127D20-C749-43C7-BE23-CAE5332BD4A4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWLE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {E830EF65-5A52-4C46-9EAA-11D0335187B8} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-09-11] (CyberLink Corp. -> CyberLink Corp.)
Task: {F225DF6A-4804-4F1E-A94F-426ADBF8C02A} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [564664 2015-06-12] (LENOVO -> Lenovo)
Task: {F28D780A-D413-4446-975A-06FD93CEA370} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1320416 2016-01-25] (LENOVO -> Lenovo)
Task: {FA7F99D1-5A6F-4EE5-9983-0495DA08DF2C} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-970 Series Update {41127D20-C749-43C7-BE23-CAE5332BD4A4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWLE.EXE:/EXE:{41127D20-C749-43C7-BE23-CAE5332BD4A4} /F:UpdateWORKGROUP\LAPTOP-EASMTIFI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-970 Series Update {F1F8BAE2-1930-41A7-A620-6CED41E2A350}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWLE.EXE:/EXE:{F1F8BAE2-1930-41A7-A620-6CED41E2A350} /F:UpdateWORKGROUP\LAPTOP-EASMTIFI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{13e6b2f5-9961-4440-9b44-ac3c08e304a8}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Tamara\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-26]
Edge HomePage: Default -> hxxp://lenovo15.msn.com/?pc=LCTE

FireFox:
========
FF DefaultProfile: 4kbnovqg.default
FF ProfilePath: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\4kbnovqg.default [2021-11-28]
FF DownloadDir: C:\Users\Tamara\Desktop
FF Homepage: Mozilla\Firefox\Profiles\4kbnovqg.default -> hxxp://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\4kbnovqg.default -> hxxps://powvldeo.net; hxxps://www.seriesanimadas.net; hxxps://www.4shared.com
FF Extension: (Ghostery – Bloqueador de anuncios para privacidad) - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\4kbnovqg.default\Extensions\[email protected] [2021-06-30]
FF Extension: (AdBlock) - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\4kbnovqg.default\Extensions\[email protected] [2020-02-06]
FF Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\4kbnovqg.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2021-01-10]
FF Extension: (Docs Online Viewer) - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\4kbnovqg.default\Extensions\{bfb54675-2fd9-4e22-949d-c36333aff6b5}.xpi [2017-02-11]
FF Extension: (Sin Nombre) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [no encontrado]
FF Extension: (Sin Nombre) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [no encontrado]
FF Extension: (Sin Nombre) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [no encontrado]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-10-07] (Nitro PDF Software -> Nitro PDF)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\198402343.js [2017-06-13] <==== ATENCIÓN (Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\198402343.cfg [2017-06-13] <==== ATENCIÓN

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default [2021-11-28]
CHR DownloadDir: C:\Users\Tamara\Desktop
CHR Notifications: Default -> hxxps://powvldeo.net; hxxps://www.pinterest.es
CHR DefaultSearchURL: Default -> hxxps://gestionv1-c763.evolmind.com/web/images/favicon.ico
CHR Extension: (Presentaciones) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-08]
CHR Extension: (Documentos) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-08]
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-08]
CHR Extension: (Campus Online) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\egccjmfoajhggpboppmnlgphpjbdepml [2019-02-09]
CHR Extension: (Hojas de cálculo) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-08]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-18]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-11-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [132096 2016-05-12] (Conexant Systems, Inc.) [Archivo no firmado]
R2 DCAgent; C:\Program Files\EPSON\Epson Data Collection Agent\DCAgent.exe [16496 2020-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-07-04] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271328 2016-01-25] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7901368 2021-11-26] (Malwarebytes Inc -> Malwarebytes)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-10-07] (Nitro PDF Software -> Nitro PDF Software)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-20] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [153088 2021-08-13] (Microsoft Corporation) [Archivo no firmado]
R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-08-03] (EldoS Corporation -> /n software, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl827d0751; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C62191C0-AFB9-4BFC-A10A-C960E7908444}\MpKslDrv.sys [130296 2021-11-28] (Microsoft Windows -> Microsoft Corporation)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-08-03] (EldoS Corporation -> /n software, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-11-28 20:03 - 2021-11-28 20:05 - 000032576 _____ C:\Users\Tamara\Desktop\FRST.txt
2021-11-28 19:47 - 2021-11-28 20:04 - 000000000 ____D C:\FRST
2021-11-28 19:44 - 2021-11-28 19:44 - 002311680 _____ (Farbar) C:\Users\Tamara\Desktop\FRST64.exe
2021-11-28 19:39 - 2021-11-28 19:39 - 000000000 ____D C:\Users\Tamara\AppData\LocalLow\IGDump
2021-11-26 19:29 - 2021-11-26 19:29 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-11-26 19:28 - 2021-11-26 19:28 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-11-26 19:28 - 2021-11-26 19:28 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-11-26 19:01 - 2021-11-26 19:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-11-26 19:00 - 2021-11-26 19:26 - 000258946 _____ C:\WINDOWS\ntbtlog.txt
2021-11-26 17:32 - 2021-11-26 17:32 - 000000552 _____ C:\Users\Tamara\Documents\cc_20211126_173237.reg
2021-11-26 16:15 - 2021-11-26 16:15 - 000000552 _____ C:\Users\Tamara\Documents\cc_20211126_161527.reg
2021-11-26 14:47 - 2021-11-26 14:47 - 000000552 _____ C:\Users\Tamara\Documents\cc_20211126_144701.reg
2021-11-26 10:41 - 2021-11-26 10:41 - 000013818 _____ C:\Users\Tamara\Documents\cc_20211126_104055.reg
2021-11-25 20:54 - 2021-11-25 20:54 - 008540344 _____ (Malwarebytes) C:\Users\Tamara\Desktop\adwcleaner_8.3.1.exe
2021-11-25 20:39 - 2021-11-28 11:26 - 000000000 ____D C:\Program Files\CCleaner
2021-11-25 20:39 - 2021-11-26 19:08 - 000001051 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-25 20:39 - 2021-11-25 20:39 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-25 20:39 - 2021-11-25 20:39 - 000002908 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Tamara
2021-11-25 20:39 - 2021-11-25 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-11-24 10:33 - 2021-11-24 10:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-24 10:25 - 2021-11-24 10:26 - 000000000 ____D C:\Users\Tamara\Desktop\musica
2021-11-23 21:38 - 2021-11-23 21:38 - 001178724 _____ C:\Users\Tamara\Desktop\Una corte de llamas plateadas (Ficción) (Spanish Edition).azw3
2021-11-15 09:45 - 2021-11-15 12:35 - 000000000 ____D C:\Users\Tamara\Desktop\jude
2021-11-15 09:45 - 2021-11-15 09:53 - 000000000 ____D C:\Users\Tamara\Desktop\isobel
2021-11-10 21:54 - 2021-11-15 12:35 - 000000000 ____D C:\Users\Tamara\Desktop\poppy wcb
2021-11-10 15:42 - 2021-11-10 15:42 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-10 15:41 - 2021-11-10 15:41 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-10 15:41 - 2021-11-10 15:41 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-10 15:40 - 2021-11-10 15:40 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-10 15:09 - 2021-11-10 15:09 - 000000000 ___HD C:\$WinREAgent
2021-11-03 13:02 - 2021-11-03 13:02 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-03 13:02 - 2021-11-03 13:02 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-02 19:10 - 2021-11-25 14:16 - 000000000 ____D C:\Users\Tamara\Desktop\portada Naheria
2021-11-02 11:59 - 2021-11-25 09:40 - 000000796 _____ C:\WINDOWS\storelibdebug.txt

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-11-28 19:56 - 2017-02-11 12:06 - 000000000 ____D C:\Users\Tamara\AppData\LocalLow\Mozilla
2021-11-28 19:53 - 2021-04-20 16:19 - 000004218 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{82F586C9-55F9-4F1E-BB37-D98502830F17}
2021-11-28 19:33 - 2019-02-05 09:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-28 19:31 - 2021-04-20 15:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-28 19:26 - 2019-02-08 09:42 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-28 17:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-28 13:26 - 2020-12-23 12:40 - 000000000 ____D C:\Users\Tamara\AppData\Roaming\WTablet
2021-11-28 11:24 - 2017-01-02 12:17 - 000000000 __SHD C:\Users\Tamara\IntelGraphicsProfiles
2021-11-26 22:56 - 2016-06-17 21:32 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-26 19:28 - 2020-06-15 21:31 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-26 19:27 - 2021-04-20 16:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-26 19:27 - 2021-04-20 15:38 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-26 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-26 19:26 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-26 19:01 - 2020-12-11 08:48 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-26 14:30 - 2021-04-20 15:50 - 000000000 ____D C:\Users\Tamara
2021-11-26 11:28 - 2017-02-11 16:55 - 000000000 ____D C:\Users\Tamara\AppData\Local\CrashDumps
2021-11-26 11:00 - 2021-04-29 12:50 - 000000000 ____D C:\Users\Tamara\Desktop\commision
2021-11-26 10:26 - 2020-11-09 11:31 - 000000000 ____D C:\Users\Tamara\Desktop\hyaian
2021-11-26 09:54 - 2020-06-15 21:32 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-26 09:54 - 2020-06-15 21:32 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-26 09:53 - 2019-04-08 15:22 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-26 09:53 - 2019-04-08 15:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-26 09:53 - 2019-04-08 15:22 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-25 20:49 - 2020-03-14 12:52 - 000000000 ____D C:\Program Files (x86)\Steam
2021-11-25 20:49 - 2017-08-21 16:35 - 000000000 ____D C:\Users\Tamara\AppData\Roaming\uTorrent
2021-11-25 20:46 - 2021-04-19 16:10 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-25 20:30 - 2017-06-19 11:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-25 20:30 - 2017-02-11 12:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-11-25 19:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-25 09:44 - 2020-06-21 21:22 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-25 09:44 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-25 09:39 - 2016-06-17 21:03 - 000000000 ____D C:\ProgramData\Lenovo
2021-11-24 13:18 - 2021-10-25 09:37 - 000000000 ____D C:\Users\Tamara\Desktop\danika
2021-11-24 10:33 - 2017-06-19 11:48 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-23 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-23 18:44 - 2021-04-20 16:03 - 001774678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-23 18:44 - 2019-12-07 15:55 - 000789482 _____ C:\WINDOWS\system32\perfh00A.dat
2021-11-23 18:44 - 2019-12-07 15:55 - 000155834 _____ C:\WINDOWS\system32\perfc00A.dat
2021-11-23 18:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-23 13:15 - 2017-02-11 19:58 - 000000000 ____D C:\Users\Tamara\AppData\Roaming\vlc
2021-11-23 09:42 - 2020-12-27 11:22 - 000000000 ____D C:\Users\Tamara\Desktop\editorial
2021-11-22 12:38 - 2017-02-14 11:06 - 000000000 ____D C:\Users\Tamara\Desktop\referencias
2021-11-22 09:04 - 2018-07-02 18:52 - 000000000 ____D C:\ProgramData\Packages
2021-11-19 17:18 - 2018-02-08 21:50 - 000000000 ____D C:\Users\Tamara\Documents\Biblioteca de calibre
2021-11-19 17:15 - 2019-02-08 09:42 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-19 17:15 - 2019-02-08 09:42 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-18 14:12 - 2021-04-20 16:19 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-275387635-2355096450-783506645-1001
2021-11-18 14:12 - 2021-04-20 15:50 - 000002423 _____ C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-18 08:39 - 2021-04-26 07:41 - 000003558 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d735f5a6751cc4
2021-11-18 08:39 - 2021-04-20 16:19 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-15 21:05 - 2017-11-28 15:49 - 000000000 ____D C:\Users\Tamara\AppData\Local\ElevatedDiagnostics
2021-11-15 09:26 - 2016-06-17 20:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-11-12 11:27 - 2021-01-28 10:13 - 000000000 ____D C:\Users\Tamara\Desktop\Redraw
2021-11-10 15:57 - 2021-04-20 15:38 - 005252840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-10 15:51 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-10 15:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-10 15:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 15:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-10 15:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-10 15:05 - 2017-02-11 16:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 14:58 - 2017-02-11 16:39 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-07 22:36 - 2021-06-16 23:28 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-11-07 22:36 - 2021-06-16 23:28 - 000063728 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-11-07 22:36 - 2021-04-05 09:05 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-11-07 22:36 - 2017-10-06 07:57 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-11-04 14:48 - 2021-09-28 09:51 - 000000000 ____D C:\Users\Tamara\Desktop\Cathal and Einar
2021-11-03 11:29 - 2017-12-19 11:31 - 000000000 ____D C:\Users\Tamara\Desktop\regalo muna
2021-11-03 10:58 - 2018-03-14 23:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-02 22:30 - 2017-11-25 10:52 - 000000000 ____D C:\Users\Tamara\AppData\Local\Packages

==================== Archivos en la raíz de algunos directorios ========

2021-03-07 21:00 - 2021-03-07 21:00 - 000000132 _____ () C:\Users\Tamara\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2017-06-13 08:44 - 2021-10-06 17:06 - 000000132 _____ () C:\Users\Tamara\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-09-10 17:12 - 2020-05-19 09:36 - 000001456 _____ () C:\Users\Tamara\AppData\Local\Adobe Guardar para Web 11.0 Prefs
2017-08-02 12:14 - 2017-08-02 12:14 - 000003584 _____ () C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-11-2021
Ejecutado por Tamara (28-11-2021 20:07:22)
Ejecutado desde C:\Users\Tamara\Desktop
Microsoft Windows 10 Home Versión 20H2 19042.1348 (X64) (2021-04-20 15:21:05)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-275387635-2355096450-783506645-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-275387635-2355096450-783506645-503 - Limited - Disabled)
Invitado (S-1-5-21-275387635-2355096450-783506645-501 - Limited - Disabled)
Tamara (S-1-5-21-275387635-2355096450-783506645-1001 - Administrator - Enabled) => C:\Users\Tamara
WDAGUtilityAccount (S-1-5-21-275387635-2355096450-783506645-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\uTorrent) (Version: 3.5.5.45574 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoFirma (HKLM-x32\...\AutoFirma ) (Version: 1.5.0.JAv01 - Junta de Andalucía)
calibre (HKLM-x32\...\{5AD205E9-E80E-4F4B-88A5-C6B5CC12BBE4}) (Version: 2.48.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
CLIP STUDIO 1.6.2 (HKLM-x32\...\{9EA46798-B47E-4D2F-AA92-AF420E4628BC}) (Version: 1.6.2 - CELSYS)
CLIP STUDIO PAINT 1.6.2 (HKLM-x32\...\{234258C8-C5FA-4F9E-8E80-93E1453AFD36}) (Version: 1.6.2 - CELSYS)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Comprobación de estado de PC Windows (HKLM\...\{75741B4B-FC87-494A-A380-0EBA06DB89F9}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.31.55 - Conexant)
CorelDRAW Graphics Suite X6 - IPM (HKLM-x32\...\{0084B0C3-F376-42E3-804A-885D249282BD}) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (HKLM-x32\...\{318FF3D7-0C40-483B-AF92-AF36416B0AC6}) (Version: 16.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.0.0.707 - Corel Corporation)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Discord (HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{82C288CC-A96D-43E3-9119-944DABF5DD61}) (Version: 0.8.0.74 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Epson Data Collection Agent (HKLM\...\{AF4D8A50-6093-4556-936E-A4C042CC2AE2}) (Version: 4.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{AB971A4E-F669-4E82-AFF0-3C34DF768553}) (Version: 3.3.0.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{BF35B9D9-C4A1-40DD-B13C-46F35BD35282}) (Version: 3.5.2 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON XP-970 Series Printer Uninstall (HKLM\...\EPSON XP-970 Series) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
IMVU Avatar Chat Software (HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\IMVU Avatar chat client software BETA) (Version:  - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4483 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{E442BFFD-8406-4C6D-BE7E-0CF6E61EE363}) (Version: 3.2.004.00 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.9.23.0 - Lenovo Group Ltd.)
Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes)
Manuales de EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Manuales de usuario (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Office Profesional 2016 - es-es (HKLM\...\ProfessionalRetail - es-es) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Mozilla Firefox (x64 es-MX) (HKLM\...\Mozilla Firefox 94.0.2 (x64 es-MX)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
Nitro Pro 9 (HKLM\...\{5BE980A6-E246-4922-86B4-35456C12F1A5}) (Version: 9.0.2.37 - Nitro)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10232 - Qualcomm Atheros)
Qualcomm Atheros QCA6174_9377 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.149 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.44-1 - Wacom Technology Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
version 5.13.415.31/1.0.0.27/3.4.5.11(H1C307WW) (HKLM-x32\...\{4AD4461B-8BD4-4354-805C-E97E7A404906}_is1) (Version:  - Lenovo Group Limited)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.34 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.17.0_x64__k1h2ywk1493x8 [2021-11-18] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-02] (Microsoft Studios) [MS Ad]
Portal de cuenta de Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-275387635-2355096450-783506645-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
SSODL: EldosMountNotificator-cbfs6 - {A5E9C2D6-72EB-4DDF-A702-A8B6F5EC3E1B} - C:\Windows\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {A5E9C2D6-72EB-4DDF-A702-A8B6F5EC3E1B} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {A5E9C2D6-72EB-4DDF-A702-A8B6F5EC3E1B} => C:\Windows\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {A5E9C2D6-72EB-4DDF-A702-A8B6F5EC3E1B} => C:\Windows\SysWOW64\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {32FF0E0C-5108-4B52-83B6-D157468802AF} => C:\Windows\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {32FF0E0C-5108-4B52-83B6-D157468802AF} => C:\Windows\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\9.0\NPShellExtension64.dll [2013-10-07] (Nitro PDF Software -> Nitro PDF)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Campus Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=egccjmfoajhggpboppmnlgphpjbdepml
ShortcutWithArgument: C:\Users\Tamara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2021-10-13 17:06 - 2021-10-13 17:06 - 000365056 _____ () [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\baae9adde3b2553e690bffedfd64077b\Interop.CxHDAudioAPILib.ni.dll
2021-10-13 17:06 - 2021-10-13 17:06 - 000018944 _____ () [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll
2018-10-26 11:51 - 2016-07-14 08:58 - 001155072 _____ (Conexant Systems, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2020-02-07 17:20 - 2020-02-07 17:20 - 000132096 _____ (Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2018-03-05 16:41 - 2018-03-05 16:41 - 000057856 _____ (Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\EPNWPSHDevFinder.DLL
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2020-06-17 16:35 - 2020-06-17 16:35 - 003338240 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files\EPSON\Epson Data Collection Agent\IZENSTRMAPIu.dll
2020-06-17 16:35 - 2020-06-17 16:35 - 003142144 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files\EPSON\Epson Data Collection Agent\NDENCMAPI.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enppmon.dll
2021-05-31 16:28 - 2020-11-03 04:08 - 000954864 _____ (SQLite Development Team) [Archivo no firmado] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-275387635-2355096450-783506645-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-275387635-2355096450-783506645-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-275387635-2355096450-783506645-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKU\S-1-5-21-275387635-2355096450-783506645-1001 -> DefaultScope {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = 
SearchScopes: HKU\S-1-5-21-275387635-2355096450-783506645-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-275387635-2355096450-783506645-1001 -> {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Ningún archivo

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\gob.es -> hxxp://fnmt.gob.es

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-275387635-2355096450-783506645-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tamara\Desktop\referencias\referencias\tattoo\075507f5a482182c56827709182644a4.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\StartupApproved\Run: => "AdobeBridge"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{7828BB7E-F4D6-4BA4-A90A-CC1FAE137C7D}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [Archivo no firmado]
FirewallRules: [{41F958F0-ED5C-40B6-BC2A-DE586AB30CCE}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [Archivo no firmado]
FirewallRules: [{446B13E4-A4B0-4539-A01B-E13392C62948}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08BE1067-D514-42D5-96CE-FCFD518ACF89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{08AEAA16-71CB-44C4-B401-D4E356A21772}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{235BF4B4-325F-413D-82EE-B1B5D3B320E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BB480618-7385-4FD4-8D11-694247623BB9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{C9745B04-F6B1-4CDE-B2F8-C9226519EB13}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C42B2F77-ABFF-4CEB-8AA5-E6D6C17F210E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D02766CE-9D4C-4441-ADC7-8D58BE907FDD}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{162209D5-1B5D-4471-8042-D7585CA2D6EC}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{8DCD839C-C5C8-4A83-AEF2-0D47FF845FB9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD75D2C7-B186-4066-9CA9-A35B556D7427}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{498209D4-A490-4517-B0E4-84AD61AC6DF0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C2868215-84E5-4B7D-88A0-DE9EBD5F0FCD}] => (Allow) C:\Users\Tamara\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8AAFC585-F198-43B0-BDB4-573D259EE777}] => (Allow) C:\Users\Tamara\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B54C4A09-8AE4-4F59-80B0-0EFA03EC3936}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VirtuaVerse\VirtuaVerse.exe () [Archivo no firmado]
FirewallRules: [{5DEF3D2C-22DB-477C-A620-240D894A8DCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VirtuaVerse\VirtuaVerse.exe () [Archivo no firmado]
FirewallRules: [{CF0D34CE-7F23-45A9-B98D-315EF10AD41A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B4BAC77-AAAE-4EFD-B1C8-2B5A3A167C6B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BCCC5578-026E-4E21-B343-E789F3692802}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F53032CE-4034-4DF0-95F4-85F51A79E5D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4235150-D69D-4A84-9588-792AB8963A2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7F9E366-5E6E-40C9-9FBC-EC66248F83D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2AD02AB7-0D6B-48CC-89DA-50711D15AA1F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================

10-11-2021 15:05:56 Instalador de Módulos de Windows
22-11-2021 09:22:34 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (11/26/2021 10:56:02 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Event-ID 1

Error: (11/26/2021 07:31:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 14.8.0.1042, marca de tiempo: 0x5639dd97
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x04c110a5
Identificador del proceso con errores: 0x2948
Hora de inicio de la aplicación con errores: 0x01d7e2f3d08a1cec
Ruta de acceso de la aplicación con errores: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 45665410-40dd-48da-9882-045254bec2fe
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/26/2021 07:31:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: IAStorDataMgrSvc.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   en IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   en IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   en System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   en System.Threading.ThreadPoolWorkQueue.Dispatch()
   en System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/26/2021 07:26:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Los Servicios de cifrado no pudieron inicializar el objeto "System Writer" de la copia de seguridad de VSS.

Details:
Could not query the status of the EventSystem service.

System Error:
Se está cerrando el sistema.
.

Error: (11/26/2021 04:17:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbam.exe, versión: 4.0.0.1170, marca de tiempo: 0x618d7b51
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x603971ce
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219dc5
Identificador del proceso con errores: 0x1554
Hora de inicio de la aplicación con errores: 0x01d7e2d8b945adb5
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 1a6f7637-c2d6-4f5e-a2b1-1adb08e4a27f
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/26/2021 02:30:40 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Event-ID 1

Error: (11/26/2021 11:28:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.1170, marca de tiempo: 0x618d79a6
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x603971ce
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219dc5
Identificador del proceso con errores: 0x1d78
Hora de inicio de la aplicación con errores: 0x01d7e2af7048921d
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 9e402239-2941-45ba-ad91-6412874bb323
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/26/2021 11:24:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 14.8.0.1042, marca de tiempo: 0x5639dd97
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x057314ad
Identificador del proceso con errores: 0x2af8
Hora de inicio de la aplicación con errores: 0x01d7e2afc64b3853
Ruta de acceso de la aplicación con errores: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: a08fcb1d-b5d5-4804-bce4-a26a1c98ced0
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (11/26/2021 07:31:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Rapid Storage Technology se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/26/2021 07:29:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (11/26/2021 07:29:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Windows Presentation Foundation Font Cache 3.0.0.0.

Error: (11/26/2021 07:29:10 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: El servicio Conexant SmartAudio service informó de un estado actual 14 no válido.

Error: (11/26/2021 07:28:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (45000 ms) para la conexión con el servicio Dolby DAX2 API Service.

Error: (11/26/2021 07:26:30 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EASMTIFI)
Description: Error de DCOM "1084" al intentar iniciar el servicio TokenBroker con argumentos "No disponible" para ejecutar el servidor:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

Error: (11/26/2021 07:26:30 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EASMTIFI)
Description: Error de DCOM "1084" al intentar iniciar el servicio TokenBroker con argumentos "No disponible" para ejecutar el servidor:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

Error: (11/26/2021 07:26:04 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio UsoSvc con argumentos "No disponible" para ejecutar el servidor:
{B91D5831-B1BD-4608-8198-D72E155020F7}


Windows Defender:
================
Date: 2021-11-25 23:02:02
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/uTorrent_BundleInstaller&threatid=311958&enterprise=0
Nombre: PUABundler:Win32/uTorrent_BundleInstaller
Id.: 311958
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Users\Tamara\AppData\Roaming\uTorrent\updates\3.5.5_45231.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Usuario
Usuario: LAPTOP-EASMTIFI\Tamara
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.353.1553.0, AS: 1.353.1553.0, NIS: 1.353.1553.0
Versión de motor: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-25 11:41:59
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {1FDD2E5D-AFD8-4E61-9C97-D463989E6A46}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-11-24 11:38:40
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {803E3580-D37A-4F4B-9657-048D83CACDE0}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-11-23 11:12:05
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {E34E238B-345B-4EF8-9E38-378BC546B9D9}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-11-22 11:38:56
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {829F8864-82B9-4D17-B24B-5C45FC250A66}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2021-11-26 19:01:01
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2021-11-23 20:52:26
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80004005
Descripción del error: Error no especificado 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2021-11-23 20:52:25
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80004005
Descripción del error: Error no especificado 
Motivo: La protección en tiempo real dejó de funcionar por motivos desconocidos. Reinicie el servicio para recuperarla.

Date: 2021-11-23 18:52:13
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.353.1449.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18700.4
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

==================== Información de la memoria =========================== 

BIOS: LENOVO 0XCN23WW 03/21/2016
Placa base: LENOVO Toronto 5A2
Procesador: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Porcentaje de memoria en uso: 58%
RAM física total: 8097.91 MB
RAM física disponible: 3358.87 MB
Virtual total: 10073.23 MB
Virtual disponible: 3696.84 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:883.95 GB) (Free:778.74 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.38 GB) NTFS

\\?\Volume{c129d554-dcf3-42a3-bd01-7b837d0bef07}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.44 GB) NTFS
\\?\Volume{90bc3d56-101c-4ce0-b21d-c63e4e1878c9}\ (LENOVO_PART) (Fixed) (Total:20.34 GB) (Free:7.53 GB) NTFS
\\?\Volume{340bea16-440b-4172-94c8-ec848d9455a8}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: CB63F1DD)

Partition: GPT.

==================== Final de Addition.txt =======================

Buenas, he comprobado las tildes como dije que haría y me ha hecho un extraño… cuando he abierto un documento antiguo, he empezado a escribir e iba bien, pero de repente ha dado de nuevo el error de la doble tilde. He abierto otro documento y no me daba error de tildes. He vuelto a abrir el documento anterior y ha dejado de dar el error de las tildes, no sé si eso es algo normal o algo de lo que deba estar pendiente. Gracias por toda la ayuda

Buenas, el virus ha vuelto en toda su gloria, por lo que no se muy bien como actuar a continuacion… me quedo a la espera de lo que me digais… Gracias de antemano

Ok. Perfecto

De nada.

De nada, pero seguro que vuelve.

Todo eso es porque el bicho sigue y seguirá activo.

De nada. A continuación publicaré el Script para matar el bicho y arreglar otras cosas varias.

Salu2.

P.D.:

VIRUSTOTAL

Subes el siguiente fichero a VirusTotal:

C:\Windows\system32\pla.dll

Y me traes el enlace en tu próxima respuesta.

Hola, buenas @Kadoura.

PREGUNTAS

¿Qué antivirus utilizas actualmente en tu ordenador? Por lo que veo actualmente parece ser que utilizas él: Windows Defender. ¿Correcto?

Reconoces esta extensión:

CHR Extension: (Campus Online) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\egccjmfoajhggpboppmnlgphpjbdepml [2019-02-09]

¿Tuviste en el pasado instalado este programa?:

Avg TuneUp

Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

• Reinicias el ordenador en Modo Normal.

• Descargas DelFix en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

• Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Files: C:\Windows\system32\pla.dll
VirusTotal: C:\Windows\system32\pla.dll
Task: {98A54361-F4B7-4C9F-AC35-8C4E3CA1F232} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {BFE7040C-E244-4EF2-A8F0-31529BD1316F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (Ningún archivo)
Task: {4F8E4AB4-1F34-424C-B335-A752CC0CFEED} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\Windows\system32\pla.dll
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF Extension: (Sin Nombre) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [no encontrado]
FF Extension: (Sin Nombre) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [no encontrado]
FF Extension: (Sin Nombre) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [no encontrado]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\198402343.js [2017-06-13] <==== ATENCIÓN (Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\198402343.cfg [2017-06-13] <==== ATENCIÓN
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo

Folder: C:\Users\Tamara\Desktop\jude
Folder: C:\Users\Tamara\Desktop\isobel
Folder: C:\Users\Tamara\Desktop\poppy wcb
Folder: C:\$WinREAgent
Folder: C:\Users\Tamara\Desktop\commision
Folder: C:\Users\Tamara\Desktop\hyaian
Folder: C:\Users\Tamara\Desktop\danika
Folder: C:\Users\Tamara\Desktop\Redraw
Fodler: C:\Users\Tamara\Desktop\portada Naheria
File: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll;C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\baae9adde3b2553e690bffedfd64077b\Interop.CxHDAudioAPILib.ni.dll;C:\WINDOWS\storelibdebug.txt;C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini;C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe;C:\Users\Tamara\AppData\Local\Windows\ttwin.exe;C:\Users\Tamara\AppData\Local\Microsoft\winsession.exe;C:\WINDOWS\system32\DrtmAuthTxt.wim;C:\WINDOWS\SysWOW64\TpmTool.exe;C:\WINDOWS\system32\runexehelper.exe;C:\WINDOWS\system32\TpmTool.exe
VirusTotal: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll;C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\baae9adde3b2553e690bffedfd64077b\Interop.CxHDAudioAPILib.ni.dll;C:\WINDOWS\storelibdebug.txt;C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini;C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe;C:\Users\Tamara\AppData\Local\Windows\ttwin.exe;C:\Users\Tamara\AppData\Local\Microsoft\winsession.exe;C:\WINDOWS\system32\DrtmAuthTxt.wim;C:\WINDOWS\SysWOW64\TpmTool.exe;C:\WINDOWS\system32\runexehelper.exe;C:\WINDOWS\system32\TpmTool.exe

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, en MODO NORMAL):

1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Gracias, hare lo que me has comentado. El link que me pides es este VirusTotal.

En cuanto a lo que me preguntas, efectivamente, uso Windows Defender. La extension que me has puesto no la reconozco ni me suena de donde puede salir. He tenido el AVG pero no recuerdo si se llego a instalar en este portatil, creo que no. Voy a hacer lo que me sugieres y vuelvo a escribir cuando lo haya comprobado

Buenas, acabo de terminar de realizar los pasos y el virus sigue activo. Te dejo aqui el contenido del archivo FIXLOG.txt como pediste en el anterior mensaje. Tengo que ponertelo en dos partes porque sobrepasa el limite de caracteres. Ya me dices

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 26-11-2021
Ejecutado por Tamara (30-11-2021 14:15:33) Run:1
Ejecutado desde C:\Users\Tamara\Desktop
Perfiles cargados: Tamara
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Files: C:\Windows\system32\pla.dll
VirusTotal: C:\Windows\system32\pla.dll
Task: {98A54361-F4B7-4C9F-AC35-8C4E3CA1F232} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {BFE7040C-E244-4EF2-A8F0-31529BD1316F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (Ningún archivo)
Task: {4F8E4AB4-1F34-424C-B335-A752CC0CFEED} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\Windows\system32\pla.dll
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF Extension: (Sin Nombre) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [no encontrado]
FF Extension: (Sin Nombre) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [no encontrado]
FF Extension: (Sin Nombre) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [no encontrado]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\198402343.js [2017-06-13] <==== ATENCIÓN (Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\198402343.cfg [2017-06-13] <==== ATENCIÓN
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo

Folder: C:\Users\Tamara\Desktop\jude
Folder: C:\Users\Tamara\Desktop\isobel
Folder: C:\Users\Tamara\Desktop\poppy wcb
Folder: C:\$WinREAgent
Folder: C:\Users\Tamara\Desktop\commision
Folder: C:\Users\Tamara\Desktop\hyaian
Folder: C:\Users\Tamara\Desktop\danika
Folder: C:\Users\Tamara\Desktop\Redraw
Fodler: C:\Users\Tamara\Desktop\portada Naheria
File: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll;C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\baae9adde3b2553e690bffedfd64077b\Interop.CxHDAudioAPILib.ni.dll;C:\WINDOWS\storelibdebug.txt;C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini;C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe;C:\Users\Tamara\AppData\Local\Windows\ttwin.exe;C:\Users\Tamara\AppData\Local\Microsoft\winsession.exe;C:\WINDOWS\system32\DrtmAuthTxt.wim;C:\WINDOWS\SysWOW64\TpmTool.exe;C:\WINDOWS\system32\runexehelper.exe;C:\WINDOWS\system32\TpmTool.exe
VirusTotal: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll;C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\baae9adde3b2553e690bffedfd64077b\Interop.CxHDAudioAPILib.ni.dll;C:\WINDOWS\storelibdebug.txt;C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini;C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe;C:\Users\Tamara\AppData\Local\Windows\ttwin.exe;C:\Users\Tamara\AppData\Local\Microsoft\winsession.exe;C:\WINDOWS\system32\DrtmAuthTxt.wim;C:\WINDOWS\SysWOW64\TpmTool.exe;C:\WINDOWS\system32\runexehelper.exe;C:\WINDOWS\system32\TpmTool.exe

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END


*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
Files: C:\Windows\system32\pla.dll => Error: Ninguna corrección automática encontrada para esta entrada.
VirusTotal: C:\Windows\system32\pla.dll => (3) Error
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98A54361-F4B7-4C9F-AC35-8C4E3CA1F232}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98A54361-F4B7-4C9F-AC35-8C4E3CA1F232}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFE7040C-E244-4EF2-A8F0-31529BD1316F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFE7040C-E244-4EF2-A8F0-31529BD1316F}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F8E4AB4-1F34-424C-B335-A752CC0CFEED}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F8E4AB4-1F34-424C-B335-A752CC0CFEED}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\PLA\LSC Memory => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PLA\LSC Memory" => eliminado correctamente
C:\Windows\system32\pla.dll => movido correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => eliminado correctamente
C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi => ruta eliminado correctamente
C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => ruta eliminado correctamente
C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => ruta eliminado correctamente
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => eliminado correctamente
C:\Program Files (x86)\mozilla firefox\defaults\pref\198402343.js => movido correctamente
C:\Program Files (x86)\mozilla firefox\198402343.cfg => movido correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente

========================= Folder: C:\Users\Tamara\Desktop\jude ========================

2021-11-15 11:20 - 2021-11-15 11:20 - 000086687 ____A [276BD98D6CF6FC9E3BF63BA2BD2F2595] () C:\Users\Tamara\Desktop\jude\17180160989_e31a7d6e72_b.jpg
2021-11-15 10:00 - 2021-11-15 10:00 - 000240562 ____A [00743AC4FF8696D7466223FE8BDCA454] () C:\Users\Tamara\Desktop\jude\177559144.jpg
2021-11-15 11:14 - 2021-11-15 11:14 - 000073939 ____A [4F21445083199BC8F07D49A58ADA7719] () C:\Users\Tamara\Desktop\jude\2684644-na-novela-deus-salve-o-rei-brice-bia-624x600-2.jpg
2021-11-15 10:48 - 2021-11-15 10:49 - 000084045 ____A [1A28AA35B53E49BE169FF654D9BAA4B2] () C:\Users\Tamara\Desktop\jude\26cf52d75f7d0905c9eab2eb6e136845.jpg
2021-11-15 10:54 - 2021-11-15 10:54 - 000133246 ____A [D59CB4DC1DF6D46845533CF604C11E29] () C:\Users\Tamara\Desktop\jude\286075-catarina-bruna-marquezine-e-enforcada-950x0-2.jpg
2021-11-15 10:50 - 2021-11-15 10:50 - 000092159 ____A [4B9F83961B4828C1B5BDB94F907923A0] () C:\Users\Tamara\Desktop\jude\31198410_2169209453363277_4626999513867878400_n.jpg
2021-11-15 10:49 - 2021-11-15 10:49 - 000102875 ____A [CD48C4A25D448E2F66FC0BC0E537513A] () C:\Users\Tamara\Desktop\jude\3cf881d896415e7c1fab5131754e6e0a.jpg
2021-11-15 11:06 - 2021-11-15 11:06 - 000070441 ____A [AFDFC48BF9E7BC94548E99D33F578DC2] () C:\Users\Tamara\Desktop\jude\4024b8bd784db1192c7d981072e97d9a.jpg
2021-11-15 11:06 - 2021-11-15 11:06 - 000083038 ____A [84A63ADDC383EE34E0A061C09FEB0F15] () C:\Users\Tamara\Desktop\jude\45dfa64fa9bbc3c6e2b2d32aa8dd6422.jpg
2021-11-15 10:55 - 2021-11-15 10:55 - 000086678 ____A [BAFAD7E17DCBAF140E5CADF982F56AFA] () C:\Users\Tamara\Desktop\jude\5d13db16234c5fd1f7755576ec5f46e8.jpg
2021-11-15 10:01 - 2021-11-15 10:01 - 000294527 ____A [DCC1AA479EAA7618A92F2FCAA765CDB5] () C:\Users\Tamara\Desktop\jude\75906276-warrior-woman-with-sword-in-medieval-clothes-on-the-street-is-very-dangerous.jpg
2021-11-15 10:57 - 2021-11-15 10:57 - 001727790 ____A [07069C2E7F3319866C40A28D3F438FFB] () C:\Users\Tamara\Desktop\jude\924188.jpg
2021-11-15 11:05 - 2021-11-15 11:05 - 000113510 ____A [722D21A3A2F9182412EE24B215F60687] () C:\Users\Tamara\Desktop\jude\9c3046519401a5e54f0a9aaa1a61f599.jpg
2021-11-15 10:58 - 2021-11-15 10:58 - 000018216 ____A [96DA4A15CC8855E4B24BA8343637A19E] () C:\Users\Tamara\Desktop\jude\artur-meninea-2191.webp
2021-11-15 10:59 - 2021-11-15 10:59 - 000109502 ____A [A045FC7BBCE931793629D197ED376862] () C:\Users\Tamara\Desktop\jude\artur-meninea-5927.jpg
2021-11-15 11:08 - 2021-11-15 11:08 - 000012648 ____A [4AACF284059F4E77E39780029E8D08E1] () C:\Users\Tamara\Desktop\jude\b1682107dd94b8452f4c85015a55060c.jpg
2021-11-15 09:34 - 2021-11-15 09:34 - 000041071 ____A [75EDE064DFE78D84AC72DFA551B0FB07] () C:\Users\Tamara\Desktop\jude\beautiful-black-woman-with-a-katana-sword-MXI25679.jpg
2021-11-15 09:40 - 2021-11-15 09:40 - 000081390 ____A [BBF3AF97A63068725DD93E1D44FB1B94] () C:\Users\Tamara\Desktop\jude\beautiful-exotic-young-tribal-woman-holding-dagger-combat-pose-isolated-white-53221196.jpg
2021-11-15 09:47 - 2021-11-15 09:47 - 000356830 ____A [E29FA57FE85E20E079957C089A3FDCCB] () C:\Users\Tamara\Desktop\jude\beautiful-ginevra-chemise-27.jpg
2021-11-15 09:35 - 2021-11-15 09:35 - 000042951 ____A [E5CDEFD4BC6FA2627D776692AF861C6A] () C:\Users\Tamara\Desktop\jude\beautiful-woman-portrait-MXI21245.jpg
2021-11-15 11:03 - 2021-11-15 11:03 - 000056082 ____A [9C8AA91CBBD9EE92AAABB282E40E8810] () C:\Users\Tamara\Desktop\jude\bruna marquezine.jpg
2021-11-15 10:51 - 2021-11-15 10:51 - 000014084 ____A [91EB968040372B69FDF552EB0E02293C] () C:\Users\Tamara\Desktop\jude\brunamarquezine.webp
2021-11-15 09:38 - 2021-11-15 09:38 - 000103813 ____A [E89909F57191572B3188A5A52F34F0D5] () C:\Users\Tamara\Desktop\jude\depositphotos_3514339-stock-photo-young-woman-with-sword-and.jpg
2021-11-15 11:00 - 2021-11-15 11:00 - 000071066 ____A [7F1EA7539EDD6D2D9D7AA5D1DB00CB3E] () C:\Users\Tamara\Desktop\jude\deus-salve-o-rei-catarina-afonso-e-amalia.jpg
2021-11-15 10:56 - 2021-11-15 10:56 - 000029337 ____A [0A66D190FB0C2ADB0B682C0C2F236670] () C:\Users\Tamara\Desktop\jude\f14bece60b5bba774ad583d8a42342d8.jpg
2021-11-15 11:18 - 2021-11-15 11:18 - 000176398 ____A [D316F884BC6EAB8993E750572316050D] () C:\Users\Tamara\Desktop\jude\f7cb915e1405d4d3c6b2d8d52b42b930.jpg
2021-11-15 09:54 - 2021-11-15 09:54 - 000405601 ____A [36CAE046648A0DB6694493CC3B1470A9] () C:\Users\Tamara\Desktop\jude\fairy-tale-linen-dress-2.jpg
2021-11-15 09:55 - 2021-11-15 09:55 - 000627031 ____A [2152B372946573A6C74E13563B075869] () C:\Users\Tamara\Desktop\jude\fairy-tale-linen-dress-5.jpg
2021-11-15 10:57 - 2021-11-15 10:57 - 000182296 ____A [CDA5326D144F6BF389DA09EC58682293] () C:\Users\Tamara\Desktop\jude\image-1024x1024.jpg
2021-11-15 09:40 - 2021-11-15 09:40 - 000341594 ____A [2A617F2AA0717F4B4CB3025D4BB7B48E] () C:\Users\Tamara\Desktop\jude\istockphoto-472476190-1024x1024.jpg
2021-11-15 09:54 - 2021-11-15 09:54 - 000139963 ____A [516ACE28243AD3133AFE76B401C4452D] () C:\Users\Tamara\Desktop\jude\medieval-flax-linen-chemise-archeress-1.jpg
2021-11-15 10:02 - 2021-11-15 10:02 - 000289300 ____A [069D0721944986E7AACEEB968A4C1254] () C:\Users\Tamara\Desktop\jude\medieval-warrior-woman-sword-studio-shot-189024806.jpg
2021-11-15 11:04 - 2021-11-15 11:04 - 000091558 ____A [F8863476BB59EDA4B14D1519D0D2250D] () C:\Users\Tamara\Desktop\jude\Novo-visual-Catarina-Deus-Salve-o-Rei-683x1024.jpg
2021-11-15 11:17 - 2021-11-15 11:17 - 000037252 ____A [3CC55232A799C768313743FBC5C446A5] () C:\Users\Tamara\Desktop\jude\rapier_saxon__dresden__the_blade_solingen.jpg
2021-11-15 11:18 - 2021-11-15 11:18 - 000020190 ____A [8A22D055A8F072B87D8FAC09C065800C] () C:\Users\Tamara\Desktop\jude\rapier3.webp
2021-11-15 09:47 - 2021-11-15 09:47 - 000066533 ____A [6A2D51A64136BB0D2C7AC5A6E87EDD7D] () C:\Users\Tamara\Desktop\jude\renaissance-chemise-in-florentine-style.jpg
2021-11-15 09:47 - 2021-11-15 09:47 - 000047173 ____A [D48FBDCDF2A3F3F32A4D1CD9A8EA3958] () C:\Users\Tamara\Desktop\jude\renaissance-chemise-in-florentine-style-3.jpg
2021-11-15 09:49 - 2021-11-15 09:49 - 000054819 ____A [EEF4CBEA93120312770B33E471B5B10E] () C:\Users\Tamara\Desktop\jude\renaissance-clothing-florentine-dress-natural-velvet-7.jpg
2021-11-15 09:49 - 2021-11-15 09:49 - 000059114 ____A [E97EDB31EBED088C7ADEF160336A0975] () C:\Users\Tamara\Desktop\jude\renaissance-clothing-florentine-dress-natural-velvet-9.jpg
2021-11-15 09:48 - 2021-11-15 09:48 - 000066319 ____A [6170DE2A6B06E88E91FA8ADAE7DC8F20] () C:\Users\Tamara\Desktop\jude\renaissance-dress-florentine-natural-flocked-velvet-beautiful-ginevra.jpg
2021-11-15 09:50 - 2021-11-15 09:50 - 000063579 ____A [7E51352EF607E90239C80DB125E2DBCE] () C:\Users\Tamara\Desktop\jude\renaissance-dress-florentine-natural-flocked-velvet-beautiful-ginevra-10.jpg
2021-11-15 09:48 - 2021-11-15 09:48 - 000109198 ____A [9C906EF58E82FC38431612E3D7D5082C] () C:\Users\Tamara\Desktop\jude\renaissance-dress-florentine-natural-flocked-velvet-beautiful-ginevra-5.jpg
2021-11-15 09:51 - 2021-11-15 09:51 - 000066199 ____A [C8B2E9574303B9735F1EB510F848179E] () C:\Users\Tamara\Desktop\jude\renaissance-underwear-florentine-style-corset.jpg
2021-11-15 09:50 - 2021-11-15 09:50 - 000023011 ____A [ABBEDD9129D80D6AB741E7696AA94C4F] () C:\Users\Tamara\Desktop\jude\renaissance-underwear-florentine-style-corset-7.jpg
2021-11-15 09:50 - 2021-11-15 09:50 - 000019242 ____A [443A2549AFB6E0A7311B39AB3774FCD8] () C:\Users\Tamara\Desktop\jude\renaissance-underwear-florentine-style-corset-with-skirt-1.jpg
2021-11-15 11:05 - 2021-11-15 11:05 - 000055972 ____A [0C9025CB035C3258C9868E4E25D203D0] () C:\Users\Tamara\Desktop\jude\Sin título.jpg
2021-11-15 10:54 - 2021-11-15 10:54 - 000175048 ____A [9F14AB936B383A4A6C5C285F4703B002] () C:\Users\Tamara\Desktop\jude\tumblr_619efecba3ce7d0c906eb17f25ff4477_08481d6f_400.png
2021-11-15 11:09 - 2021-11-15 11:09 - 000108594 ____A [5222D00B0D8AEFD198ACCA6CDE0BFE4C] () C:\Users\Tamara\Desktop\jude\tumblr_9b267b9399362a25d5b5bad8f6eb1b4f_9f982c39_250.png
2021-11-15 11:24 - 2021-11-15 11:24 - 000036667 ____A [11B85719076B51B8E79F43616C7711EF] () C:\Users\Tamara\Desktop\jude\tumblr_deec7cd50ae95c40f4776d1deef033ce_c27d2eb1_400.gif
2021-11-15 11:12 - 2021-11-15 11:12 - 000529469 ____A [DBBE9526EC25DA610008295EFCBF5900] () C:\Users\Tamara\Desktop\jude\tumblr_oycrdakuVL1vuek96o1_500.png
2021-11-15 10:48 - 2021-11-15 10:48 - 000584042 ____A [7E93955C2410997BC76AB73E466CE1C4] () C:\Users\Tamara\Desktop\jude\tumblr_p0q1eiRtyc1vuek96o1_500.png
2021-11-15 11:07 - 2021-11-15 11:07 - 000133487 ____A [77B9FF09A7E29D35A640639A28A0D7AC] () C:\Users\Tamara\Desktop\jude\tumblr_peyb7n0qj81wftoggo9_250.png
2021-11-15 10:47 - 2021-11-15 10:47 - 000065708 ____A [956E5B4507F72653BE970E23D1F1F972] () C:\Users\Tamara\Desktop\jude\xbruna_marquezine_jpg_pagespeed_ic_lw5brqf3jl-5619688.jpg
2021-11-15 09:34 - 2021-11-15 09:34 - 000051749 ____A [43787CF5A12ADE0AA05074F2D15AE65B] () C:\Users\Tamara\Desktop\jude\young-black-woman-with-a-katana-sword-MXI25676.jpg
2021-11-15 09:34 - 2021-11-15 09:34 - 000032225 ____A [593B592F6D5A76474B3D4A148C4D94FE] () C:\Users\Tamara\Desktop\jude\young-woman-with-knife-in-defending-pose-MXI25678.jpg

====== Final de Folder: ======


========================= Folder: C:\Users\Tamara\Desktop\isobel ========================

2021-11-15 09:40 - 2021-11-15 09:40 - 000083566 ____A [39643354DA5C18E327C5C49CC805F720] () C:\Users\Tamara\Desktop\isobel\0ea6647901558e8df4fb10eedaa61d8c.jpg
2021-11-15 09:41 - 2021-11-15 09:41 - 000084390 ____A [B1627CAC4A508C9880718C2598BC0346] () C:\Users\Tamara\Desktop\isobel\8f9e04480f5e00a76c012caf52970c52.jpg
2021-11-15 09:53 - 2021-11-15 09:53 - 000273120 ____A [B1F3B346046FEE086BDAAB355C53D5F0] () C:\Users\Tamara\Desktop\isobel\91d8c423a8e50c851d9b5147b2576bfc.jpg
2021-11-15 09:46 - 2021-11-15 09:46 - 000290606 ____A [37F8A7D6C7EF4F5AA94CBA9F6000299C] () C:\Users\Tamara\Desktop\isobel\aa50f187d0f7a48c798123848f7a6c2c.jpg
2021-11-15 09:41 - 2021-11-15 09:41 - 003450346 ____A [6C897284852A11C115ACB61B168D6349] () C:\Users\Tamara\Desktop\isobel\costume-medieval-de-robe-et-corsage-princesse-perdue.jpg
2021-11-15 09:40 - 2021-11-15 09:40 - 000053244 ____A [BE43220942699F181236649D6322BD51] () C:\Users\Tamara\Desktop\isobel\fd7c4647e2f040b0346f306b6e06ce62.jpg
2021-11-15 09:41 - 2021-11-15 09:41 - 003275059 ____A [43BAB9D37CD44B32D520973842CB426B] () C:\Users\Tamara\Desktop\isobel\gilet-corsage-princesse-perdue-8.jpg
2021-11-15 09:53 - 2021-11-15 09:53 - 000535540 ____A [5B362B0C9F66533985EC8C72BBF8411D] () C:\Users\Tamara\Desktop\isobel\linen-chemise-with-bell-sleeves-and-hand-embroidery-renaissance-memories.jpg
2021-11-15 09:53 - 2021-11-15 09:53 - 000052523 ____A [6D9DB63EA559AE44A00DCEFB6719708E] () C:\Users\Tamara\Desktop\isobel\linen-chemise-with-square-neckline-renaissance-memories.jpg
2021-11-15 09:43 - 2021-11-15 09:43 - 000545460 ____A [A79D47E14637FC44F2E55F47F902AD8A] () C:\Users\Tamara\Desktop\isobel\medieval-renaissance-linen-dress-autumn-princess-1.jpg
2021-11-15 09:42 - 2021-11-15 09:42 - 000591080 ____A [D63710EB5098EC885AE65A6951C27373] () C:\Users\Tamara\Desktop\isobel\medieval-renaissance-linen-dress-autumn-princess-4.jpg
2021-11-15 09:42 - 2021-11-15 09:42 - 000406854 ____A [650AB6FADF583416DF4D874D0113E498] () C:\Users\Tamara\Desktop\isobel\robe-de-princesse-medievale-en-lin-princesse-de-lautomne-1-4.jpg
2021-11-15 09:43 - 2021-11-15 09:43 - 003027320 ____A [79658720E1C20F86BB30A9606D6C1E10] () C:\Users\Tamara\Desktop\isobel\robe-style-medieval-princesse-perdue-4.jpg
2021-11-15 09:53 - 2021-11-15 09:53 - 000310833 ____A [67E4B6CC59C5F6884631B4FB3D1E00A1] () C:\Users\Tamara\Desktop\isobel\st-brigittas-linen-cap-renaissance-memories.jpg

====== Final de Folder: ======


========================= Folder: C:\Users\Tamara\Desktop\poppy wcb ========================

2021-11-10 19:59 - 2021-11-10 19:59 - 001092362 ____A [ED54F22821BFC9A3704480C98239AD41] () C:\Users\Tamara\Desktop\poppy wcb\01-ashley-graham-red-carpet.jpg
2021-11-10 20:06 - 2021-11-10 20:06 - 000067679 ____A [4CEB6FECF9A61C9575CBEF746BF8D6A6] () C:\Users\Tamara\Desktop\poppy wcb\2_91st-Annual-Academy-Awards-Arrivals-Los-Angeles-USA-24-Feb-2019.jpg
2021-11-10 20:11 - 2021-11-10 20:11 - 000063398 ____A [6A809E113CB6DBDEC95B6763FDBC0D04] () C:\Users\Tamara\Desktop\poppy wcb\29616678.jpg
2021-11-10 20:03 - 2021-11-10 20:03 - 000052774 ____A [AD4E65F780F4A4F6EEE1742E3A54E0D6] () C:\Users\Tamara\Desktop\poppy wcb\56caJdZ.jpg
2021-11-10 20:10 - 2021-11-10 20:10 - 000119179 ____A [B46FDEB867A1D6355652E16519C4DC9F] () C:\Users\Tamara\Desktop\poppy wcb\675597066.jpg
2021-11-10 20:12 - 2021-11-10 20:12 - 000035998 ____A [35E0BCBADA7291FA30F575AC61A7F711] () C:\Users\Tamara\Desktop\poppy wcb\79723224--660x371.jpg
2021-11-10 20:00 - 2021-11-10 20:00 - 000068882 ____A [DCC0245FDA747FB9B79E30A0C9BFA579] () C:\Users\Tamara\Desktop\poppy wcb\8b8ac70c16ae959621eab5a2db3f8752.jpg
2021-11-11 18:52 - 2021-11-11 18:52 - 000083891 ____A [61C415432A507D214F959C82651FE94C] () C:\Users\Tamara\Desktop\poppy wcb\950435574_8be93ebdaa (1).jpg
2021-11-11 18:51 - 2021-11-11 18:51 - 000083891 ____A [61C415432A507D214F959C82651FE94C] () C:\Users\Tamara\Desktop\poppy wcb\950435574_8be93ebdaa.jpg
2021-11-10 19:52 - 2021-11-10 19:52 - 000049052 ____A [70198D5861635F95FEFDA7E5608BC4B0] () C:\Users\Tamara\Desktop\poppy wcb\a39a309e4f0be2c95851cb13e3c4bab3.jpg
2021-11-10 19:53 - 2021-11-10 19:53 - 000157178 ____A [E93CF796974E59B13E33D1CF644B275E] () C:\Users\Tamara\Desktop\poppy wcb\a74399dabeaeb86b88b2d68b762e584e.jpg
2021-11-10 20:04 - 2021-11-10 20:04 - 000287439 ____A [1B88A3DE643288986CC3CF690C692A42] () C:\Users\Tamara\Desktop\poppy wcb\Ashley1.jpg
2021-11-10 20:00 - 2021-11-10 20:00 - 001087285 ____A [388474A1FF8376142B055A658D9DB9D8] () C:\Users\Tamara\Desktop\poppy wcb\ashley-1.jpg
2021-11-10 20:05 - 2021-11-10 20:05 - 000048627 ____A [907498F093A4D83C0F7BF2CA2174C1EA] () C:\Users\Tamara\Desktop\poppy wcb\ashleygraham2-1551050245.jpg
2021-11-10 20:00 - 2021-11-10 20:00 - 000147935 ____A [3362C992CBD5737EA6B79377DAA0FA02] () C:\Users\Tamara\Desktop\poppy wcb\ashley-graham-91327262.jpg
2021-11-10 19:52 - 2021-11-10 19:52 - 000972220 ____A [4872F827403BF3AB0D5E9F39BC6DE555] () C:\Users\Tamara\Desktop\poppy wcb\ashley-graham-july-2017-1a.jpg
2021-11-10 20:01 - 2021-11-10 20:01 - 000085884 ____A [33D24329E20DD50B29622DF1B7A856B4] () C:\Users\Tamara\Desktop\poppy wcb\body_3_5.jpg
2021-11-10 20:03 - 2021-11-10 20:03 - 000118606 ____A [F4DB761E9AD6A8E8DDB8346AD43C2FA4] () C:\Users\Tamara\Desktop\poppy wcb\CsZYh5eXEAAOVSu.jpg
2021-11-12 11:18 - 2021-11-12 11:18 - 000021635 ____A [DF6E1071BBF33EE99EC12E88BB61EC13] () C:\Users\Tamara\Desktop\poppy wcb\daniela-urzi-a99ed834-b518-4d8e-af92-dc3c62a6fec-resize-750.jpeg
2021-11-10 19:55 - 2021-11-10 19:55 - 000170574 ____A [5053F6191CB548FB35330DEE5F340ED2] () C:\Users\Tamara\Desktop\poppy wcb\HS_Vogue-Paris_Ashley-Graham_AP173258.jpg
2021-11-11 18:52 - 2021-11-11 18:52 - 000014725 ____A [C254A79B308EC8AC176D46D01021CFD3] () C:\Users\Tamara\Desktop\poppy wcb\images.jpg
2021-11-15 09:51 - 2021-11-15 09:51 - 000037910 ____A [2A5864251960CB1EF7A0F6A976EF3243] () C:\Users\Tamara\Desktop\poppy wcb\medieval-exclusive-xiv-century-style-chemise-underdress-3.jpg
2021-11-12 11:17 - 2021-11-12 11:17 - 000032314 ____A [853708C87534865F09E9308DF5A4F829] () C:\Users\Tamara\Desktop\poppy wcb\photo_mid_def_206671.jpg.c0d6bf61463c353dc04f1fb16e79d84c.jpg
2021-11-11 18:51 - 2021-11-11 18:51 - 000239271 ____A [BEFA915EDF0C3075CE59D32B9084DC0C] () C:\Users\Tamara\Desktop\poppy wcb\weeping_willow_1024x1024.jpg
2021-11-11 18:52 - 2021-11-11 18:52 - 000152618 ____A [A7CCF16DB3703C4FBCEDC257237DF720] () C:\Users\Tamara\Desktop\poppy wcb\Weeping-Willow.jpg

====== Final de Folder: ======


========================= Folder: C:\$WinREAgent ========================

2021-11-10 15:09 - 2021-11-10 15:09 - 000000000 ____D [00000000000000000000000000000000] () C:\$WinREAgent\Scratch

====== Final de Folder: ======


========================= Folder: C:\Users\Tamara\Desktop\commision ========================

2021-09-09 09:29 - 2021-09-09 09:29 - 001562530 ____A [011BDCA83D05AC278437BC582195D495] () C:\Users\Tamara\Desktop\commision\aelin.jpg
2021-06-08 10:14 - 2021-06-08 10:13 - 035700068 ____A [87153D2CF9BF731E82F586748701438B] () C:\Users\Tamara\Desktop\commision\cassian flats and details retoque2.jpg
2021-09-09 18:57 - 2021-09-09 18:58 - 004562990 ____A [D1837E8CCC11D7ED0E7697BEBE7EBEF2] () C:\Users\Tamara\Desktop\commision\Commercial Commission info.pdf
2021-04-10 12:04 - 2021-04-10 12:04 - 001423992 ____A [57CF4F15AA2390AB408EF7AD8EB385F3] () C:\Users\Tamara\Desktop\commision\d686e4_58decde72ae843be9f7b4e1238c82b39.pdf
2021-06-05 13:33 - 2021-06-05 13:28 - 008453185 ____A [97479F5B3B1A41D4E0D08656709B70DE] () C:\Users\Tamara\Desktop\commision\Daniros color retoque.jpg
2021-09-03 12:56 - 2021-01-27 14:09 - 000740705 ____A [8B38576873D8886C82D966FB78712621] () C:\Users\Tamara\Desktop\commision\Daniros.jpg
2021-06-08 10:22 - 2021-06-08 10:22 - 008794192 ____A [FCB999F3CF674FF67ABDC09763C5FCBF] () C:\Users\Tamara\Desktop\commision\feyre flast an details retoke2.jpg
2021-09-08 20:40 - 2021-09-08 20:40 - 001587881 ____A [33648005418BA9A050BFB22668934E73] () C:\Users\Tamara\Desktop\commision\Feysand.jpg
2021-09-08 19:56 - 2021-09-08 19:56 - 041286190 ____A [60D746B6FDE86DA907C8DDEC2A4C7951] () C:\Users\Tamara\Desktop\commision\firma.psd
2021-06-05 19:07 - 2021-06-06 10:08 - 017644728 ____A [71D2F9EABF5ECEF51E4DE57982D3F5D6] () C:\Users\Tamara\Desktop\commision\lucien flats and details retoke.jpg
2021-09-09 21:00 - 2021-09-09 21:00 - 004562968 ____A [F1F4294E3C0D119F17024FE0887CB12F] () C:\Users\Tamara\Desktop\commision\Personal Commission info.pdf
2021-04-10 12:04 - 2021-04-10 12:04 - 001426395 ____A [7032501EB1981E4E29066DEEBA65384A] () C:\Users\Tamara\Desktop\commision\personal.pdf
2021-06-06 11:12 - 2021-06-06 11:11 - 008297026 ____A [D533978FCB381D2A802E004EA8E6B55D] () C:\Users\Tamara\Desktop\commision\rhysand flast an details retoke.jpg
2021-09-08 13:25 - 2021-09-08 19:52 - 004348735 ____A [22ACEF8D04093C7D5CFFE7382157BDD0] () C:\Users\Tamara\Desktop\commision\Rhysand fondo retoque peq.jpg
2021-06-05 13:25 - 2021-06-05 13:31 - 008472554 ____A [344F35E08ADA5A192335D1793D75E1B2] () C:\Users\Tamara\Desktop\commision\silion color retoque.jpg
2021-09-03 12:56 - 2021-04-16 13:00 - 000500264 ____A [EB0EEBD8DFAACF2BC5E4F26CC7E1B4B5] () C:\Users\Tamara\Desktop\commision\silion peq.jpg
2021-09-08 13:24 - 2021-09-09 18:58 - 004902912 ____A [98E37B2CA64DDC06785122C60A8F5E8B] () C:\Users\Tamara\Desktop\commision\Sin título-1.indd
2021-09-09 21:00 - 2021-09-09 21:01 - 003948544 ____A [FEA2520372335309E963E434240F3F6B] () C:\Users\Tamara\Desktop\commision\Sin título-1-2.indd
2021-06-06 11:53 - 2021-09-08 19:50 - 008993778 ____A [02057397A646A2566070FA2B31521B18] () C:\Users\Tamara\Desktop\commision\tamlin flast an details retoke.jpg
2021-02-16 09:58 - 2021-02-16 09:58 - 000473954 ____A [EF62AAAD3907D8C4DFCA2B4752518213] () C:\Users\Tamara\Desktop\commision\Tarifas_2021_Peninsula_y_Baleares.pdf
2021-04-30 09:30 - 2021-04-30 09:30 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Tamara\Desktop\commision\makario
2021-04-29 18:55 - 2021-04-29 18:55 - 000015409 ____A [9825987221A53A59E5F488B7872D419E] () C:\Users\Tamara\Desktop\commision\makario\16071f9785ad0292a1a54908342a7a69.jpg
2021-04-29 12:47 - 2021-04-29 12:47 - 000018769 ____A [BB85DFA5330CB6C6784372FCC55CFAC0] () C:\Users\Tamara\Desktop\commision\makario\1d4639cdf3e82e8e9c9baa6ba14561e5--fashion-beauty-mens-fashion.jpg
2021-04-29 19:12 - 2021-04-29 19:12 - 000284320 ____A [33DFAE6EE4DE3E4A47CA25293EE254AF] () C:\Users\Tamara\Desktop\commision\makario\2015-01-21-DouglasFriedman-thumb.jpg
2021-04-29 12:47 - 2021-04-29 12:47 - 000058145 ____A [6670AE8EFEF5D405C68107F9AC884CAB] () C:\Users\Tamara\Desktop\commision\makario\30c9d9eb1fd557497559b20d43189cf9.jpg
2021-04-29 19:00 - 2021-04-29 19:00 - 000122897 ____A [14CAE582050FCD919AE357C9CD120330] () C:\Users\Tamara\Desktop\commision\makario\4af57f94b7b1c500a328deb840a89369.jpg
2021-04-29 19:01 - 2021-04-29 19:01 - 000089256 ____A [0A378D591999D84F63F9917D250229C1] () C:\Users\Tamara\Desktop\commision\makario\6867dd7cc0324e86ac81489141c555da.jpg
2021-04-29 18:59 - 2021-04-29 18:59 - 000077793 ____A [A64483C5F1191BB1FCBE9FBB4C1540F3] () C:\Users\Tamara\Desktop\commision\makario\bearded-man-has-serious-face-expression-his-face-portrait-handsome-mature-man-his-s-bearded-man-has-serious-face-185022214.jpg
2021-04-29 12:45 - 2021-04-29 12:45 - 000031850 ____A [6B165466BF9517D85038ACEB0FFA08BB] () C:\Users\Tamara\Desktop\commision\makario\boinas-1-495x400.jpg
2021-04-29 12:46 - 2021-04-29 12:46 - 000037718 ____A [4AD5BD757D7CA9B31294B1C7846342B9] () C:\Users\Tamara\Desktop\commision\makario\can-stock-photo_csp8019076.webp
2021-04-29 12:48 - 2021-04-29 12:48 - 000061532 ____A [D10381EBEFA644BF780C559A5A66ED1B] () C:\Users\Tamara\Desktop\commision\makario\cotton-beret-men-cancer-hats-30.jpg
2021-04-29 19:15 - 2021-04-29 19:15 - 000221310 ____A [E6021724F4648A478416FA08651BF8E6] () C:\Users\Tamara\Desktop\commision\makario\DesignTV_DouglasFriedman_horizontal.jpg
2021-04-29 12:46 - 2021-04-29 12:46 - 000099841 ____A [DAD5844BC9B29DBC8AE5824D01639E09] () C:\Users\Tamara\Desktop\commision\makario\hombre-joven-con-una-boina-14373514.jpg
2021-04-29 18:54 - 2021-04-29 18:54 - 000135773 ____A [CEE2828EF59D7CF49E5E66C4AC64B8D6] () C:\Users\Tamara\Desktop\commision\makario\la-mediana-edad-senior-hombre-pensando-vistiendo-artista-frances-boina-hippie-hat-b9d4hm.jpg
2021-04-29 12:49 - 2021-04-29 12:49 - 000109556 ____A [4FFB3B833F27CA0E374194CE93D6E91F] () C:\Users\Tamara\Desktop\commision\makario\Miguel+Angel+Silvestre+Casual+Hats+Beret+3FUkrMcEAA5x.jpg
2021-04-29 19:15 - 2021-04-29 19:15 - 000199629 ____A [5D0EEC2E306D483820FB7B58496EBF94] () C:\Users\Tamara\Desktop\commision\makario\Surface+Presents+Party+Volume+3+AnEQzhw0n7kx.jpg
2021-04-29 19:13 - 2021-04-29 19:13 - 000106621 ____A [7F53B10D44C7E317488369883BD6832A] () C:\Users\Tamara\Desktop\commision\makario\unnamed-1.jpg

====== Final de Folder: ======


========================= Folder: C:\Users\Tamara\Desktop\hyaian ========================

2020-11-09 11:31 - 2015-03-22 19:39 - 000045041 ____A [2190A3134B34725B1668675E593C6ECB] () C:\Users\Tamara\Desktop\hyaian\000117_000308.jpg
2020-11-15 12:51 - 2020-11-15 12:51 - 000016047 ____A [99F38A0564E37B8E59A7BD4039236A80] () C:\Users\Tamara\Desktop\hyaian\024a1ec5030700e1bb4acab374b8c313--sexy-guys-sexy-men.jpg
2020-11-09 11:31 - 2015-02-24 12:11 - 000011355 ____A [A1F660C3CC18D45BFA858C6757DF367D] () C:\Users\Tamara\Desktop\hyaian\0785467271e3e3be7fe86b202a55e43f.jpg
2020-11-15 12:50 - 2020-11-15 12:50 - 000105159 ____A [78BE07477CB23589A1897528103D4806] () C:\Users\Tamara\Desktop\hyaian\0c2cdd19adea8aea115bb18758f63315.jpg
2020-11-15 12:50 - 2020-11-15 12:50 - 000088122 ____A [0B0DD38244C6A8C04884AE0177A2E6B7] () C:\Users\Tamara\Desktop\hyaian\0cbae61deedc65a45bc921aa6a212dd0.jpg
2020-11-09 11:31 - 2015-02-24 13:24 - 000045370 ____A [5B0CF716FC1C9D85F359F569C5A22EB7] () C:\Users\Tamara\Desktop\hyaian\11877703-marco-abstracto-de-las-lineas-de-limite-de-estilo-art-nouveau.jpg
2020-11-19 12:33 - 2020-11-19 12:33 - 000071701 ____A [577EF12715FA2862F1987292191FF602] () C:\Users\Tamara\Desktop\hyaian\13557027_516586665191285_572973110_n.jpg
2020-11-09 11:31 - 2015-04-30 07:43 - 000029439 ____A [9C7CC3B020DEC761EFD3E35AD43726D5] () C:\Users\Tamara\Desktop\hyaian\1449212_f260.jpg
2020-11-09 11:31 - 2015-04-30 07:41 - 000313372 ____A [C41DE37FE3E2D624D67ADC4FF5F3B6E6] () C:\Users\Tamara\Desktop\hyaian\1879.natural.form.dresses.jpg
2020-11-09 11:31 - 2015-04-30 07:42 - 000231189 ____A [3DFB4C2FB1E2ADDD024A49A73759C21D] () C:\Users\Tamara\Desktop\hyaian\1879.victorian.dresses.1880.jpg
2020-11-10 12:10 - 2020-11-10 12:10 - 000083579 ____A [1DB717F6CA03AB9503EB1E8847B15B14] () C:\Users\Tamara\Desktop\hyaian\1df19224771067477ccd9fdc787024df.jpg
2020-11-15 12:51 - 2020-11-15 12:51 - 000738399 ____A [8E0BBC931B95F1EF70D9BD4B36C919FF] () C:\Users\Tamara\Desktop\hyaian\296ae9c392df0d10df3097983fff94b6.png
2020-11-09 11:31 - 2015-02-24 13:24 - 000105744 ____A [BD1716D0F51F2C8AA606BF93C1AA0C06] () C:\Users\Tamara\Desktop\hyaian\2b7083dd32f12a768383d8f808011f06.jpg
2020-11-09 11:31 - 2015-03-23 13:04 - 000233642 ____A [9B64598FAA260ED540ED74835E6E6D93] () C:\Users\Tamara\Desktop\hyaian\30209752.jpg
2020-11-15 12:24 - 2020-11-15 12:24 - 000024525 ____A [72177081284B472006CAF9A0EF34C2EC] () C:\Users\Tamara\Desktop\hyaian\3ikBu.jpg
2020-11-10 12:08 - 2020-11-10 12:08 - 000049097 ____A [09BC78E6CFD02A11589EF77DE0AFF23A] () C:\Users\Tamara\Desktop\hyaian\41a4251dbfb524c3c498f8444e892e55.jpg
2020-11-09 11:31 - 2015-03-26 12:33 - 000037289 ____A [870FDEB0947EE578DEBB60BDB177DBF8] () C:\Users\Tamara\Desktop\hyaian\459110__golden-eyes_p.jpg
2020-11-09 12:06 - 2020-11-09 12:06 - 000049497 ____A [E39B440256B2F421FA25CF1121E922EA] () C:\Users\Tamara\Desktop\hyaian\5d07f8006801cfb0e0fc8a5f3972f410.jpg
2020-11-19 12:32 - 2020-11-19 12:32 - 000042102 ____A [A6855B2BD1E41E28BE6B9552A684C8C6] () C:\Users\Tamara\Desktop\hyaian\5ffcd23a8c944d097ebb0e4b6ac22243.jpg
2020-11-09 11:31 - 2015-02-24 12:10 - 000012240 ____A [1E38FEAAF752A762355B209899B30992] () C:\Users\Tamara\Desktop\hyaian\67074e942803f7f54dd68c25b381f7b9.jpg
2020-11-09 12:51 - 2020-11-09 12:51 - 000049531 ____A [F8699DFDEF4C43F432601039B6E196CC] () C:\Users\Tamara\Desktop\hyaian\6ca84de9e6dc5b6c54a692a496ce2f13--blonde-male-models-blonde-man.jpg
2020-11-15 12:52 - 2020-11-15 12:52 - 000017172 ____A [42AB781253ED9B2C298225BB63DD86A8] () C:\Users\Tamara\Desktop\hyaian\71078914-288-k456005.jpg
2020-11-09 11:31 - 2015-02-24 12:17 - 000025208 ____A [5518E624CA46A51DFC9B237CF4617134] () C:\Users\Tamara\Desktop\hyaian\780CC6F6-800F-41FE-8E0F-B146AD1A25DE.jpg__680__460__CROPz0x680y460.jpeg
2020-11-15 12:38 - 2020-11-15 12:38 - 000043543 ____A [1D221A5D6036EC43E6D46DA80F088A57] () C:\Users\Tamara\Desktop\hyaian\83258e92725c6ba53c6a165aa2ab47ef.jpg
2020-11-20 14:04 - 2020-11-20 14:04 - 000059294 ____A [C6F8ADD45F3D8E237CF6845A15897535] () C:\Users\Tamara\Desktop\hyaian\90c4c2254c342dfb12bb571bbf99c87f00bd0626.jpg
2020-11-15 12:33 - 2020-11-15 12:33 - 000018758 ____A [CCADFEA0AA418DCEBC709A90CA2035CE] () C:\Users\Tamara\Desktop\hyaian\9194Z0o0eOL._AC_SX522_.jpg
2020-11-20 14:07 - 2020-11-20 14:07 - 000269228 ____A [B379154EEF723F64E1E37BCEE4706DBE] () C:\Users\Tamara\Desktop\hyaian\97b0b8a3a74420e48904e27fa8087cd0.jpg
2020-11-09 11:31 - 2015-02-24 12:17 - 000247393 ____A [FE250B7205D3A074C40D87A1834BDB3A] () C:\Users\Tamara\Desktop\hyaian\Adrian Peterson.jpg
2020-11-15 12:37 - 2020-11-15 12:37 - 000039745 ____A [9DAFA350C6FD68505BDF59A050CAFDF6] () C:\Users\Tamara\Desktop\hyaian\arrow-colton-haynes-non-cast-regolare-dell-ottava-stagione-v3-393216.jpg
2020-11-09 11:31 - 2015-02-24 13:21 - 000026155 ____A [6753D74AB147F5A5D43444102DF597F0] () C:\Users\Tamara\Desktop\hyaian\art-nouveau-espejo.jpg
2020-11-20 14:06 - 2020-11-20 14:06 - 000013340 ____A [51913EF56853D5F8637345D2CF9C1CF5] () C:\Users\Tamara\Desktop\hyaian\b6ac6f1a94e528fa141cdc858a1c3d46--story-inspiration-ton.jpg
2020-11-20 13:51 - 2020-11-20 13:51 - 000030395 ____A [B417BBC2FF9015E79A1F7F4AA65CA246] () C:\Users\Tamara\Desktop\hyaian\bfc9cdd395d975454d61a0aff9857d8c--mens-hair-long-men-with-long-hair.jpg
2020-11-09 11:31 - 2015-04-02 12:30 - 007836892 ____A [18ED43F22B56FC72EC9261AB20008457] () C:\Users\Tamara\Desktop\hyaian\boceto.psd
2020-11-15 12:49 - 2020-11-15 12:49 - 000018124 ____A [7CFE68ED2C6441FFA4A8930FCA1F8030] () C:\Users\Tamara\Desktop\hyaian\c05605f2bb7bda53219cb75d24e16c71.jpg
2020-11-19 12:32 - 2020-11-19 12:32 - 000043197 ____A [36DC83E6EB1AF4B5B952648E21319A78] () C:\Users\Tamara\Desktop\hyaian\c2a4f28c6a4ab1bace3451242a984276.jpg
2020-11-15 12:36 - 2020-11-15 12:36 - 000070371 ____A [B47BA902451D2EEB53F98D65083F63DE] () C:\Users\Tamara\Desktop\hyaian\cd73ee496cafb2c06003923922b47b0a.jpg
2020-11-09 11:31 - 2015-02-24 12:12 - 000020776 ____A [4991288B1689DA10CDAE490BA4DEEADC] () C:\Users\Tamara\Desktop\hyaian\CELEBRITIES_jonathan_rhys_meyersV.jpg
2020-11-19 12:31 - 2020-11-19 12:31 - 000040329 ____A [5509103FC1A64055D8B7E4F4FD89FB62] () C:\Users\Tamara\Desktop\hyaian\circle-tattoo-28.jpg
2020-11-09 11:31 - 2015-02-28 13:28 - 000141225 ____A [94A92EB8E33DACD7F9915B198CB218B3] () C:\Users\Tamara\Desktop\hyaian\CR_822982_nastya_zhidkova.jpg
2020-11-15 12:50 - 2020-11-15 12:50 - 000046927 ____A [D04AD186592C3CE474845251DCCD9FBB] () C:\Users\Tamara\Desktop\hyaian\d7e54827a7fff0981ac78c085cd206e8.jpg
2020-11-18 09:12 - 2003-07-29 13:56 - 000212992 ____A [62367581EE7460E9244EE99A7B6200D7] () C:\Users\Tamara\Desktop\hyaian\DICCIONARIO_GAELICO.DOC
2020-11-23 13:43 - 2020-11-23 13:43 - 001145700 ____A [9F8825D3554D80D1EB4CA32464D29DA1] () C:\Users\Tamara\Desktop\hyaian\Editoriales-de-Literatura-Vanir-Academy.pdf
2020-11-09 10:47 - 2021-11-25 20:26 - 000171468 ____A [5CFBABDC6BB566B7BC292B64A0A6D079] () C:\Users\Tamara\Desktop\hyaian\El libro de Tharthatos.rtf
2020-03-25 14:40 - 2020-03-27 14:03 - 000018387 ____A [ACC71DD5995924D3C8F9EB79EA1E5FD7] () C:\Users\Tamara\Desktop\hyaian\escrito.docx
2020-11-20 14:07 - 2020-11-20 14:07 - 000015401 ____A [82AF3A4D09D71197B2627AF48915E74A] () C:\Users\Tamara\Desktop\hyaian\f1f2f219401b08703bbe5f8ec5f8278d--long-hair-guys-long-haired-men.jpg
2020-11-09 12:50 - 2020-11-09 12:50 - 000079737 ____A [4083F8A91521B01DC57B60A8B229FEC2] () C:\Users\Tamara\Desktop\hyaian\fa3d08d5c59e87b14995c005f17eddcf.jpg
2020-11-09 11:31 - 2015-03-22 19:40 - 000059015 ____A [48DF3FE75DDF1AB3593EA7BDC9BFD3BC] () C:\Users\Tamara\Desktop\hyaian\fachada-casa-Art-Nouveau-Maison-Cauchie-en-Bruselas.jpg
2020-11-10 13:05 - 2020-11-10 13:09 - 000720452 ____A [BA72B39DFFD21A65F18D4043F3219AD8] () C:\Users\Tamara\Desktop\hyaian\fondowattpad.jpg
2020-11-10 12:16 - 2020-11-10 13:09 - 010319092 ____A [4403EA419EBCC500CFED80410AC15A7A] () C:\Users\Tamara\Desktop\hyaian\fondowattpad.psd
2020-11-10 11:37 - 2020-11-10 11:40 - 002963412 ____A [2A50E11082C2F987B119B973554FC93D] () C:\Users\Tamara\Desktop\hyaian\foto.jpg
2020-11-10 11:36 - 2020-11-10 11:36 - 008383533 ____A [F667B6B205FDCEEC4616370019373551] () C:\Users\Tamara\Desktop\hyaian\foto.psd
2020-11-10 11:42 - 2020-11-10 11:42 - 002514822 ____A [D820F92BE7C0D57903E29C604B491553] () C:\Users\Tamara\Desktop\hyaian\foto2.jpg
2020-11-09 11:31 - 2015-02-24 12:17 - 000016994 ____A [569B2E7201C4DC86F85F89451C461A6F] () C:\Users\Tamara\Desktop\hyaian\Fototipo 6.jpg
2020-12-21 13:48 - 2020-12-21 13:48 - 000636676 ____A [F988A956ED9319AB9129B44581252FF1] () C:\Users\Tamara\Desktop\hyaian\gettyimages-155368013-2048x2048.jpg
2020-12-21 13:44 - 2020-12-21 13:44 - 000215294 ____A [41951D77CDD59D7491614298D1C774EF] () C:\Users\Tamara\Desktop\hyaian\gettyimages-618209684-1024x1024.jpg
2020-12-21 13:45 - 2020-12-21 13:45 - 000636758 ____A [B9FC2DC2F6928FB838682CF15EACB1C0] () C:\Users\Tamara\Desktop\hyaian\gettyimages-618209684-2048x2048.jpg
2021-04-16 20:05 - 2021-04-16 20:05 - 000040577 ____A [85615586734BEF0F13AE560B06992874] () C:\Users\Tamara\Desktop\hyaian\giulio berruti.jpg
2020-11-09 11:31 - 2015-03-22 19:39 - 000069941 ____A [96FCEA573090FAF5633269DBB0711B76] () C:\Users\Tamara\Desktop\hyaian\Glasgow School of Art - 1_l.jpg
2020-11-20 13:53 - 2020-11-20 13:53 - 000023564 ____A [45527E17678EC22071446D9F85336EF1] () C:\Users\Tamara\Desktop\hyaian\Guys-with-Long-Blonde-Hair.jpg
2020-11-09 11:31 - 2015-03-22 19:38 - 000125569 ____A [9E1D86E5601EA27A2907EFA1ADAEC1A5] () C:\Users\Tamara\Desktop\hyaian\h2_19701813.jpg
2020-11-15 12:25 - 2020-11-15 12:25 - 000183631 ____A [86F5B2303A7AA2D08649CF9B430B93ED] () C:\Users\Tamara\Desktop\hyaian\Happy-33rd-Birthday-Alexander-Dreymon-160208-07.jpg
2020-11-09 11:31 - 2015-02-24 20:49 - 000070727 ____A [8932FD914C4072921BA74A0DEDB04305] () C:\Users\Tamara\Desktop\hyaian\hyaian.jpg
2020-11-09 11:31 - 2015-02-28 17:42 - 028588984 ____A [AFE76A6BBD8CCDB45E6E4E6535808BCD] () C:\Users\Tamara\Desktop\hyaian\hyaian.psd
2020-11-09 13:27 - 2020-11-09 13:27 - 000036030 ____A [F61BE2556A12C73D1E404768EDDA9052] () C:\Users\Tamara\Desktop\hyaian\il_570xN.1679475831_p2tt.jpg
2020-11-09 13:22 - 2020-11-09 13:22 - 000023427 ____A [905BD3F2BD99A6ECAC0A8C25CA465E7E] () C:\Users\Tamara\Desktop\hyaian\il_570xN.1757216892_ik34.jpg
2020-11-19 12:44 - 2020-11-19 12:44 - 000008731 ____A [2898521EA612B1E7DBFE2A6937F63EE4] () C:\Users\Tamara\Desktop\hyaian\images.jpg
2020-11-10 11:23 - 2020-11-10 11:23 - 001859779 ____A [2FC8E1A44A4B71AD8E6A286FE1CD9704] () C:\Users\Tamara\Desktop\hyaian\IMG_20201110_111503.png
2020-11-10 11:23 - 2020-11-10 11:23 - 001786152 ____A [D920BABD8BF60A726A6F42552739BC2F] () C:\Users\Tamara\Desktop\hyaian\IMG_20201110_111902.png
2021-11-23 19:45 - 2021-11-23 19:45 - 052253597 ____A [D16D47C52A5065B12E999ACF30C8F8BA] () C:\Users\Tamara\Desktop\hyaian\Iniciativa Mi novela del 2020 EDITABLE.pdf
2020-11-20 14:07 - 2020-11-20 14:07 - 000091559 ____A [0C1EA20CDB9AB36C3A7E8EE6A63210EB] () C:\Users\Tamara\Desktop\hyaian\INSTAGRAM-MARCH-19-3-620x717.jpg
2020-11-09 11:31 - 2015-02-24 12:05 - 000079143 ____A [94EF4074FAF3CCDC104D01575AA57A3E] () C:\Users\Tamara\Desktop\hyaian\jonathan-rhys-meyers-na-cama-revista-w.jpg
2020-11-09 11:31 - 2015-03-23 12:48 - 000249786 ____A [8A14E12C326C1AAF6F89A22A10D7F339] () C:\Users\Tamara\Desktop\hyaian\leon alado.jpg
2020-11-09 11:31 - 2015-03-23 13:05 - 000105451 ____A [68A8CD173EE4841FE5160E3EBA9BA468] () C:\Users\Tamara\Desktop\hyaian\lion test 3.jpg
2020-11-09 11:31 - 2015-02-24 12:08 - 000028165 ____A [55576BE112B7F7A6644328C8BB718CA2] () C:\Users\Tamara\Desktop\hyaian\long-hair-men-super-length.jpg
2020-11-09 11:31 - 2015-02-24 13:26 - 000032610 ____A [9154D8EBE512BE977751CA082A4F22AA] () C:\Users\Tamara\Desktop\hyaian\metro.jpg
2020-11-19 12:33 - 2020-11-19 12:33 - 000466992 ____A [2A147FA0B46BA8942DE13E2097C3989F] () C:\Users\Tamara\Desktop\hyaian\Minimal-Tattoo-Designs-by-Stanislaw-Wilczynski-15.png
2020-11-09 11:31 - 2015-03-23 14:15 - 001803936 ____A [1F416A19131664EC99FCA9DBC12F4EAC] () C:\Users\Tamara\Desktop\hyaian\montaje.jpg
2020-11-09 11:31 - 2015-03-23 14:38 - 044225014 ____A [8553F6C86F84958EBD1512B481594B76] () C:\Users\Tamara\Desktop\hyaian\MONTAJE.psd
2020-11-09 11:31 - 2015-03-24 12:10 - 002511489 ____A [99A23B9D71D1DE50FEB85B100FBBEDC6] () C:\Users\Tamara\Desktop\hyaian\MONTAJE2.jpg
2020-11-09 11:31 - 2015-03-24 12:29 - 003970698 ____A [AC46CD7557105AC6D4D5F521AFCAA2AA] () C:\Users\Tamara\Desktop\hyaian\MONTAJE3.jpg
2020-11-18 10:01 - 2007-02-09 13:10 - 000029184 ____A [FA5549928E59E45CE61855BF1AAC18FE] () C:\Users\Tamara\Desktop\hyaian\Nerum y Kalem.doc
2020-11-09 11:31 - 2015-04-27 20:19 - 000093355 ____A [6D01D3E53F5581DFC5518403754C92B6] () C:\Users\Tamara\Desktop\hyaian\no_cookie_for_you_stock_01_by_diamoneyes-d8q2z99.png
2020-11-15 12:38 - 2020-11-15 12:38 - 000195388 ____A [ACAD72D64A6910BEAD616B4F5F2FD94D] () C:\Users\Tamara\Desktop\hyaian\original.jpg
2020-11-09 11:31 - 2015-03-22 19:38 - 000022213 ____A [DE82D934DE362C59A8DF08894F9C5413] () C:\Users\Tamara\Desktop\hyaian\Petite-Cosmo-table-lamp-by-Art-Donovan-Bonus.jpg
2020-11-12 10:16 - 2020-11-12 10:16 - 032152526 ____A [024C1BB90B4C7BCE6C5ABC274068AEC5] () C:\Users\Tamara\Desktop\hyaian\Planificador de novelas Esther G. Recuero.pdf
2020-11-20 14:02 - 2020-11-20 14:02 - 000217627 ____A [C076B95466F9D61C506FE5FA6D4C57CB] () C:\Users\Tamara\Desktop\hyaian\QF2eGbeA_o.jpg
2020-11-09 13:30 - 2020-11-09 13:30 - 000057869 ____A [AE6D3E88BEC8E66576E5DC6B56E31286] () C:\Users\Tamara\Desktop\hyaian\RYMZ6.0RD1.jpg
2020-11-09 11:31 - 2015-03-23 13:46 - 000108140 ____A [5F1172EE32C5BB2669A0297B5A3AAA10] () C:\Users\Tamara\Desktop\hyaian\Sin título-1.jpg
2020-11-09 11:31 - 2015-04-27 20:19 - 000086759 ____A [8F04CAF54ECF8E653732349864C9EF3C] () C:\Users\Tamara\Desktop\hyaian\stein_s_got_his_hanes_on_by_diamoneyes-d8jfdil.png
2020-11-09 11:31 - 2015-03-23 13:00 - 000051299 ____A [42B05789884D027ABA7B0A55F789F4D5] () C:\Users\Tamara\Desktop\hyaian\stock-photo-lion-sculpture-at-the-new-york-public-library-3268101.jpg
2020-11-20 14:00 - 2020-11-20 14:00 - 000068517 ____A [21CC4BD66D6B2D9B422BEB225932D1E0] () C:\Users\Tamara\Desktop\hyaian\testino-homotography-07.jpg
2020-11-09 11:31 - 2015-09-23 12:04 - 000155136 __ASH [FE34C1D0686F8C3BC5ADF9CF1972E66E] () C:\Users\Tamara\Desktop\hyaian\Thumbs.db
2020-11-20 14:01 - 2020-11-20 14:01 - 000136861 ____A [D6D3E5CEB104AEF34F555740F3723630] () C:\Users\Tamara\Desktop\hyaian\ton-heukels-lab-a4-7.jpg
2020-11-09 13:27 - 2020-11-09 13:27 - 000008205 ____A [E550D47D131422EB7E9F07AA15DE4783] () C:\Users\Tamara\Desktop\hyaian\Trésor_de_Tayac_-_Torque_-_Musée_d'Aquitaine_-_60.17.2.jpg
2020-11-09 11:31 - 2015-03-22 19:31 - 000022100 ____A [4AA92FBA70E3253E23E20734A044A753] () C:\Users\Tamara\Desktop\hyaian\tumblr_li65ehtpXz1qi5dclo1_400.jpg
2020-11-10 12:10 - 2020-11-10 12:10 - 000277815 ____A [CD05EE8E36AB294D68C70318D9A0B05F] () C:\Users\Tamara\Desktop\hyaian\Tye-Die-Wallpapers-59+-images-.jpg
2020-11-20 14:01 - 2020-11-20 14:01 - 000052779 ____A [F91450F8227471B95F6C9069ACB29174] () C:\Users\Tamara\Desktop\hyaian\unnamed.jpg
2020-11-15 12:52 - 2020-11-15 12:52 - 000188353 ____A [37DC8103B8314D5E64F511E257315B5D] () C:\Users\Tamara\Desktop\hyaian\van7cm1ru9x21.jpg
2020-11-09 11:31 - 2015-04-30 07:42 - 000049913 ____A [8E0129B0746EAEED93925EFDDF578ACD] () C:\Users\Tamara\Desktop\hyaian\Victorian_fashions.jpg
2020-11-09 11:31 - 2015-04-30 07:44 - 000208145 ____A [C7D84E9889739366E777D502F721918F] () C:\Users\Tamara\Desktop\hyaian\victorian-womens-clothing.jpg
2020-11-09 11:31 - 2015-04-30 07:41 - 001697697 ____A [31CE9E4999B6E229E04F0FD9EEFEA7EF] () C:\Users\Tamara\Desktop\hyaian\what the victorians wore 304092010153413.jpg
2020-11-09 11:31 - 2015-03-23 13:26 - 000006577 ____A [D3CF41142F0BB3977591884C85AB8914] () C:\Users\Tamara\Desktop\hyaian\wings.jpg
2020-11-09 11:31 - 2015-02-28 13:41 - 000270423 ____A [74BD006D194B4440A65477ECFAF22C74] () C:\Users\Tamara\Desktop\hyaian\wip.jpg
2020-11-09 11:31 - 2015-02-28 13:41 - 002248057 ____A [6CC8AB33660C000EC6DE6DAAFBFE6D30] () C:\Users\Tamara\Desktop\hyaian\wip.psd
2020-11-09 13:26 - 2020-11-09 13:26 - 000464424 ____A [26711255B54E61F4CA776B079DF63C37] () C:\Users\Tamara\Desktop\hyaian\WLA_hmns_Garnet_and_Diamond_necklace_2.jpg
2020-12-11 11:10 - 2020-12-11 11:10 - 000587528 ____A [E6230501D907454882096655F4CBD61B] () C:\Users\Tamara\Desktop\hyaian\xdbi8lm67ub512.png
2020-11-09 11:31 - 2020-11-25 18:51 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman
2020-11-09 12:37 - 2020-11-09 12:37 - 000308320 ____A [022F275587F8A10D3ECD5EFAB7EFC3EB] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\_methode_times_prod_web_bin_cc207f00-0a73-11e7-987c-1cdd90db3bb5.jpg
2020-11-09 12:26 - 2020-11-09 12:26 - 001424033 ____A [F9C90C6D61CF03F1357075096721DC3E] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\01303787d38f12c757204b8f8b5ebacf.jpg
2020-11-09 12:29 - 2020-11-09 12:29 - 000007002 ____A [857AB66DD58CA383EF8D3E0D9CB9CA1C] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\016784a1637b7d53f1e152e0caacf9ff--alexander-dreymon-men-portrait.jpg
2020-11-09 12:41 - 2020-11-09 12:41 - 000018093 ____A [4B8C48E2A45420A811C9E1B8DEF41A0C] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\01d2bc6d065cad45e0d7a29acc7dfb9e--the-last-kingdom-uhtred-the-last-kingdom-season-.jpg
2020-11-09 12:20 - 2020-11-09 12:20 - 000041184 ____A [4A2BA5D352FAC1D553CAF6DA31FDA074] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\1cd8ca7ed756159b7a021ba597be2ea3.jpg
2020-11-09 12:31 - 2020-11-09 12:31 - 000692699 ____A [3C9119DA1FCF6880FA79730827279FE1] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\1d76a2ff9a4be9b325f624db220b67cb.png
2020-11-09 12:30 - 2020-11-09 12:30 - 000028527 ____A [E56C68574FF266C3F56E5B980834F697] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\1f14e00d8aed101288d138ebdd3a2376.jpg
2020-11-09 12:14 - 2020-11-09 12:14 - 000030654 ____A [1E39B69F87E842EBA6E9BD90FFF1D916] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\1fa261c6e3b6084f309d39447e7ed62aaea431c2r1-411-358v2_hq.jpg
2020-11-09 12:09 - 2020-11-09 12:09 - 000137095 ____A [5264999DA087A898F38D6BAC64214065] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\23544790.jpg-r_1280_720-f_jpg-q_x-xxyxx.jpg
2020-11-09 12:38 - 2020-11-09 12:38 - 000106418 ____A [3BD9E52116B231634411FC5C40E9B5CD] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\2D_The_Last_Kingdom_DVD.jpeg
2020-11-09 12:46 - 2020-11-09 12:46 - 000176080 ____A [00387DB892D660921B4AB4961A43FB17] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\2fe2a8e8224462a736cc28945ac8a2e7.jpg
2020-11-09 12:29 - 2020-11-09 12:29 - 000013285 ____A [C9E7AE7B6C2E642887B59195C9EAA4F5] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\372061bea1a7363146b785cb25243042--alexander-dreymon.jpg
2020-11-09 12:09 - 2020-11-09 12:09 - 000200688 ____A [3DFB70DD2267BAEE370F638EC25776C8] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\3794393.jpg
2020-11-09 12:26 - 2020-11-09 12:26 - 001459078 ____A [C640C977885F9234F4A727AD1C43AC6D] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\43d0ce437d3603bee6b55052eb0e5d3c.jpg
2020-11-09 12:31 - 2020-11-09 12:31 - 000029574 ____A [31FFE1F83FD9108416E8C5E42D86E643] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\497c350204e6222e7887007761282278.jpg
2020-11-09 12:26 - 2020-11-09 12:26 - 001417186 ____A [F72ECF6BF3C286DA2C1FC0202A2903A4] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\4d10acb38432c1f9b9efa231b05fb6a1.jpg
2020-11-09 12:24 - 2020-11-09 12:24 - 002306427 ____A [33528CD676C6EFAD9CCD07A188603A72] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\52bfc5c77df274e027d4937b0b730e1d.jpg
2020-11-09 12:23 - 2020-11-09 12:23 - 001100717 ____A [F10C93789049422966A55DDBCFB8C9B5] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\56843761615bc32b3113f859cbb6df8d.jpg
2020-11-09 12:25 - 2020-11-09 12:25 - 000381548 ____A [1451034E2511DC738B67D1C7B954D993] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\5908fe58770cb813bc378af47a065a0e.png
2020-11-09 12:20 - 2020-11-09 12:20 - 000094433 ____A [62696476DEF025141FC59561AE6351A6] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\59ba549c182c974c5b2d124687d21715.jpg
2020-11-09 12:44 - 2020-11-09 12:44 - 000055702 ____A [22EECFDC869C9E7F38421D6B4A4BD561] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\5bf3c5b73ed06bbc98ddcffa62662ab0.jpg
2020-11-09 12:30 - 2020-11-09 12:30 - 000006104 ____A [DC4F01428831453DD72D864F2DB4EC24] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\657d31695c4045da3cec2961fd8ce063.jpg
2020-11-09 12:22 - 2020-11-09 12:22 - 000124470 ____A [A3304C80A44027EE08E99EE1FFD6C503] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\6bd2d89e2089f5915028edd785369061.jpg
2020-11-09 12:14 - 2020-11-09 12:14 - 000028545 ____A [5920BE85831AE3236A4FD2D88E74F317] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\77759.jpg
2020-11-09 12:29 - 2020-11-09 12:29 - 000006222 ____A [EDE1776392E05B0CC4DCDDA57A942CEC] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\7f3533e1105318542756986b9ce22b6f.jpg
2020-11-09 12:24 - 2020-11-09 12:24 - 000285973 ____A [B3DF9C5FB7F22278638A0D622AFAA7A8] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\837404891408d1a178f784c9e6f18483.jpg
2020-11-09 12:13 - 2020-11-09 12:13 - 000007850 ____A [FB387284FAB5A1CEC93B321D2EA8DEC3] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\8d5e8ff21cd2e531a9803fbdb9ec7042--alexander-dreymon-man-crush.jpg
2020-11-09 12:17 - 2020-11-09 12:47 - 000064252 ____A [E11D5F77AF873AA06847F62599CA2CF7] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\968eaf8d0be5913cebcd64fe5bebaf38.jpg
2020-11-09 12:18 - 2020-11-09 12:18 - 000037317 ____A [9B64F50AB95A5CCE16AF518DDA5C33C3] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\a49e9edc00bfe678572ba3e1c4252746.jpg
2020-11-09 12:21 - 2020-11-09 12:21 - 000060224 ____A [B61459536C6398E3BED11AE32A7C5FF1] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\a67ee74906d3827e1b334eaabcf4e4e5.jpg
2020-11-09 12:18 - 2020-11-09 12:18 - 000039941 ____A [4CE87257584EBC33CB295D2C1632C6BF] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\a72837d1e81287c85db458049c9750b0.jpg
2020-11-09 12:11 - 2020-11-09 12:11 - 000284742 ____A [EA4612C39628D4C8E468BAC48220BB14] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\alexander-dreymon-the-last-kingdom-1.jpg
2020-11-09 12:23 - 2020-11-09 12:23 - 000052559 ____A [BD43F2623A20F8BAAE126A601D5C8036] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\b5264bc140857b1c2811041608f12db8.jpg
2020-11-09 12:13 - 2020-11-09 12:13 - 000026770 ____A [943081F420B8E28E16F97A8729CD70CB] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\c21cb94106b8657375b5a98cc2b92b05.jpg
2020-11-09 12:25 - 2020-11-09 12:25 - 000303009 ____A [4D37F4259C4244675F475E5A69D36AF7] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\c3d0032cb5a1d445c05d84b55671a4c4.jpg
2020-11-09 12:28 - 2020-11-09 12:28 - 000038250 ____A [A0293DFAC1669646A6A95D442FEC3F76] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\c8b56dbc579b9dad921e68668fca439b.jpg
2020-11-09 12:10 - 2020-11-09 12:10 - 001191257 ____A [2185C413606DFF1FC0F8C89D056319E4] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\ca773ab9f624c3f3d0f2df7b5bf55509.jpg
2020-11-19 12:40 - 2020-11-19 12:40 - 000284486 ____A [DFC0A76F916C67E61B4560942D7CD1D4] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\color.jpg
2020-11-09 12:28 - 2020-11-09 12:28 - 000030377 ____A [09D97BCBCB25DD9806CBE82B73764F2C] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\d023ecc7c79a6de6c1ba7bf26eff7d51.jpg
2020-11-09 12:30 - 2020-11-09 12:30 - 000047395 ____A [4339767E948DC58E7DBAECDEA1B98188] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\d1466fa654bb04d4423b98c59ca44bb7.jpg
2020-11-09 12:17 - 2020-11-09 12:17 - 000067116 ____A [58E13CF38A0862B771DE36713455409E] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\d6d790c2c0577ec64ac3ef6326969540.jpg
2020-11-09 12:18 - 2020-11-09 12:18 - 000166746 ____A [BDB0BE2AE27EF59C852A30ADE6780A10] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\dba8c130e854f8c89fd5e3f767bbe4f4.jpg
2020-11-09 12:36 - 2020-11-09 12:36 - 000198183 ____A [1106348D9FDFD8AFADE3496304FF1BE6] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\dd4f16323773418f8a343fb9b270fd8b.jpg
2020-11-09 12:22 - 2020-11-09 12:22 - 000254730 ____A [2E7B1B6929E26A9D416D6A78026D4A96] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\DSC04702.jpg
2020-11-09 12:27 - 2020-11-09 12:27 - 000092865 ____A [DD82746FE359DC0D9702AF7B90C2ACEF] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\e979bf548ea2bb1b9c2f0160e689a55d.jpg
2020-11-09 12:10 - 2020-11-09 12:10 - 001424066 ____A [01303787D38F12C757204B8F8B5EBACF] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\eea43faec1299422f61e0958d73cfa6a.jpg
2020-11-09 12:32 - 2020-11-09 12:32 - 000007586 ____A [0A76BE2D1FA19A8D32812F55AE103F50] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\efaf4272107514a1bb55e6c0bfb18721.jpg
2020-11-09 12:16 - 2020-11-09 12:16 - 000079314 ____A [9B0BCDA1F6111C5470066100B991CE18] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\EXbTawMVAAAfYym.jpg
2020-11-09 12:19 - 2020-11-09 12:19 - 000223993 ____A [8057E4F4689A014770A6A2785032D6ED] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\ffbbbbc9992766cf0fd1b0e1bb3a8419.jpg
2020-11-09 12:12 - 2020-11-09 12:12 - 000004731 ____A [843A4D4022876F5EC40D039618225227] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\índice.jpg
2020-11-09 12:28 - 2020-11-09 12:28 - 000051291 ____A [D6E38B8D92F78FBAA6926DC7746D728D] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\jdjhdjd.jpg
2020-11-09 12:38 - 2020-11-09 12:38 - 000054229 ____A [A7CFE22ED7DF041C07F5697DF21B40C8] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\jhfdkhgf.jpg
2020-11-09 12:23 - 2020-11-09 12:23 - 000027742 ____A [DC98748DB3D9801BA8CDE08A326BDFE9] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\jrC_sGrK_400x400.jpg
2020-11-09 12:40 - 2020-11-09 12:40 - 000075140 ____A [3AC110B1C86C968462D1D7E7F45A79C2] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\maxresdefault.jpg
2020-11-09 12:11 - 2020-11-09 12:11 - 001006169 ____A [11B76E2B3222923714FAC4E50099EC65] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\MV5BMmIzMjc5Y2ItNTIyZi00YTEzLWI4NDAtODQ0MzBiNTZmMDMxXkEyXkFqcGdeQXVyMjQwMzc1MzI@._V1_.jpg
2020-11-09 12:15 - 2020-11-09 12:15 - 000066088 ____A [66B7FC1818E015049E58C7D1B65EEED8] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\MV5BNTgxNjk5NzY2N15BMl5BanBnXkFtZTcwMTg3NDg4OQ@@._V1._SX640_SY960_-e1378320654301.jpg
2020-11-19 14:50 - 2020-11-25 18:51 - 024531273 ____A [AB6470FBEFFBAFE86C70E818D9A562D1] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\Nuevo lienzo.clip
2020-11-19 19:51 - 2020-11-19 20:44 - 002646932 ____A [4835DEF67E6180C3D2406181E0C5BDB7] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\Nuevo lienzo.jpg
2020-11-25 09:59 - 2020-11-25 09:59 - 002562412 ____A [865697DFF37FD3EFDF3F6BDCCD52797E] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\Nuevo lienzo2.jpg
2020-11-09 12:39 - 2020-11-09 12:39 - 000025802 ____A [265707955BAD5A82AFA8E0803C8562A7] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\Uhtred_promo.webp
2020-11-09 12:20 - 2020-11-09 12:20 - 000062127 ____A [8FC7621479387025DD6199FD7BC0A507] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\unnamed.jpg
2020-11-19 13:02 - 2020-11-19 13:02 - 000399276 ____A [A1D0A4FAF39F344607C9F09A045BC15F] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\xdbi8lm67ub51.jpg
2020-11-09 12:15 - 2020-11-09 12:15 - 001179363 ____A [9263C67BBB3DDBE1440EA9DABCA9D183] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\xdbi8lm67ub51.png
2020-11-10 13:33 - 2020-11-10 13:37 - 000186843 ____A [5EFA7FA4B92EF7485FAD9552EA69B2A9] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\xdbi8lm67ub51-2.jpg
2020-11-19 12:27 - 2020-11-19 12:27 - 001169917 ____A [45FD19E7251855C418C68E9362B34366] () C:\Users\Tamara\Desktop\hyaian\alexander dreyman\xdbi8lm67ub512.png

====== Final de Folder: ======

========================= Folder: C:\Users\Tamara\Desktop\danika ========================

2021-11-15 09:44 - 2021-11-15 09:44 - 000074944 ____A [314F34757F2834F9C66B2AF4D12CEF4E] () C:\Users\Tamara\Desktop\danika\00e1a96570de49819d1dc791231da60e.jpg
2021-10-25 10:41 - 2021-10-25 10:41 - 000065688 ____A [DD73F0DBD8458D400CE6BE3EE9F66906] () C:\Users\Tamara\Desktop\danika\078d746d7420cffb04ea9c72b64c6f90.jpg
2021-10-25 09:43 - 2021-10-25 09:43 - 000018834 ____A [86D63AEC90023097A3D75DE14FD38724] () C:\Users\Tamara\Desktop\danika\0f25f66f33dd9def6651560c22923a24.jpg
2021-10-25 09:01 - 2021-10-25 09:01 - 000120785 ____A [341715F7A18BEBE233F531194905638E] () C:\Users\Tamara\Desktop\danika\10723454-sexy-young-woman-in-leather-jacket-studio-portrait.jpg
2021-10-25 09:36 - 2021-10-25 09:36 - 000125974 ____A [33DF4BFA21A0E7437AE41259FA3DEF81] () C:\Users\Tamara\Desktop\danika\17659818-girl-with-katana-in-studio.jpg
2021-10-25 09:37 - 2021-10-25 09:37 - 000024234 ____A [99E25F3F92B69D56A0402B7F54809DA5] () C:\Users\Tamara\Desktop\danika\194234713.jpg
2021-10-25 09:45 - 2021-10-25 09:45 - 005608985 ____A [BAF606F8BBC691EEEDBC6CE21DF9A2BD] () C:\Users\Tamara\Desktop\danika\1-neostock-urban-fantasy-stock-photography.png
2021-10-25 09:26 - 2021-10-25 09:26 - 000315385 ____A [593CFC18AF6D59548A3CB3084890419C] () C:\Users\Tamara\Desktop\danika\2bc4d024956a74087c21caa54a52f125.jpg
2021-10-25 10:05 - 2021-10-25 10:05 - 000181841 ____A [07886563E0D4FD0964CA2E1D65EBC738] () C:\Users\Tamara\Desktop\danika\2-female-urban-fantasy-neostock-stock-photography.jpg
2021-10-25 09:25 - 2021-10-25 09:25 - 000041352 ____A [0131217F4F6D140FB22A52501295F20B] () C:\Users\Tamara\Desktop\danika\2r7am10.webp
2021-10-25 10:41 - 2021-10-25 10:41 - 000061145 ____A [8A54CF2B83DC56117209B369D66CEC76] () C:\Users\Tamara\Desktop\danika\3fcab331d3b9cf90176a637a6ad28697.jpg
2021-10-25 09:27 - 2021-10-25 09:27 - 000013769 ____A [C1D38C5118FB20CDBCD9B12342FBE789] () C:\Users\Tamara\Desktop\danika\41Q0WXLEVjL._AC_.jpg
2021-10-25 10:52 - 2021-10-25 10:52 - 000487934 ____A [E01D087A4E300F375CC9FF855533C658] () C:\Users\Tamara\Desktop\danika\4-emily-h-galactic-cadet-stock-photography-neostock.jpg
2021-10-25 10:08 - 2021-10-25 10:08 - 000198628 ____A [6697E8109C0C75AA03516BF3E97CC88D] () C:\Users\Tamara\Desktop\danika\4-nisha-fantasy-assassin-stock-photography-neostock.jpg
2021-10-25 09:45 - 2021-10-25 09:45 - 006317539 ____A [C3100E90F28F9D3BBC4D3E5B69F53E31] () C:\Users\Tamara\Desktop\danika\5-neostock-urban-fantasy-stock-photography.png
2021-10-25 09:05 - 2021-10-25 09:05 - 000158935 ____A [5D964C0D58120D43F26AEA7B335E3375] () C:\Users\Tamara\Desktop\danika\77779761-joven-en-chaqueta-de-cuero-se-ve-a-un-lado-de-la-cámara-en-el-estudio.jpg
2021-10-25 09:07 - 2021-10-25 09:07 - 000140279 ____A [BC7BD61D4D378F77407A4DB379CF1B98] () C:\Users\Tamara\Desktop\danika\77779964-sexy-mujer-rubia-joven-en-chaqueta-de-cuero-tirando-collar-mientras-está-sentado-en-las-heces.jpg
2021-10-25 10:42 - 2021-10-25 10:42 - 000066046 ____A [71F3038F903E30BAF0F9E6A5271B2C5A] () C:\Users\Tamara\Desktop\danika\8a78e2dc55f18c2b51a2ff0494700f93.jpg
2021-10-25 09:35 - 2021-10-25 09:35 - 000176281 ____A [51326E47AC4DC86FB9D8A5AC8936CE78] () C:\Users\Tamara\Desktop\danika\beautiful-woman-cyberpunk-poses-holding-glowing-blade-sexy-charming-woman-blond-hairs-cyberpunk-style-poses-dark-207972166.jpg
2021-10-25 09:34 - 2021-10-25 09:34 - 000073626 ____A [AFA2CFC8D05D929F1FA462A34446DFD0] () C:\Users\Tamara\Desktop\danika\bride-beatrix-kiddo-kill-bill-uma-thurman-g.jpg
2021-11-24 13:17 - 2021-11-24 13:18 - 007162254 ____A [910B8A8B6A1EF6D6FF33F177108938E6] () C:\Users\Tamara\Desktop\danika\danika color.jpg
2021-10-29 12:56 - 2021-10-29 12:56 - 018253113 ____A [F9EB1380AFCBCE1111ACB26CB7E55161] () C:\Users\Tamara\Desktop\danika\danika flats cuadrado peq.jpg
2021-10-29 12:55 - 2021-10-29 12:58 - 067248418 ____A [F08850C1135B2523577CC7C9F266126D] () C:\Users\Tamara\Desktop\danika\danika flats cuadrado peq.psd
2021-11-24 13:16 - 2021-11-24 13:16 - 087028698 ____A [543412558463C057AC9F4AD03F668F59] () C:\Users\Tamara\Desktop\danika\danika flats efectos.psd
2021-10-29 12:44 - 2021-10-29 12:44 - 005016802 ____A [67872547C9E100E3B454055226A0A873] () C:\Users\Tamara\Desktop\danika\danika flats.jpg
2021-10-29 12:58 - 2021-10-29 12:58 - 002291709 ____A [E523689A1323C6E8C64D224A6909CF94] () C:\Users\Tamara\Desktop\danika\danika linea cuadrado peq.jpg
2021-10-29 12:47 - 2021-10-29 12:47 - 029604499 ____A [052FBD1A7AEDBDD265E6DD953D49311B] () C:\Users\Tamara\Desktop\danika\danika linea.clip
2021-10-29 12:47 - 2021-10-29 12:47 - 002506424 ____A [BF642F0638E10593BE8DABF4FFD3C452] () C:\Users\Tamara\Desktop\danika\danika linea.jpg
2021-10-25 13:08 - 2021-10-29 12:44 - 030620760 ____A [E8A9A965FAB950C894CE36CA8A3058CF] () C:\Users\Tamara\Desktop\danika\danika.clip
2021-10-25 09:43 - 2021-10-25 09:43 - 000027742 ____A [F80CA220934C7AC6109970BCBD60673D] () C:\Users\Tamara\Desktop\danika\danika.jpg
2021-10-25 09:46 - 2021-10-25 09:46 - 000124270 ____A [1EE3E64F085EA6D21202AD4EABAAE3A2] () C:\Users\Tamara\Desktop\danika\dcekbs1-47b37d30-263b-456b-b7f7-c915fc2f1c97.jpg
2021-10-25 09:46 - 2021-10-25 09:46 - 000091205 ____A [A4ECBC37D607AE6CF3833956DAC44833] () C:\Users\Tamara\Desktop\danika\dcekc0b-6fcd68cb-0635-466b-ab3b-724cc167216f.jpg
2021-10-25 09:32 - 2021-10-25 09:32 - 000144686 ____A [36A51020FC8023B2AADBB7A537923B1A] () C:\Users\Tamara\Desktop\danika\depositphotos_229897996-stock-photo-sexy-young-woman-sword-his.jpg
2021-10-25 09:01 - 2021-10-25 09:01 - 000023058 ____A [C45D3DE6AC34940659796D8017AFF31C] () C:\Users\Tamara\Desktop\danika\depositphotos_336700936-stock-photo-beauty-sexy-woman-leather-jacket.jpg
2021-10-25 09:28 - 2021-10-25 09:30 - 000035996 ____A [93B3E1CE152663118D2B47EDF135170B] () C:\Users\Tamara\Desktop\danika\depositphotos_349566222-stock-photo-portrait-young-beautiful-woman-katana.jpg
2021-10-25 09:02 - 2021-10-25 09:02 - 000028400 ____A [A962F053137136DF61F820DE6B7EB4A4] () C:\Users\Tamara\Desktop\danika\depositphotos_99361728-stock-photo-man-looking-down-on-sexy.jpg
2021-10-25 10:43 - 2021-10-25 10:43 - 000719178 ____A [DD980B9C0377DC715197538D6AE13CDF] () C:\Users\Tamara\Desktop\danika\Elle-Evans.jpg
2021-10-25 10:43 - 2021-10-25 10:43 - 000240297 ____A [F4D08F8D749065CB8B4EC2B41196CDF3] () C:\Users\Tamara\Desktop\danika\Elle-Evans-10.jpg
2021-10-25 10:40 - 2021-10-25 10:40 - 000021892 ____A [328BCD4EE61C53783F2F0762015B9545] () C:\Users\Tamara\Desktop\danika\Elle-Evans-300x400.jpg
2021-10-25 10:42 - 2021-10-25 10:42 - 000098158 ____A [1CA2785DACA9227BE35BF89B74D08B69] () C:\Users\Tamara\Desktop\danika\Elle-Evans-9.jpg
2021-10-25 10:42 - 2021-10-25 10:42 - 000045999 ____A [9B00001A10172A4D16A53CD88E2A09EF] () C:\Users\Tamara\Desktop\danika\elle-evans-lindsey-gayle-evans-mas-notable-por-su-apariencia.jpg
2021-10-25 09:28 - 2021-10-25 09:28 - 000024752 ____A [9262943D36C2F8E976EA3EED6737D431] () C:\Users\Tamara\Desktop\danika\EmmaSwanEW.webp
2021-10-25 09:27 - 2021-10-25 09:27 - 000039008 ____A [0435BE35BBBC6A3F309488AE4CE145B2] () C:\Users\Tamara\Desktop\danika\Emma-Swan-Season-4-Leather-Jacket.webp
2021-10-25 10:41 - 2021-10-25 10:41 - 000060644 ____A [82DDA3B3F15560AC6CC558D7EA741550] () C:\Users\Tamara\Desktop\danika\f1cb5f11a73fb2b002b67f2398431b70.jpg
2021-10-25 09:44 - 2021-10-25 09:44 - 000036252 ____A [BED15EF7C8A6F016F258E7881F0F6401] () C:\Users\Tamara\Desktop\danika\gettyimages-1148473218-612x612.jpg
2021-10-25 10:39 - 2021-10-25 10:39 - 000037138 ____A [7DC87057FD10673444754BBA61EE71AD] () C:\Users\Tamara\Desktop\danika\gettyimages-450267872-612x612.jpg
2021-10-25 09:04 - 2021-10-25 09:04 - 000036924 ____A [D3F6C8532C7A1058B71BEE228314DA59] () C:\Users\Tamara\Desktop\danika\girl-leather-jacket-pose-walking-studio-background-l-cute-blonde-looking-away-hand-touching-belt-65279881.jpg
2021-10-25 09:05 - 2021-10-25 09:05 - 000047179 ____A [0F248F839B425397332A4E18CE43F4B6] () C:\Users\Tamara\Desktop\danika\girl-leather-jacket-posing-white-studio-background-ha-side-view-hands-back-pockets-looking-camera-65279690.jpg
2021-10-25 09:35 - 2021-10-25 09:35 - 000098992 ____A [DC82D7E4444007F395F7E6A62DC46E2F] () C:\Users\Tamara\Desktop\danika\HD-wallpaper-women-cosplay-cyberpunk-2077-girl-leather-jacket-model-sword-woman.jpg
2021-10-25 10:04 - 2021-10-25 10:04 - 000175300 ____A [8107C1F8A3A5117CE75B6CA32917E71F] () C:\Users\Tamara\Desktop\danika\IIIneostock-mandy-urban-fantasy-stock-photography.jpg
2021-10-25 10:07 - 2021-10-25 10:07 - 000180931 ____A [998206F3B4BB35E7F445C72F12E9D146] () C:\Users\Tamara\Desktop\danika\III-pippa-female-medieval-warrior-stock-photography.jpg
2021-10-25 10:05 - 2021-10-25 10:05 - 000207257 ____A [66B888A86995DDFCBCD7F1C0DF746D7B] () C:\Users\Tamara\Desktop\danika\II-neostock-natalia-urban-fantasy-stock-photography.jpg
2021-10-25 10:42 - 2021-10-25 10:42 - 000007164 ____A [A36BEF39582AE9D8E9417CA89323AAAB] () C:\Users\Tamara\Desktop\danika\índice.jpg
2021-10-25 10:07 - 2021-10-25 10:07 - 000200632 ____A [46997951B04E50071F9F6BF01A32AAEA] () C:\Users\Tamara\Desktop\danika\Ineostock-mandy-urban-fantasy-stock-photography.jpg
2021-10-25 09:04 - 2021-10-25 09:04 - 000177497 ____A [B9F8952E019605618A4E2DA01E06A649] () C:\Users\Tamara\Desktop\danika\istockphoto-509052976-1024x1024.jpg
2021-10-25 09:07 - 2021-10-25 09:07 - 000031090 ____A [41701886512760CE814019B69B9F89F7] () C:\Users\Tamara\Desktop\danika\istockphoto-844057600-612x612.jpg
2021-10-25 09:29 - 2021-10-25 09:29 - 000042764 ____A [034D8E671EA16B9127754790AFDE590B] () C:\Users\Tamara\Desktop\danika\jim-fiscus-showtime-homeland-s5prart-03-r-1521570079.jpg
2021-10-25 10:39 - 2021-10-25 10:39 - 000034436 ____A [E25AEBF4CC97FE3E997E79B5F4CA3C24] () C:\Users\Tamara\Desktop\danika\Jlal0h30xxzAo6SHGFQE7BYnullv8Dc5IWXm_L.jpg
2021-10-25 10:43 - 2021-10-25 10:43 - 000167191 ____A [8A8B480CD7DAF5321999B48EDB4A7D9D] () C:\Users\Tamara\Desktop\danika\large-1575588875-9f7e7e7d88e74e4267b54214b379f7f7.jpg
2021-10-25 10:40 - 2021-10-25 10:40 - 001706675 ____A [DCC52C7B8C8225EB7391CF7D06D706C5] () C:\Users\Tamara\Desktop\danika\MV5BMjRkNWM4NmYtOTMyMS00OGE3LTlmNTYtYmJmN2Y2ZDFjZDU3XkEyXkFqcGdeQXVyMjQwMDg0Ng@@._V1_.jpg
2021-10-25 09:28 - 2021-10-25 09:28 - 000146931 ____A [EBDC639FAAF3787FD65976A0B26E1526] () C:\Users\Tamara\Desktop\danika\png-transparent-jennifer-morrison-once-upon-a-time-emma-swan-hook-regina-mills-tom-welling-smallville.png
2021-10-25 09:07 - 2021-10-25 09:07 - 000031372 ____A [EB8635DC0E0DEB8E6740DB10B0378350] () C:\Users\Tamara\Desktop\danika\pretty-sexy-woman-posing-studio-black-leather-jacket-boots_109529-1929.webp
2021-10-25 10:40 - 2021-10-25 10:40 - 000037285 ____A [3D4C1DBF0FC082E359DD69B0452F9624] () C:\Users\Tamara\Desktop\danika\thumb2-elle-evans-american-actress-model-portrait-photoshoot.jpg
2021-10-25 09:33 - 2021-10-25 09:33 - 000067432 ____A [9AC4B3DCEAD823D6D29E8B3C443726F7] () C:\Users\Tamara\Desktop\danika\Uma_Thurman_Kill_Bill_Vol_2_Black_Jacket__81654_zoom.jpg
2021-10-25 09:46 - 2021-10-25 09:46 - 000253942 ____A [A0B2E024F2433DB464ECE741A1B5DE68] () C:\Users\Tamara\Desktop\danika\V-gia-urban-fantasy-stock-photography-neostock.jpg
2021-10-25 09:32 - 2021-10-25 09:32 - 000110905 ____A [4D25EBC97A9F1E9DC1293D94C2DDC7DC] () C:\Users\Tamara\Desktop\danika\woman-warrior-black-leather-jacket-heavy-sword-his-hands-woman-warrior-black-leather-jacket-133531861.jpg
2021-10-25 09:31 - 2021-10-25 09:31 - 000272976 ____A [2AC28C74C60A81AE3321320C74EC5CD5] () C:\Users\Tamara\Desktop\danika\wynonnaearp-e1562020521461.webp
2021-10-25 09:31 - 2021-10-25 09:31 - 000212755 ____A [70AFFBE8EFBECD7905563C058A1D6B2B] () C:\Users\Tamara\Desktop\danika\wynonna-earp-sword.jpg
2021-10-25 09:32 - 2021-10-25 09:32 - 000119832 ____A [025CC9989AAB1EB5D27B6347FF6B4668] () C:\Users\Tamara\Desktop\danika\young-woman-sword-his-back-to-camera-woman-looking-young-woman-sword-his-back-to-camera-woman-133531939.jpg
2021-10-25 10:09 - 2021-10-25 10:09 - 000068891 ____A [6D539F5F7401601FBBF66315EB803FF3] () C:\Users\Tamara\Desktop\danika\yuu-cyberpunk-agent-title-image_xgaplus.jpg

====== Final de Folder: ======


========================= Folder: C:\Users\Tamara\Desktop\Redraw ========================

2021-09-29 20:29 - 2021-09-29 20:29 - 000116767 ____A [84E893A22DF692740C5CEF666031F190] () C:\Users\Tamara\Desktop\Redraw\21082853_1477004419026083_6796452831160550589_o.jpg
2021-04-22 19:09 - 2021-04-22 19:09 - 000127996 ____A [AAB9CAB7D69D2EBA322AF4872A49C405] () C:\Users\Tamara\Desktop\Redraw\39684198-portrait-of-ancient-knight-in-metal-armor-sitting-on-a-wooden-chair.jpg
2021-04-20 11:31 - 2021-04-20 11:31 - 000408056 ____A [44AA7E17DF77CCDD9C886546BF07A6A9] () C:\Users\Tamara\Desktop\Redraw\410778_366600970030323_668062309_o.jpg
2021-09-29 20:25 - 2021-09-29 20:25 - 000114204 ____A [D3D053BA0B29A9112DBDC56D9B223AFD] () C:\Users\Tamara\Desktop\Redraw\43582839_1927013774025143_525934456385568768_n.jpg
2021-09-29 20:25 - 2021-09-29 20:25 - 000113051 ____A [8BA1B4C7424852D72D2AF614DC8C23E8] () C:\Users\Tamara\Desktop\Redraw\44437739_1941651939227993_2202105650501124096_n.jpg
2021-09-29 12:21 - 2021-09-30 17:37 - 000929344 ____A [183DE5A7C09438E962239180F5C37B61] () C:\Users\Tamara\Desktop\Redraw\465983_366603540030066_428010696_o.jpg
2021-04-19 20:01 - 2021-04-19 20:01 - 000054503 ____A [BA9A444F1CDFDA95CB4120196817CE2B] () C:\Users\Tamara\Desktop\Redraw\61JJz66eCrL._AC_SX522_.jpg
2021-09-29 20:05 - 2021-09-29 20:05 - 000155898 ____A [20F913985F07F84BE1CA42734E4622F8] () C:\Users\Tamara\Desktop\Redraw\81781529_2700614653331714_3535240306356125696_n.jpg
2021-04-19 19:58 - 2021-04-19 19:58 - 000068048 ____A [D56959829E9E22FD17A94C2EA7D99262] () C:\Users\Tamara\Desktop\Redraw\anduril_01.jpg
2021-04-19 19:59 - 2021-04-19 19:59 - 000085695 ____A [485F514E4850A3D4F16FB8F0649BFE56] () C:\Users\Tamara\Desktop\Redraw\anduril-espada-de-aragorn-el-senor-de-lo-anillos.jpg
2021-09-30 17:38 - 2021-09-30 17:38 - 000283098 ____A [658FF1901120EB7034F59216E60D1AA0] () C:\Users\Tamara\Desktop\Redraw\Cathal mej peg.jpg
2021-04-22 19:25 - 2021-04-22 19:25 - 000245865 ____A [947C6B5BCF09F1A9CEA98DB7BEBD8606] () C:\Users\Tamara\Desktop\Redraw\depositphotos_230256088-stock-photo-long-haired-knight-two-handed.jpg
2021-04-19 19:58 - 2021-04-19 19:58 - 000036078 ____A [F904607244BF307E7BBD890A787531C0] () C:\Users\Tamara\Desktop\Redraw\espada-aragorn-1.webp
2021-04-22 19:17 - 2021-04-22 19:17 - 000395494 ____A [9509B9C4A9E5234948C6D5733C2CBD1B] () C:\Users\Tamara\Desktop\Redraw\gettyimages-724320177-1024x1024.jpg
2021-04-22 20:54 - 2021-04-22 20:54 - 000037087 ____A [CDB893AF8884FC5480A4AEB29C8AB542] () C:\Users\Tamara\Desktop\Redraw\Hipster-hombre-iguall-500x500.jpg
2021-04-22 19:27 - 2021-04-22 19:27 - 000073154 ____A [58E960767F7EF49483434CCDA351A82A] () C:\Users\Tamara\Desktop\Redraw\long-haired-knight-twohanded-sword-600w-1244493709.webp
2021-04-22 19:26 - 2021-04-22 19:26 - 000015137 ____A [6CB6C8B0BDBC98D1ACAC40BA6108FD4F] () C:\Users\Tamara\Desktop\Redraw\-retrato_csp63635779.jpg
2021-04-22 20:26 - 2021-09-29 12:48 - 017192740 ____A [B4F4FD1A1CC23B7148C35058A2B59068] () C:\Users\Tamara\Desktop\Redraw\surion.clip
2021-01-28 10:14 - 2021-06-05 13:28 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Tamara\Desktop\Redraw\Daniros
2021-01-27 14:00 - 2021-01-27 14:01 - 000477794 ____A [7641441CB2FF51817335359725202128] () C:\Users\Tamara\Desktop\Redraw\Daniros\daniros 2003.jpg
2021-06-05 13:28 - 2021-06-05 13:28 - 008453185 ____A [97479F5B3B1A41D4E0D08656709B70DE] () C:\Users\Tamara\Desktop\Redraw\Daniros\Daniros color retoque.jpg
2021-06-05 12:35 - 2021-06-05 12:35 - 013846422 ____A [194D83D5DD2E1346FF6CB6EC5470FB8B] () C:\Users\Tamara\Desktop\Redraw\Daniros\Daniros color.clip
2021-06-05 12:35 - 2021-06-05 12:35 - 003763374 ____A [220D5198A039307801413EDD401AE243] () C:\Users\Tamara\Desktop\Redraw\Daniros\Daniros color.jpg
2021-01-27 13:48 - 2021-01-27 14:07 - 008262682 ____A [BD15538AB49C75E806930DDD1618B626] () C:\Users\Tamara\Desktop\Redraw\Daniros\Daniros.clip
2021-01-27 13:53 - 2021-01-27 14:09 - 000740705 ____A [8B38576873D8886C82D966FB78712621] () C:\Users\Tamara\Desktop\Redraw\Daniros\Daniros.jpg
2021-11-12 11:27 - 2021-11-12 13:54 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Tamara\Desktop\Redraw\kahlan
2021-11-12 10:24 - 2021-11-12 10:24 - 000060251 ____A [FCDE60F73189103AA4F6B523E8ACCAEB] () C:\Users\Tamara\Desktop\Redraw\kahlan\158507998_132908678.jpg
2021-11-12 13:05 - 2021-11-12 13:05 - 000150810 ____A [9FE3D0223D3A99C8E30F12A16F469FFC] () C:\Users\Tamara\Desktop\Redraw\kahlan\5c9dbd7e49e63b09adc48efa-large.jpg
2021-11-12 10:25 - 2021-11-12 10:25 - 000018857 ____A [CF3DB672643BBFF24C06CAFD7A3B11B1] () C:\Users\Tamara\Desktop\Redraw\kahlan\80359-06.jpg
2021-11-12 11:20 - 2021-11-12 11:20 - 000057293 ____A [4686D0D186C9A5BE01BD79B8C94980A0] () C:\Users\Tamara\Desktop\Redraw\kahlan\artworks-WSXb1RyFpWCPb6Eu-D2OMHQ-t500x500.jpg
2021-11-12 11:20 - 2021-11-12 11:20 - 000026251 ____A [A24BEB764ACD20FC1DE43505E684BCB3] () C:\Users\Tamara\Desktop\Redraw\kahlan\b9fb679e402663ee87bd64d8db62aff1.jpg
2021-11-12 11:18 - 2021-11-12 11:18 - 000021635 ____A [DF6E1071BBF33EE99EC12E88BB61EC13] () C:\Users\Tamara\Desktop\Redraw\kahlan\daniela-urzi-a99ed834-b518-4d8e-af92-dc3c62a6fec-resize-750 (1).jpeg
2021-11-12 11:24 - 2021-11-12 11:24 - 000311706 ____A [9113134CD28DE9E3D5FA25363F2AB540] () C:\Users\Tamara\Desktop\Redraw\kahlan\daniela-urzi-a-corazon-abierto-tras-separarse-en-2019-y-vivir-un-ano-lleno-de-cambios-910219.jpg
2021-11-12 11:19 - 2021-11-12 11:19 - 000082497 ____A [93F18B1558DF61982AC637049B63DC25] () C:\Users\Tamara\Desktop\Redraw\kahlan\daniela-urzi-cb212f69-8a1e-4b69-aee2-9756983daa3-resize-750 (1).jpeg
2021-11-12 11:19 - 2021-11-12 11:19 - 000082497 ____A [93F18B1558DF61982AC637049B63DC25] () C:\Users\Tamara\Desktop\Redraw\kahlan\daniela-urzi-cb212f69-8a1e-4b69-aee2-9756983daa3-resize-750.jpeg
2021-11-12 11:21 - 2021-11-12 11:21 - 000031608 ____A [2E9B08F6F68FD64F8A1FFA5E94060695] () C:\Users\Tamara\Desktop\Redraw\kahlan\gettyimages-74697538-612x612.jpg
2021-11-12 11:20 - 2021-11-12 11:20 - 000009367 ____A [BACDBC57E04EE01F5EF3F205DBF5AFCC] () C:\Users\Tamara\Desktop\Redraw\kahlan\images.jpg
2021-11-12 13:34 - 2021-11-12 13:54 - 008871873 ____A [7C8D695EAE23604F3F9F462F50351B90] () C:\Users\Tamara\Desktop\Redraw\kahlan\Kahlan 2.clip
2021-11-12 12:21 - 2021-11-12 12:21 - 007233432 ____A [16C7B6611335AA37A13F0E291A7F0048] () C:\Users\Tamara\Desktop\Redraw\kahlan\Kahlan.clip
2021-11-12 11:26 - 2021-11-12 11:26 - 000050783 ____A [AD68F4DC573F3F60FF08FF05B96DE101] () C:\Users\Tamara\Desktop\Redraw\kahlan\original.jpg
2021-11-12 11:23 - 2021-11-12 11:23 - 000892322 ____A [58F0448AD08E7EFA0B2F5A0AFE04E50E] () C:\Users\Tamara\Desktop\Redraw\kahlan\PARA-TI-DANIELA-URZI-2-News-FV-20190125.jpg
2021-11-12 11:22 - 2021-11-12 11:22 - 000086258 ____A [FCAEFADED1870408CD3BD416037F1B19] () C:\Users\Tamara\Desktop\Redraw\kahlan\tumblr_6e765b7588100638ed6d239a33be2b96_a932c6fa_1280.jpg
2021-11-12 11:18 - 2021-11-12 11:18 - 000116773 ____A [681C7ECAF34C675985E5BD3E9218BB5B] () C:\Users\Tamara\Desktop\Redraw\kahlan\tumblr_mfyi0ut2sf1r83inuo1_640.jpg
2021-11-12 11:26 - 2021-11-12 11:26 - 000130833 ____A [322657BA9E0AE5B3A7C83A81355D09CE] () C:\Users\Tamara\Desktop\Redraw\kahlan\urzi-foto-apertura.png
2021-04-16 12:56 - 2021-09-30 17:31 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Tamara\Desktop\Redraw\silion
2021-04-16 09:44 - 2021-04-16 09:44 - 000261930 ____A [21C746C1B5E364A6219D0AFF505FDF77] () C:\Users\Tamara\Desktop\Redraw\silion\470367_366605813363172_2028334296_o.jpg
2021-04-16 12:58 - 2021-04-16 12:58 - 000154852 ____A [C80099843D6BE98A37639DB92AE61AA9] () C:\Users\Tamara\Desktop\Redraw\silion\dibu silion peg.jpg
2021-06-05 13:25 - 2021-06-05 13:31 - 008472554 ____A [344F35E08ADA5A192335D1793D75E1B2] () C:\Users\Tamara\Desktop\Redraw\silion\silion color retoque.jpg
2021-06-05 13:25 - 2021-09-30 17:31 - 110593395 ____A [4594C7E9147C3A524B15019C87274655] () C:\Users\Tamara\Desktop\Redraw\silion\silion color retoque.psd
2021-06-05 13:13 - 2021-06-05 13:30 - 035218804 ____A [F361B9C3A5630A0CFC49440499F57AFC] () C:\Users\Tamara\Desktop\Redraw\silion\silion color.clip
2021-06-05 13:13 - 2021-06-05 13:30 - 002358286 ____A [A8CD46FCED869CC9F21CFE70FE02CD9C] () C:\Users\Tamara\Desktop\Redraw\silion\silion color.jpg
2021-04-16 12:56 - 2021-04-16 13:00 - 000500264 ____A [EB0EEBD8DFAACF2BC5E4F26CC7E1B4B5] () C:\Users\Tamara\Desktop\Redraw\silion\silion peq.jpg
2021-04-16 12:40 - 2021-04-16 12:42 - 023367185 ____A [A0DC00C2F56FC654CBFBE56F6DBFC3EB] () C:\Users\Tamara\Desktop\Redraw\silion\silion.clip
2021-04-16 12:40 - 2021-04-16 12:41 - 001750333 ____A [C7D679B113D7877894F8ED96E3576A4C] () C:\Users\Tamara\Desktop\Redraw\silion\silion.jpg

====== Final de Folder: ======

Fodler: C:\Users\Tamara\Desktop\portada Naheria => Error: Ninguna corrección automática encontrada para esta entrada.

========================= File: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll;C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\baae9adde3b2553e690bffedfd64077b\Interop.CxHDAudioAPILib.ni.dll;C:\WINDOWS\storelibdebug.txt;C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini;C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe;C:\Users\Tamara\AppData\Local\Windows\ttwin.exe;C:\Users\Tamara\AppData\Local\Microsoft\winsession.exe;C:\WINDOWS\system32\DrtmAuthTxt.wim;C:\WINDOWS\SysWOW64\TpmTool.exe;C:\WINDOWS\system32\runexehelper.exe;C:\WINDOWS\system32\TpmTool.exe ========================

C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll
Archivo no firmado
MD5: 81368133DA7662E46EF43362FF746C33
Fecha de creación y modificación: 2021-10-13 17:06 - 2021-10-13 17:06
Tamaño: 000018944
Atributos: ----A
Nombre de la compañía:  
Interno Nombre: Interop.CxUtilSvcLib
Original Nombre: Interop.CxUtilSvcLib.dll
Producto: Assembly imported from type library 'CxUtilSvcLib'.
Descripción:  
Archivo Versión: 0.0.0.0
Producto Versión: 0.0.0.0
Copyright:  
VirusTotal: https://www.virustotal.com/gui/file/3e1ed2632a6bfb948530094e8d06fb44b8dbe61888bda5c286d86b34cfca7599/detection/f-3e1ed2632a6bfb948530094e8d06fb44b8dbe61888bda5c286d86b34cfca7599-1633356961

C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\baae9adde3b2553e690bffedfd64077b\Interop.CxHDAudioAPILib.ni.dll
Archivo no firmado
MD5: 9E98C0B15398A644C3B785798D85CC09
Fecha de creación y modificación: 2021-10-13 17:06 - 2021-10-13 17:06
Tamaño: 000365056
Atributos: ----A
Nombre de la compañía:  
Interno Nombre: Interop.CxHDAudioAPILib
Original Nombre: Interop.CxHDAudioAPILib.dll
Producto: Assembly imported from type library 'CxHDAudioAPILib'.
Descripción:  
Archivo Versión: 1.127.0.0
Producto Versión: 1.127.0.0
Copyright:  
VirusTotal: https://www.virustotal.com/gui/file/ea07afbf499a4be432551afe30363ffa3a963a69ee88e5cad0a1878cb6935c06/detection/f-ea07afbf499a4be432551afe30363ffa3a963a69ee88e5cad0a1878cb6935c06-1634132809

C:\WINDOWS\storelibdebug.txt
Archivo no firmado
MD5: 8B567792D6F68AC8F6F323D2EA26BBE2
Fecha de creación y modificación: 2021-11-02 11:59 - 2021-11-25 09:40
Tamaño: 000000796
Atributos: ----A
Nombre de la compañía:  
Interno Nombre: Interop.CxHDAudioAPILib
Original Nombre: Interop.CxHDAudioAPILib.dll
Producto: Assembly imported from type library 'CxHDAudioAPILib'.
Descripción:  
Archivo Versión: 1.127.0.0
Producto Versión: 1.127.0.0
Copyright:  
VirusTotal: 0

C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Archivo no firmado
MD5: C3E498D8B85D2762661BDDEF822CFAE8
Fecha de creación y modificación: 2017-08-02 12:14 - 2017-08-02 12:14
Tamaño: 000003584
Atributos: ----A
Nombre de la compañía:  
Interno Nombre: Interop.CxHDAudioAPILib
Original Nombre: Interop.CxHDAudioAPILib.dll
Producto: Assembly imported from type library 'CxHDAudioAPILib'.
Descripción:  
Archivo Versión: 1.127.0.0
Producto Versión: 1.127.0.0
Copyright:  
VirusTotal: 0

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
El archivo está firmado digitalmente
MD5: 543A4EF0923BF70D126625B034EF25AF
Fecha de creación y modificación: 2010-03-10 14:26 - 2010-03-10 14:26
Tamaño: 000189728
Atributos: ----A
Nombre de la compañía: Protexis Inc. -> Protexis Inc.
Interno Nombre: PSIService
Original Nombre: PSIService.exe
Producto: PsiService System Service
Descripción: PsiService PsiService
Archivo Versión: 03.00.02.15
Producto Versión: 03.00.02.15
Copyright: © 2000-2005 Protexis Inc.
VirusTotal: https://www.virustotal.com/gui/file/9cc82c5221f11850419a796d48d5452b3dee0c8e8e85a818f4aaa869673f9740/detection/f-9cc82c5221f11850419a796d48d5452b3dee0c8e8e85a818f4aaa869673f9740-1624878230

C:\Users\Tamara\AppData\Local\Windows\ttwin.exe
Archivo no firmado
MD5: 0AF8842500D0E2C5A7213AF80A2273E8
Fecha de creación y modificación: 2018-01-19 10:39 - 2018-01-19 10:39
Tamaño: 004872776
Atributos: ----A
Nombre de la compañía: 
Interno Nombre: 
Original Nombre: ttwin.exe
Producto: Aplicacion de ejemplo
Descripción: 
Archivo Versión: 0.1
Producto Versión: 0.1
Copyright: 
VirusTotal: 0

C:\Users\Tamara\AppData\Local\Microsoft\winsession.exe
Archivo no firmado
MD5: BE4AE343B8DD1EBB62F900AE6FCC176C
Fecha de creación y modificación: 2018-01-19 10:39 - 2018-01-19 10:39
Tamaño: 006995443
Atributos: ----A
Nombre de la compañía: 
Interno Nombre: 
Original Nombre: winsession.exe
Producto: Aplicacion de ejemplo
Descripción: 
Archivo Versión: 0.1
Producto Versión: 0.1
Copyright: 
VirusTotal: 0

C:\WINDOWS\system32\DrtmAuthTxt.wim
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-IsolatedUserMode-Package~31bf3856ad364e35~amd64~~10.0.19041.1348.cat
El archivo está firmado digitalmente
MD5: 5C9DA85E43B86E7F9A2CAA8803083B23
Fecha de creación y modificación: 2021-11-10 15:42 - 2021-11-10 15:42
Tamaño: 000011363
Atributos: ----A
Nombre de la compañía: Microsoft Windows -> 
Interno Nombre: 
Original Nombre: winsession.exe
Producto: Aplicacion de ejemplo
Descripción: 
Archivo Versión: 0.1
Producto Versión: 0.1
Copyright: 
VirusTotal: https://www.virustotal.com/gui/file/8daf033a3ac3237c5e5bc1106efa2751fd646c1beba29a22877bc840ddcbbb15/detection/f-8daf033a3ac3237c5e5bc1106efa2751fd646c1beba29a22877bc840ddcbbb15-1636604830

C:\WINDOWS\SysWOW64\TpmTool.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1348.cat
El archivo está firmado digitalmente
MD5: 1E1AF2905A49BB1AB14B081E3A41AD44
Fecha de creación y modificación: 2021-11-10 15:41 - 2021-11-10 15:41
Tamaño: 000223744
Atributos: ----A
Nombre de la compañía: Microsoft Windows -> Microsoft Windows -> 
Interno Nombre: 
Original Nombre: winsession.exe
Producto: Aplicacion de ejemplo
Descripción: 
Archivo Versión: 0.1
Producto Versión: 0.1
Copyright: 
VirusTotal: https://www.virustotal.com/gui/file/1168233f557c64436bc7311ae60bf1f2f8abea8125109fd19adb2da30c87d5a4/detection/f-1168233f557c64436bc7311ae60bf1f2f8abea8125109fd19adb2da30c87d5a4-1637849046

C:\WINDOWS\system32\runexehelper.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.19041.1348.cat
El archivo está firmado digitalmente
MD5: 8BB7F1C55F4DF7CEFF9291FDB77F780B
Fecha de creación y modificación: 2021-11-10 15:41 - 2021-11-10 15:41
Tamaño: 000060928
Atributos: ----A
Nombre de la compañía: Microsoft Windows -> Microsoft Windows -> Microsoft Windows -> 
Interno Nombre: 
Original Nombre: winsession.exe
Producto: Aplicacion de ejemplo
Descripción: 
Archivo Versión: 0.1
Producto Versión: 0.1
Copyright: 
VirusTotal: https://www.virustotal.com/gui/file/2a3dc3ee65410a29ee0520aa456c30455c42f37bd5dfda744e11aaf264f48aab/detection/f-2a3dc3ee65410a29ee0520aa456c30455c42f37bd5dfda744e11aaf264f48aab-1636908975

C:\WINDOWS\system32\TpmTool.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.1348.cat
El archivo está firmado digitalmente
MD5: 26BD91AFD432B93EF3BF42458B5B6B8F
Fecha de creación y modificación: 2021-11-10 15:40 - 2021-11-10 15:40
Tamaño: 000272384
Atributos: ----A
Nombre de la compañía: Microsoft Windows -> Microsoft Windows -> Microsoft Windows -> Microsoft Windows -> 
Interno Nombre: 
Original Nombre: winsession.exe
Producto: Aplicacion de ejemplo
Descripción: 
Archivo Versión: 0.1
Producto Versión: 0.1
Copyright: 
VirusTotal: https://www.virustotal.com/gui/file/43fe6ba5b4cedc840795423db7a8009903836eb5382b14336ca764994d2630af/detection/f-43fe6ba5b4cedc840795423db7a8009903836eb5382b14336ca764994d2630af-1636642411

====== Final de File: ======

VirusTotal: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll => (3) Error
VirusTotal: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\baae9adde3b2553e690bffedfd64077b\Interop.CxHDAudioAPILib.ni.dll => (3) Error
VirusTotal: C:\WINDOWS\storelibdebug.txt => (3) Error
VirusTotal: C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => (3) Error
VirusTotal: C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe => (3) Error
VirusTotal: C:\Users\Tamara\AppData\Local\Windows\ttwin.exe => (3) Error
VirusTotal: C:\Users\Tamara\AppData\Local\Microsoft\winsession.exe => (3) Error
VirusTotal: C:\WINDOWS\system32\DrtmAuthTxt.wim => (3) Error
VirusTotal: C:\WINDOWS\SysWOW64\TpmTool.exe => (3) Error
VirusTotal: C:\WINDOWS\system32\runexehelper.exe => (3) Error
VirusTotal: C:\WINDOWS\system32\TpmTool.exe => (3) Error

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 14 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 14:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::1ce6:676d:eaae:5154%3
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.118
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{E89B5FD4-8373-481C-8BB8-8D6320F95DEB} canceled.
1 out of 1 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-275387635-2355096450-783506645-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-275387635-2355096450-783506645-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34778831 B
Java, Flash, Steam htmlcache => 373145289 B
Windows/system/drivers => 7636487 B
Edge => 59405 B
Chrome => 431049145 B
Firefox => 741674568 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 101216574 B
Tamara => 141448894 B

RecycleBin => 45616 B
EmptyTemp: => 1.7 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 14:31:45 ====

OK.

Quiero Logs frescos de FRST. Los traes tal y como te pedí la primera vez, ambos Logs pero nuevos.

Salu2.

Buenas, aqui te pongo los nuevos logs

FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-11-2021
Ejecutado por Tamara (administrador) sobre LAPTOP-EASMTIFI (LENOVO 80SM) (30-11-2021 18:07:44)
Ejecutado desde C:\Users\Tamara\Desktop
Perfiles cargados: Tamara
Plataforma: Microsoft Windows 10 Home Versión 20H2 19042.1348 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Users\Tamara\AppData\Local\Microsoft\winsession.exe
() [Archivo no firmado] C:\Users\Tamara\AppData\Local\Windows\ttwin.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Conexant Systems, Inc.) [Archivo no firmado] C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files\EPSON\Epson Data Collection Agent\DataCollectionAgentController.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files\EPSON\Epson Data Collection Agent\DCAgent.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIWLE.EXE <2>
(Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [DataCollectionAgentController] => C:\Program Files\EPSON\Epson Data Collection Agent\DataCollectionAgentController.exe [394864 2020-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831768 2016-08-29] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [Archivo no firmado]
HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\Run: [winsession] => C:\Users\Tamara\AppData\Local\Windows\ttwin.exe [4872776 2018-01-19] () [Archivo no firmado]
HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIWLE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIWLE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\EPSON XP-970 Series 64MonitorBE: C:\Windows\system32\E_YLMBWLE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Archivo no firmado]
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\Windows\system32\nitrolocalmon9.dll [29704 2013-10-07] (Nitro PDF Software -> Nitro PDF Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-19] (Google LLC -> Google LLC)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1D1B0D21-2B74-4231-8754-72219F6D4DF3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-08] (Google Inc -> Google Inc.)
Task: {1F17DE7B-C46A-4BE5-8B35-E0484A50E775} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2754B2FF-B667-497B-9CEF-58258FC387DA} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {32AD119B-BF08-4B47-8DF4-F5A80E596A95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-08] (Google Inc -> Google Inc.)
Task: {3542E814-FBD1-4A10-98EB-474A4190AB71} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9386aec5-5e42-47b5-9e8b-1d8276d277b2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {426CEE16-4E7F-44EB-9647-5E33AE8B8DBE} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [270304 2016-01-25] (LENOVO -> Lenovo)
Task: {42B22998-B7E6-4AF0-87AD-7376BF571C4D} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {446845CF-C744-4723-9B7F-1B80CDA63883} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\eedf4305-acc2-4901-b141-b96b6fc3fc3c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {5531616C-35D8-4E03-ACE5-44E51F58E82E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DD4BE35-B7C2-4CCE-BA75-8A5E464056EB} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {631471FF-09B5-45B7-9CE9-FC2D3E6BD33A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6941E871-35AB-41ED-8488-31B49DEC7E90} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {6EB2800B-DB2F-4103-88BC-C58BEC0A84F4} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [564664 2015-06-12] (LENOVO -> Lenovo)
Task: {6FF60FE4-24EE-4694-B34C-8B4FFD1BC9D2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {719CD173-803A-40EA-B94B-E3F4B827A110} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {72C3EDAF-4731-428A-AC9F-132B669DCD16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7482E5F3-8AE8-4539-8026-93C1F5E3B799} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\82e061df-8a23-42cc-8e7a-8c8b9536d2f0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {764FC1D2-005B-4ECE-82E6-DFDC15251BD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76FD8853-191A-4417-A0E3-ECFFD0A82D0F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {779D41F8-EE17-4452-8BA0-AF9E44A261D0} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {7F4F483F-A05F-48B0-B482-5267F41081C0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {87C2FFD6-BD2E-41F1-98C0-0BF422B9A954} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {A10D930B-8F5F-4B9E-9217-DEC8361A461D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7BFD2E8-1BA7-41B5-B631-8F80F7518F91} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9773024 2016-01-25] (LENOVO -> Lenovo)
Task: {AB44ABE0-1EAE-4871-8CB9-120884C65441} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {BADF9E02-4FBD-4CB2-99B9-A3FEE4207C35} - System32\Tasks\EPSON XP-970 Series Update {F1F8BAE2-1930-41A7-A620-6CED41E2A350} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWLE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {BD685ADB-71FC-4B33-85D1-66E9E0A93BF6} - System32\Tasks\CCleanerSkipUAC - Tamara => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D51FC4F7-A2DE-4B80-8A63-6E2A7BCD3311} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\afd52713-35c4-49af-9cbd-478815a32ed5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {D63030E9-1D1D-4314-8ABE-B7B12C6A9E56} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9773024 2016-01-25] (LENOVO -> Lenovo)
Task: {DB64FD03-72C3-481C-8D56-E3F4F2782A35} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {DBEFC28A-7424-4354-9F8E-1E862F9DB954} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-06] (LENOVO -> Lenovo)
Task: {DE619116-7842-43FA-8D63-AAE65DBBDE83} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8957db68-3760-40c6-8952-8b9177fbcdeb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {E17AA331-C85F-4DD4-94AE-B06AB931DDD3} - System32\Tasks\EPSON XP-970 Series Update {41127D20-C749-43C7-BE23-CAE5332BD4A4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWLE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {E830EF65-5A52-4C46-9EAA-11D0335187B8} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-09-11] (CyberLink Corp. -> CyberLink Corp.)
Task: {F225DF6A-4804-4F1E-A94F-426ADBF8C02A} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [564664 2015-06-12] (LENOVO -> Lenovo)
Task: {F28D780A-D413-4446-975A-06FD93CEA370} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1320416 2016-01-25] (LENOVO -> Lenovo)
Task: {FA7F99D1-5A6F-4EE5-9983-0495DA08DF2C} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-970 Series Update {41127D20-C749-43C7-BE23-CAE5332BD4A4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWLE.EXE:/EXE:{41127D20-C749-43C7-BE23-CAE5332BD4A4} /F:UpdateWORKGROUP\LAPTOP-EASMTIFI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-970 Series Update {F1F8BAE2-1930-41A7-A620-6CED41E2A350}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWLE.EXE:/EXE:{F1F8BAE2-1930-41A7-A620-6CED41E2A350} /F:UpdateWORKGROUP\LAPTOP-EASMTIFI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{13e6b2f5-9961-4440-9b44-ac3c08e304a8}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Tamara\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-26]
Edge HomePage: Default -> hxxp://lenovo15.msn.com/?pc=LCTE

FireFox:
========
FF DefaultProfile: 4kbnovqg.default
FF ProfilePath: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\4kbnovqg.default [2021-11-30]
FF DownloadDir: C:\Users\Tamara\Desktop
FF Homepage: Mozilla\Firefox\Profiles\4kbnovqg.default -> hxxp://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\4kbnovqg.default -> hxxps://powvldeo.net; hxxps://www.seriesanimadas.net; hxxps://www.4shared.com
FF Extension: (Ghostery – Bloqueador de anuncios para privacidad) - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\4kbnovqg.default\Extensions\[email protected] [2021-06-30]
FF Extension: (AdBlock) - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\4kbnovqg.default\Extensions\[email protected] [2020-02-06]
FF Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\4kbnovqg.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2021-01-10]
FF Extension: (Docs Online Viewer) - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\4kbnovqg.default\Extensions\{bfb54675-2fd9-4e22-949d-c36333aff6b5}.xpi [2017-02-11]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-10-07] (Nitro PDF Software -> Nitro PDF)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default [2021-11-30]
CHR DownloadDir: C:\Users\Tamara\Desktop
CHR Notifications: Default -> hxxps://powvldeo.net; hxxps://www.pinterest.es
CHR DefaultSearchURL: Default -> hxxps://gestionv1-c763.evolmind.com/web/images/favicon.ico
CHR Extension: (Presentaciones) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-08]
CHR Extension: (Documentos) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-08]
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-08]
CHR Extension: (Campus Online) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\egccjmfoajhggpboppmnlgphpjbdepml [2019-02-09]
CHR Extension: (Hojas de cálculo) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-08]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-18]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-11-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [132096 2016-05-12] (Conexant Systems, Inc.) [Archivo no firmado]
R2 DCAgent; C:\Program Files\EPSON\Epson Data Collection Agent\DCAgent.exe [16496 2020-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-07-04] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271328 2016-01-25] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7901368 2021-11-26] (Malwarebytes Inc -> Malwarebytes)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-10-07] (Nitro PDF Software -> Nitro PDF Software)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-20] (Microsoft Corporation) [Archivo no firmado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [153088 2021-08-13] (Microsoft Corporation) [Archivo no firmado]
R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-08-03] (EldoS Corporation -> /n software, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-08-03] (EldoS Corporation -> /n software, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-11-30 14:42 - 2021-11-30 14:42 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-11-30 14:41 - 2021-11-30 14:41 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-11-30 14:41 - 2021-11-30 14:41 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-11-30 14:15 - 2021-11-30 14:31 - 000095856 _____ C:\Users\Tamara\Desktop\Fixlog.txt
2021-11-30 14:10 - 2021-11-30 14:10 - 000000248 _____ C:\Users\Tamara\Desktop\DelFix.txt
2021-11-30 14:09 - 2021-11-30 14:10 - 000000248 _____ C:\DelFix.txt
2021-11-30 14:09 - 2021-11-30 14:09 - 000000000 ____D C:\WINDOWS\ERUNT
2021-11-30 14:08 - 2021-11-30 14:08 - 000797760 _____ C:\Users\Tamara\Desktop\delfix_1.013.exe
2021-11-28 20:07 - 2021-11-28 20:10 - 000043036 _____ C:\Users\Tamara\Desktop\Addition.txt
2021-11-28 20:03 - 2021-11-30 18:11 - 000030607 _____ C:\Users\Tamara\Desktop\FRST.txt
2021-11-28 19:47 - 2021-11-30 18:10 - 000000000 ____D C:\FRST
2021-11-28 19:44 - 2021-11-28 19:44 - 002311680 _____ (Farbar) C:\Users\Tamara\Desktop\FRST64.exe
2021-11-26 19:01 - 2021-11-26 19:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-11-26 19:00 - 2021-11-26 19:26 - 000258946 _____ C:\WINDOWS\ntbtlog.txt
2021-11-26 17:32 - 2021-11-26 17:32 - 000000552 _____ C:\Users\Tamara\Documents\cc_20211126_173237.reg
2021-11-26 16:15 - 2021-11-26 16:15 - 000000552 _____ C:\Users\Tamara\Documents\cc_20211126_161527.reg
2021-11-26 14:47 - 2021-11-26 14:47 - 000000552 _____ C:\Users\Tamara\Documents\cc_20211126_144701.reg
2021-11-26 10:41 - 2021-11-26 10:41 - 000013818 _____ C:\Users\Tamara\Documents\cc_20211126_104055.reg
2021-11-25 20:54 - 2021-11-25 20:54 - 008540344 _____ (Malwarebytes) C:\Users\Tamara\Desktop\adwcleaner_8.3.1.exe
2021-11-25 20:39 - 2021-11-30 15:44 - 000000000 ____D C:\Program Files\CCleaner
2021-11-25 20:39 - 2021-11-30 14:44 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-25 20:39 - 2021-11-26 19:08 - 000001051 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-25 20:39 - 2021-11-25 20:39 - 000002908 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Tamara
2021-11-25 20:39 - 2021-11-25 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-11-24 10:33 - 2021-11-30 14:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-24 10:25 - 2021-11-24 10:26 - 000000000 ____D C:\Users\Tamara\Desktop\musica
2021-11-23 21:38 - 2021-11-23 21:38 - 001178724 _____ C:\Users\Tamara\Desktop\Una corte de llamas plateadas (Ficción) (Spanish Edition).azw3
2021-11-15 09:45 - 2021-11-15 12:35 - 000000000 ____D C:\Users\Tamara\Desktop\jude
2021-11-15 09:45 - 2021-11-15 09:53 - 000000000 ____D C:\Users\Tamara\Desktop\isobel
2021-11-10 21:54 - 2021-11-15 12:35 - 000000000 ____D C:\Users\Tamara\Desktop\poppy wcb
2021-11-10 15:42 - 2021-11-10 15:42 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-10 15:41 - 2021-11-10 15:41 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-10 15:41 - 2021-11-10 15:41 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-10 15:40 - 2021-11-10 15:40 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-10 15:09 - 2021-11-10 15:09 - 000000000 ___HD C:\$WinREAgent
2021-11-03 13:02 - 2021-11-03 13:02 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-03 13:02 - 2021-11-03 13:02 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-02 19:10 - 2021-11-29 14:15 - 000000000 ____D C:\Users\Tamara\Desktop\portada Naheria
2021-11-02 11:59 - 2021-11-25 09:40 - 000000796 _____ C:\WINDOWS\storelibdebug.txt

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-11-30 18:06 - 2017-02-11 12:06 - 000000000 ____D C:\Users\Tamara\AppData\LocalLow\Mozilla
2021-11-30 17:56 - 2019-02-05 09:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-30 17:55 - 2021-04-20 15:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-30 17:13 - 2019-02-08 09:42 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-30 16:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-30 16:30 - 2021-04-20 16:19 - 000004218 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{82F586C9-55F9-4F1E-BB37-D98502830F17}
2021-11-30 14:41 - 2017-01-02 12:17 - 000000000 __SHD C:\Users\Tamara\IntelGraphicsProfiles
2021-11-30 14:40 - 2021-04-20 16:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-30 14:40 - 2021-04-20 15:38 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-30 14:40 - 2020-12-23 12:40 - 000000000 ____D C:\Users\Tamara\AppData\Roaming\WTablet
2021-11-30 14:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-30 14:40 - 2016-06-17 21:32 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-30 14:39 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-30 14:31 - 2019-05-18 12:13 - 000000000 ____D C:\Users\Tamara\AppData\LocalLow\Temp
2021-11-30 14:23 - 2017-02-11 12:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-11-30 10:48 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-30 10:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-29 09:37 - 2020-11-09 11:31 - 000000000 ____D C:\Users\Tamara\Desktop\hyaian
2021-11-26 19:28 - 2020-06-15 21:31 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-26 19:01 - 2020-12-11 08:48 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-26 14:30 - 2021-04-20 15:50 - 000000000 ____D C:\Users\Tamara
2021-11-26 11:28 - 2017-02-11 16:55 - 000000000 ____D C:\Users\Tamara\AppData\Local\CrashDumps
2021-11-26 11:00 - 2021-04-29 12:50 - 000000000 ____D C:\Users\Tamara\Desktop\commision
2021-11-26 09:54 - 2020-06-15 21:32 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-26 09:54 - 2020-06-15 21:32 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-26 09:53 - 2019-04-08 15:22 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-26 09:53 - 2019-04-08 15:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-26 09:53 - 2019-04-08 15:22 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-25 20:49 - 2020-03-14 12:52 - 000000000 ____D C:\Program Files (x86)\Steam
2021-11-25 20:49 - 2017-08-21 16:35 - 000000000 ____D C:\Users\Tamara\AppData\Roaming\uTorrent
2021-11-25 20:46 - 2021-04-19 16:10 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-25 20:30 - 2017-06-19 11:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-25 09:44 - 2020-06-21 21:22 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-25 09:39 - 2016-06-17 21:03 - 000000000 ____D C:\ProgramData\Lenovo
2021-11-24 13:18 - 2021-10-25 09:37 - 000000000 ____D C:\Users\Tamara\Desktop\danika
2021-11-24 10:33 - 2017-06-19 11:48 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-23 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-23 18:44 - 2021-04-20 16:03 - 001774678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-23 18:44 - 2019-12-07 15:55 - 000789482 _____ C:\WINDOWS\system32\perfh00A.dat
2021-11-23 18:44 - 2019-12-07 15:55 - 000155834 _____ C:\WINDOWS\system32\perfc00A.dat
2021-11-23 18:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-23 13:15 - 2017-02-11 19:58 - 000000000 ____D C:\Users\Tamara\AppData\Roaming\vlc
2021-11-23 09:42 - 2020-12-27 11:22 - 000000000 ____D C:\Users\Tamara\Desktop\editorial
2021-11-22 12:38 - 2017-02-14 11:06 - 000000000 ____D C:\Users\Tamara\Desktop\referencias
2021-11-22 09:04 - 2018-07-02 18:52 - 000000000 ____D C:\ProgramData\Packages
2021-11-19 17:18 - 2018-02-08 21:50 - 000000000 ____D C:\Users\Tamara\Documents\Biblioteca de calibre
2021-11-19 17:15 - 2019-02-08 09:42 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-19 17:15 - 2019-02-08 09:42 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-18 14:12 - 2021-04-20 16:19 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-275387635-2355096450-783506645-1001
2021-11-18 14:12 - 2021-04-20 15:50 - 000002423 _____ C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-18 08:39 - 2021-04-26 07:41 - 000003558 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d735f5a6751cc4
2021-11-18 08:39 - 2021-04-20 16:19 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-15 21:05 - 2017-11-28 15:49 - 000000000 ____D C:\Users\Tamara\AppData\Local\ElevatedDiagnostics
2021-11-15 09:26 - 2016-06-17 20:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-11-12 11:27 - 2021-01-28 10:13 - 000000000 ____D C:\Users\Tamara\Desktop\Redraw
2021-11-10 15:57 - 2021-04-20 15:38 - 005252840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-10 15:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-10 15:51 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-10 15:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-10 15:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 15:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-10 15:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-10 15:05 - 2017-02-11 16:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 14:58 - 2017-02-11 16:39 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-07 22:36 - 2021-06-16 23:28 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-11-07 22:36 - 2021-06-16 23:28 - 000063728 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-11-07 22:36 - 2021-04-05 09:05 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-11-07 22:36 - 2017-10-06 07:57 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-11-04 14:48 - 2021-09-28 09:51 - 000000000 ____D C:\Users\Tamara\Desktop\Cathal and Einar
2021-11-03 11:29 - 2017-12-19 11:31 - 000000000 ____D C:\Users\Tamara\Desktop\regalo muna
2021-11-03 10:58 - 2018-03-14 23:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-02 22:30 - 2017-11-25 10:52 - 000000000 ____D C:\Users\Tamara\AppData\Local\Packages

==================== Archivos en la raíz de algunos directorios ========

2021-03-07 21:00 - 2021-03-07 21:00 - 000000132 _____ () C:\Users\Tamara\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2017-06-13 08:44 - 2021-10-06 17:06 - 000000132 _____ () C:\Users\Tamara\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-09-10 17:12 - 2020-05-19 09:36 - 000001456 _____ () C:\Users\Tamara\AppData\Local\Adobe Guardar para Web 11.0 Prefs
2017-08-02 12:14 - 2017-08-02 12:14 - 000003584 _____ () C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Addition

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-11-2021
Ejecutado por Tamara (30-11-2021 18:12:25)
Ejecutado desde C:\Users\Tamara\Desktop
Microsoft Windows 10 Home Versión 20H2 19042.1348 (X64) (2021-04-20 15:21:05)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-275387635-2355096450-783506645-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-275387635-2355096450-783506645-503 - Limited - Disabled)
Invitado (S-1-5-21-275387635-2355096450-783506645-501 - Limited - Disabled)
Tamara (S-1-5-21-275387635-2355096450-783506645-1001 - Administrator - Enabled) => C:\Users\Tamara
WDAGUtilityAccount (S-1-5-21-275387635-2355096450-783506645-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\uTorrent) (Version: 3.5.5.45574 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoFirma (HKLM-x32\...\AutoFirma ) (Version: 1.5.0.JAv01 - Junta de Andalucía)
calibre (HKLM-x32\...\{5AD205E9-E80E-4F4B-88A5-C6B5CC12BBE4}) (Version: 2.48.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
CLIP STUDIO 1.6.2 (HKLM-x32\...\{9EA46798-B47E-4D2F-AA92-AF420E4628BC}) (Version: 1.6.2 - CELSYS)
CLIP STUDIO PAINT 1.6.2 (HKLM-x32\...\{234258C8-C5FA-4F9E-8E80-93E1453AFD36}) (Version: 1.6.2 - CELSYS)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Comprobación de estado de PC Windows (HKLM\...\{75741B4B-FC87-494A-A380-0EBA06DB89F9}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.31.55 - Conexant)
CorelDRAW Graphics Suite X6 - IPM (HKLM-x32\...\{0084B0C3-F376-42E3-804A-885D249282BD}) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (HKLM-x32\...\{318FF3D7-0C40-483B-AF92-AF36416B0AC6}) (Version: 16.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.0.0.707 - Corel Corporation)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Discord (HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{82C288CC-A96D-43E3-9119-944DABF5DD61}) (Version: 0.8.0.74 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Epson Data Collection Agent (HKLM\...\{AF4D8A50-6093-4556-936E-A4C042CC2AE2}) (Version: 4.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{AB971A4E-F669-4E82-AFF0-3C34DF768553}) (Version: 3.3.0.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{BF35B9D9-C4A1-40DD-B13C-46F35BD35282}) (Version: 3.5.2 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON XP-970 Series Printer Uninstall (HKLM\...\EPSON XP-970 Series) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
IMVU Avatar Chat Software (HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\IMVU Avatar chat client software BETA) (Version:  - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4483 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{E442BFFD-8406-4C6D-BE7E-0CF6E61EE363}) (Version: 3.2.004.00 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.9.23.0 - Lenovo Group Ltd.)
Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes)
Manuales de EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Manuales de usuario (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Office Profesional 2016 - es-es (HKLM\...\ProfessionalRetail - es-es) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Mozilla Firefox (x64 es-MX) (HKLM\...\Mozilla Firefox 94.0.2 (x64 es-MX)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
Nitro Pro 9 (HKLM\...\{5BE980A6-E246-4922-86B4-35456C12F1A5}) (Version: 9.0.2.37 - Nitro)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10232 - Qualcomm Atheros)
Qualcomm Atheros QCA6174_9377 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.149 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.44-1 - Wacom Technology Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
version 5.13.415.31/1.0.0.27/3.4.5.11(H1C307WW) (HKLM-x32\...\{4AD4461B-8BD4-4354-805C-E97E7A404906}_is1) (Version:  - Lenovo Group Limited)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebView2 Runtime de Microsoft Edge (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.34 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.17.0_x64__k1h2ywk1493x8 [2021-11-18] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-02] (Microsoft Studios) [MS Ad]
Portal de cuenta de Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-275387635-2355096450-783506645-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
SSODL: EldosMountNotificator-cbfs6 - {A5E9C2D6-72EB-4DDF-A702-A8B6F5EC3E1B} - C:\Windows\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {A5E9C2D6-72EB-4DDF-A702-A8B6F5EC3E1B} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {A5E9C2D6-72EB-4DDF-A702-A8B6F5EC3E1B} => C:\Windows\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {A5E9C2D6-72EB-4DDF-A702-A8B6F5EC3E1B} => C:\Windows\SysWOW64\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {32FF0E0C-5108-4B52-83B6-D157468802AF} => C:\Windows\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {32FF0E0C-5108-4B52-83B6-D157468802AF} => C:\Windows\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\9.0\NPShellExtension64.dll [2013-10-07] (Nitro PDF Software -> Nitro PDF)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Campus Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=egccjmfoajhggpboppmnlgphpjbdepml
ShortcutWithArgument: C:\Users\Tamara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2021-10-13 17:06 - 2021-10-13 17:06 - 000365056 _____ () [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\baae9adde3b2553e690bffedfd64077b\Interop.CxHDAudioAPILib.ni.dll
2021-10-13 17:06 - 2021-10-13 17:06 - 000018944 _____ () [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll
2018-10-26 11:51 - 2016-07-14 08:58 - 001155072 _____ (Conexant Systems, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2020-02-07 17:20 - 2020-02-07 17:20 - 000132096 _____ (Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2018-03-05 16:41 - 2018-03-05 16:41 - 000057856 _____ (Seiko Epson Corporation) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\EPNWPSHDevFinder.DLL
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2020-06-17 16:35 - 2020-06-17 16:35 - 003338240 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files\EPSON\Epson Data Collection Agent\IZENSTRMAPIu.dll
2020-06-17 16:35 - 2020-06-17 16:35 - 003142144 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files\EPSON\Epson Data Collection Agent\NDENCMAPI.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enppmon.dll
2021-05-31 16:28 - 2020-11-03 04:08 - 000954864 _____ (SQLite Development Team) [Archivo no firmado] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKU\S-1-5-21-275387635-2355096450-783506645-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-275387635-2355096450-783506645-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-275387635-2355096450-783506645-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKU\S-1-5-21-275387635-2355096450-783506645-1001 -> DefaultScope {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = 
SearchScopes: HKU\S-1-5-21-275387635-2355096450-783506645-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-275387635-2355096450-783506645-1001 -> {EAE6EC20-A64D-4AC7-AB25-2650C8C1DCB6} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Ningún archivo

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\gob.es -> hxxp://fnmt.gob.es

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2015-10-30 08:24 - 2021-11-30 14:29 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-275387635-2355096450-783506645-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tamara\Desktop\referencias\referencias\tattoo\075507f5a482182c56827709182644a4.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKU\S-1-5-21-275387635-2355096450-783506645-1001\...\StartupApproved\Run: => "AdobeBridge"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{78E0B732-E054-4AE1-94FC-1FEBF6829F1C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [Archivo no firmado]
FirewallRules: [UDP Query User{4A6C36A5-6942-42F0-B82E-4EC571561268}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [Archivo no firmado]

==================== Puntos de Restauración =========================

10-11-2021 15:05:56 Instalador de Módulos de Windows
22-11-2021 09:22:34 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (11/30/2021 02:44:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 14.8.0.1042, marca de tiempo: 0x5639dd97
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x04cb10a5
Identificador del proceso con errores: 0x330
Hora de inicio de la aplicación con errores: 0x01d7e5f061502696
Ruta de acceso de la aplicación con errores: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 22cff21d-87c4-49ec-a18c-faf033ea17ab
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/30/2021 02:44:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: IAStorDataMgrSvc.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
   en IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   en IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   en IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   en System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   en System.Threading.ThreadPoolWorkQueue.Dispatch()
   en System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/30/2021 02:17:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (11/30/2021 02:15:35 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {cf135ab3-fb98-4ff0-aec2-6884033161ff}

Error: (11/29/2021 08:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.1170, marca de tiempo: 0x618d79a6
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x603971ce
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219dc5
Identificador del proceso con errores: 0x30bc
Hora de inicio de la aplicación con errores: 0x01d7e5575d339a22
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 9cb6094a-3386-4ced-9a16-e1cf95b98fe8
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/28/2021 09:29:25 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Event-ID 1

Error: (11/26/2021 10:56:02 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Event-ID 1

Error: (11/26/2021 07:31:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 14.8.0.1042, marca de tiempo: 0x5639dd97
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x04c110a5
Identificador del proceso con errores: 0x2948
Hora de inicio de la aplicación con errores: 0x01d7e2f3d08a1cec
Ruta de acceso de la aplicación con errores: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 45665410-40dd-48da-9882-045254bec2fe
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (11/30/2021 02:44:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Rapid Storage Technology se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/30/2021 02:41:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (11/30/2021 02:41:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (45000 ms) para la conexión con el servicio Windows Presentation Foundation Font Cache 3.0.0.0.

Error: (11/30/2021 02:40:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (45000 ms) para la conexión con el servicio Dolby DAX2 API Service.

Error: (11/30/2021 02:40:38 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: El servicio SAService informó de un estado actual 14 no válido.

Error: (11/30/2021 02:38:20 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-EASMTIFI)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/30/2021 02:17:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Epson Scanner Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/30/2021 02:17:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio GDCAgent se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
================
Date: 2021-11-29 11:19:18
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {33B2247D-D502-4D0B-B27E-D4484CADF79B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-11-25 23:02:02
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/uTorrent_BundleInstaller&threatid=311958&enterprise=0
Nombre: PUABundler:Win32/uTorrent_BundleInstaller
Id.: 311958
Gravedad: Baja
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Users\Tamara\AppData\Roaming\uTorrent\updates\3.5.5_45231.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Usuario
Usuario: LAPTOP-EASMTIFI\Tamara
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.353.1553.0, AS: 1.353.1553.0, NIS: 1.353.1553.0
Versión de motor: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-25 11:41:59
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {1FDD2E5D-AFD8-4E61-9C97-D463989E6A46}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-11-24 11:38:40
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {803E3580-D37A-4F4B-9657-048D83CACDE0}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-11-23 11:12:05
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {E34E238B-345B-4EF8-9E38-378BC546B9D9}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2021-11-26 19:01:01
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2021-11-23 20:52:26
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80004005
Descripción del error: Error no especificado 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2021-11-23 20:52:25
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80004005
Descripción del error: Error no especificado 
Motivo: La protección en tiempo real dejó de funcionar por motivos desconocidos. Reinicie el servicio para recuperarla.

Date: 2021-11-23 18:52:13
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.353.1449.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18700.4
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

==================== Información de la memoria =========================== 

BIOS: LENOVO 0XCN23WW 03/21/2016
Placa base: LENOVO Toronto 5A2
Procesador: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Porcentaje de memoria en uso: 49%
RAM física total: 8097.91 MB
RAM física disponible: 4082.7 MB
Virtual total: 9377.91 MB
Virtual disponible: 4913.21 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:883.95 GB) (Free:777.9 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.38 GB) NTFS

\\?\Volume{c129d554-dcf3-42a3-bd01-7b837d0bef07}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.44 GB) NTFS
\\?\Volume{90bc3d56-101c-4ce0-b21d-c63e4e1878c9}\ (LENOVO_PART) (Fixed) (Total:20.34 GB) (Free:7.53 GB) NTFS
\\?\Volume{340bea16-440b-4172-94c8-ec848d9455a8}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: CB63F1DD)

Partition: GPT.

==================== Final de Addition.txt =======================

Hola, buenas @Kadoura disculpa que haya tardado en responder. Pues estoy teniendo unos días muy ajetreados, con bastante poco tiempo.

Se me traspapelo tu tema y no lo vi.

¿Quieres que sigamos con el caso @Kadoura? Sí es así, dímelo, armo (creo) y te publico el Script.

Salu2.