Que tal @SanMar eliminé el archivo que me indicaste y pude borrarlo sin ningún problema. Al parecer se creó un acceso directo con el nombre de la carpeta en todas las carpetas de la memoria USB, pero también pude borrar esos accesos directos sin problemas y no se han vuelto a crear.
Dejo los reportes solicitados.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-04-2019
Ran by Dolly (administrator) on MASTERVAIO (Sony Corporation VPCYB35AL) (25-04-2019 15:40:30)
Running from C:\Users\Dolly\Desktop
Loaded Profiles: Dolly (Available Profiles: Dolly)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Zbshareware Limited -> Zbshareware Lab) [File not signed] C:\Program Files\USB Disk Security\USBGuard.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3820440 2016-04-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [623520 2011-01-31] (Zbshareware Limited -> Zbshareware Lab) [File not signed]
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => "C:\Program Files\AVG Web TuneUp\vprot.exe"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1873192 2011-01-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [radsuperloaver] => C:\streamerdata\streamer.exe /AutoIt3ExecuteScript "C:\streamerdata\ghghghf.zip"
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.108\Installer\chrmstp.exe [2019-04-24] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files\CyberLink\YouCam\CLCredProv\x86\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files\CyberLink\YouCam\CLCredProv\x86\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B44FD86-D8BE-4551-A858-F2B0BF732BB7} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {2163EBA2-87B1-4D0D-AB6F-569A5AA36894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-07-09] (Google Inc -> Google Inc.)
Task: {294B02A3-0105-4B69-AEAA-9D1BEE7A2A97} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd -> Piriform Ltd)
Task: {85454358-F211-4B74-80D1-8375C55166DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-07-09] (Google Inc -> Google Inc.)
Task: {85539B48-FAAD-465B-A4F4-96D5DBC311C5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {A2F46567-247E-40DD-A947-76FFA7E12B3B} - System32\Tasks\AVG EUpdate Task => C:\Program Files\AVG\Setup\avgsetupx.exe [3661072 2018-01-23] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{DF7D4A36-592C-4B74-804D-C443FA2C7DE3}: [DhcpNameServer] 192.168.43.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> DefaultScope {B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> {B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> {F0EB293B-E47D-4203-9CD6-8CF22BF3E945} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2015-07-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-09] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-09] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com.pe/"
CHR Profile: C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default [2019-04-25]
CHR Extension: (Presentaciones) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-24]
CHR Extension: (Documentos) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-24]
CHR Extension: (Google Drive) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-15]
CHR Extension: (YouTube) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-05]
CHR Extension: (Búsqueda de Google) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-09]
CHR Extension: (Hojas de cálculo) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-05]
CHR Extension: (Gmail) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-09]
CHR Extension: (Chrome Media Router) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-25]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3647384 2016-04-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [336152 2016-04-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-03-01] (Microsoft Windows -> Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7800832 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [245760 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [100880 2011-06-20] (ATI Technologies, Inc -> Advanced Micro Devices)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [252336 2015-12-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [223152 2016-01-13] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-25] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [234416 2015-12-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [193456 2016-01-22] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [230832 2015-08-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-04-23] (Malwarebytes Corporation -> Malwarebytes)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-13] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [107168 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64088 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [85232 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [9344 2007-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 EverestDriver; \??\G:\$Correcto\Install\DVD_01 Install 2015\Everest Ultimate\kerneld.wnt [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-25 15:40 - 2019-04-25 15:40 - 000000000 ____D C:\Users\Dolly\Desktop\FRST-OlderVersion
2019-04-25 15:24 - 2019-04-25 15:24 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-25 15:24 - 2019-04-25 15:24 - 000107168 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-04-25 15:24 - 2019-04-25 15:24 - 000085232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-04-25 15:24 - 2019-04-25 15:24 - 000064088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-04-25 10:03 - 2019-04-25 10:03 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-04-24 20:14 - 2019-04-24 20:14 - 000036193 _____ C:\Users\Dolly\Desktop\UsbFix_Report.txt
2019-04-24 20:06 - 2019-04-24 20:08 - 000001846 _____ C:\Users\Dolly\Desktop\UsbFix Anti-Malware.lnk
2019-04-24 20:06 - 2019-04-24 20:07 - 000000000 ____D C:\Program Files\UsbFix
2019-04-24 20:05 - 2019-04-24 20:05 - 004763288 _____ (SOSVirus) C:\Users\Dolly\Downloads\UsbFix_2019_11.014.exe
2019-04-24 17:14 - 2019-04-24 17:16 - 000081297 _____ C:\Users\Dolly\Desktop\Addition.txt
2019-04-24 17:11 - 2019-04-25 15:43 - 000017816 _____ C:\Users\Dolly\Desktop\FRST.txt
2019-04-24 17:11 - 2019-04-25 15:40 - 000000000 ____D C:\FRST
2019-04-24 17:09 - 2019-04-25 15:40 - 001788928 _____ (Farbar) C:\Users\Dolly\Desktop\FRST.exe
2019-04-23 16:48 - 2019-04-23 16:48 - 000006436 _____ C:\Users\Dolly\Desktop\ZHPCleaner (R).txt
2019-04-23 16:26 - 2019-04-23 16:26 - 000007410 _____ C:\Users\Dolly\Desktop\ZHPCleaner (S).txt
2019-04-23 15:47 - 2019-04-23 16:48 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\ZHP
2019-04-23 15:47 - 2019-04-23 15:47 - 000000840 _____ C:\Users\Dolly\Desktop\ZHPCleaner.lnk
2019-04-23 15:47 - 2019-04-23 15:47 - 000000000 ____D C:\Users\Dolly\AppData\Local\ZHP
2019-04-23 15:46 - 2019-04-23 15:46 - 003133312 _____ C:\Users\Dolly\Downloads\ZHPCleaner.exe
2019-04-22 20:03 - 2019-04-22 20:03 - 000000000 ____D C:\Users\Dolly\AppData\Local\mbamtray
2019-04-22 20:03 - 2019-04-22 20:03 - 000000000 ____D C:\Users\Dolly\AppData\Local\mbam
2019-04-22 20:02 - 2019-04-23 15:51 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-04-22 20:02 - 2019-04-22 20:02 - 000002033 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-22 20:02 - 2019-04-22 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-22 20:02 - 2019-04-22 20:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-22 20:02 - 2019-04-22 20:02 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-22 19:47 - 2019-04-22 19:50 - 064309056 _____ (Malwarebytes ) C:\Users\Dolly\Downloads\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe
2019-04-22 19:17 - 2019-04-22 19:18 - 000000000 ____D C:\AdwCleaner
2019-04-22 19:16 - 2019-04-22 19:17 - 007025360 _____ (Malwarebytes) C:\Users\Dolly\Downloads\adwcleaner_7.3.exe
2019-04-17 18:38 - 2019-04-15 15:52 - 000134081 _____ C:\Users\Dolly\Desktop\sobre-la-constitucin-del-estado-constitucional.pdf
2019-04-03 20:03 - 2019-04-03 20:03 - 000000000 ____D C:\Users\Dolly\Desktop\POLICIAS
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-25 15:37 - 2011-04-11 20:30 - 000747230 _____ C:\Windows\system32\perfh00A.dat
2019-04-25 15:37 - 2011-04-11 20:30 - 000158670 _____ C:\Windows\system32\perfc00A.dat
2019-04-25 15:37 - 2010-11-20 16:01 - 001675926 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-25 15:37 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\inf
2019-04-25 15:34 - 2015-07-09 20:56 - 000000000 ____D C:\ProgramData\MFAData
2019-04-25 15:23 - 2009-07-13 23:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-25 12:06 - 2009-07-13 23:34 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-25 12:06 - 2009-07-13 23:34 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-24 17:50 - 2015-07-09 20:45 - 000002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-23 15:53 - 2015-11-02 10:36 - 000000000 ____D C:\Windows\Minidump
2019-04-04 20:25 - 2019-03-12 16:01 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\AIMP
2019-04-02 15:12 - 2018-11-29 18:13 - 000000000 ____D C:\Users\Dolly\Desktop\YENNY MURILLO 20
2019-04-02 15:10 - 2016-04-19 10:11 - 000000000 ____D C:\Users\Dolly\Desktop\apertura
2019-04-02 15:06 - 2016-02-01 09:58 - 000000000 ____D C:\Users\Dolly\Desktop\ELISEO
2019-04-02 14:23 - 2015-11-06 10:19 - 000000000 ____D C:\Users\Dolly\Desktop\Formalizaciones
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\User32.dll
[2010-11-20 16:29] - [2010-11-20 16:29] - 000811520 _____ (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1
LastRegBack: 2019-04-24 16:42
==================== End of FRST.txt ============================