Aparecen Popups con publicidad

Addition.txt (1/2)

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2019
Ran by Dolly (24-04-2019 17:14:12)
Running from C:\Users\Dolly\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2015-07-10 00:52:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1986104296-3163790973-3246301206-500 - Administrator - Disabled)
Dolly (S-1-5-21-1986104296-3163790973-3246301206-1000 - Administrator - Enabled) => C:\Users\Dolly
HomeGroupUser$ (S-1-5-21-1986104296-3163790973-3246301206-1002 - Limited - Enabled)
Invitado (S-1-5-21-1986104296-3163790973-3246301206-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Reader XI  MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AIMP (HKLM\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Apple Application Support (32 bits) (HKLM\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{ABDE67C4-5876-4CDB-82A9-0CBACECC1C4A}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{9F8E6025-423A-2A9F-3951-71E9BE2A85E7}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG 2015 (HKLM\...\{62DF9376-A9FB-463A-9F26-63B9DF023DEB}) (Version: 15.0.6201 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\{9E9EE8EE-8872-4817-9FF1-0DF3C986584B}) (Version: 15.0.4793 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6201 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.9.626 - AVG Technologies)
AVG Zen (HKLM\...\{3D8C5CBA-DDCF-44CE-AD7D-B0AEF74E989E}) (Version: 1.116.2 - AVG Technologies) Hidden
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM\...\{ED468F84-6B55-4FFD-A0C2-3C2064696A88}) (Version: 3.40.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CyberLink YouCam 5 (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
FMW 1 (HKLM\...\{A2B92392-DC17-416B-88F6-A6A55E053E32}) (Version: 1.143.3 - AVG Technologies) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
IrfanView 4.51 (32-bit) (HKLM\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{869A9D9A-54D2-43E6-BB88-201902C9210E}) (Version: 12.9.3.3 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
USB Disk Security (HKLM\...\USB Disk Security_is1) (Version:  - Zbshareware Lab)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WMPKeys (HKLM\...\{5D4B3647-9842-4875-B081-EF8D98C02865}) (Version: 1.2.0.0 - lazymf and kbept)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{9B61F641-7794-4322-BF6A-E45EFD6C8D7C}\InprocServer32 -> C:\Program Files\WMPKeys\wmpkeys.dll (lazymf and kbept) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2019-03-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files\AVG\AVG2015\avgse.dll [2016-04-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2019-03-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files\AVG\AVG2015\avgse.dll [2016-04-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\(ACUSACIÓN DIRECTA PELIGRO COMUN).docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\(ACUSACIÓN DIRECTA PELIGRO COMUN).docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & explorer ".Trashes\ "
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\01-give-me-love.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\01-give-me-love.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\01-The-A-Team.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\01-The-A-Team.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\02.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\02.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\03.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\03.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\04.- Tu Amor Me Hace Bien.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\04.- Tu Amor Me Hace Bien.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\05. Last First Kiss (www.SongsLover.pk).mp3.2etrw1j.partial.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\05. Last First Kiss (www.SongsLover.pk).mp3.2etrw1j.partial"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\06. 22 (www.SongsLover.pk).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\06. 22 (www.SongsLover.pk).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\3369.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\3369.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\45 GONZALES QUIROZ cayma. okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\45 GONZALES QUIROZ cayma. okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\8) Pitbull - Rain over me - Pitbull y Marck Anthony.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\8) Pitbull - Rain over me - Pitbull y Marck Anthony.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\94241.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\94241.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ACTA  DE  APLICACIÓN  DEL  PRINCIPIO DE OPORTUNIDAD YURI ARAGON QUISPE.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\ACTA  DE  APLICACIÓN  DEL  PRINCIPIO DE OPORTUNIDAD YURI ARAGON QUISPE.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ACUERDO REPARATORIO ALEX SURCO CHUCTAYA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\ACUERDO REPARATORIO ALEX SURCO CHUCTAYA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio Ancelma Pinares de Baustista.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio Ancelma Pinares de Baustista.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Acuerdo reparatorio BONIFACIA HUAMAN TURPO.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Acuerdo reparatorio BONIFACIA HUAMAN TURPO.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio Bryan Ayrton Cuno Barriios okey okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio Bryan Ayrton Cuno Barriios okey okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio Bryan Ayrton Cuno Barriios okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio Bryan Ayrton Cuno Barriios okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio Bryan Ayrton Cuno Barriios.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio Bryan Ayrton Cuno Barriios.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio GLADYS BEDOYA LEON.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio GLADYS BEDOYA LEON.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio MILCA VILCA QUISPE.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio MILCA VILCA QUISPE.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio PERCY FORTUNATO QUISPE QUISPE.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio PERCY FORTUNATO QUISPE QUISPE.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio y archivo de JHONY CALDERON ARANA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start E:\bat.bat & ".Trashes\acuerdo reparatorio y archivo de JHONY CALDERON ARANA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio y archivo de JHONY CALDERON ARANAokey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\acuerdo reparatorio y archivo de JHONY CALDERON ARANAokey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acusacion LESIONES CULPOSAS MARIO PUMACALLAHUI VIZARRETA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\acusacion LESIONES CULPOSAS MARIO PUMACALLAHUI VIZARRETA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acusación PELIGRO COMUN juan luis condori condoril.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acusación PELIGRO COMUN juan luis condori condoril.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA 503-2014-4286 HURTO agravado.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\APERTURA 503-2014-4286 HURTO agravado.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura COACCION  Shirley Yamali Capia Flores.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\apertura COACCION  Shirley Yamali Capia Flores.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura de investigación  503-2015-2636.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\apertura de investigación  503-2015-2636.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA LESIONES  GONZALES QUIROZ.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\APERTURA LESIONES  GONZALES QUIROZ.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA LESIONES carmen sandra morochara huamani violencia famiiar okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\APERTURA LESIONES carmen sandra morochara huamani violencia famiiar okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA LESIONES carmen sandra morochara huamani violencia famiiar.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\APERTURA LESIONES carmen sandra morochara huamani violencia famiiar.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura lesiones leves GONZALES QUIROZ cayma. okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\apertura lesiones leves GONZALES QUIROZ cayma. okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA LESIONES ticona curasi juan cesar (violencia familiar) okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\APERTURA LESIONES ticona curasi juan cesar (violencia familiar) okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA LESIONES ticona curasi juan cesar (violencia familiar).docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\APERTURA LESIONES ticona curasi juan cesar (violencia familiar).docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura lesiones y daños MARCOS HONORATO AMADO CHALCO..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\apertura lesiones y daños MARCOS HONORATO AMADO CHALCO..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura lesiones y daños MARCOS HONORATO AMADO CHALCO.ok.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\apertura lesiones y daños MARCOS HONORATO AMADO CHALCO.ok.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura RECEPTACIÓN EDGAR PALOMINO QUIJHUA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\apertura RECEPTACIÓN EDGAR PALOMINO QUIJHUA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura RECEPTACIÓN LEOCADIO TRELLES CASTRO.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\apertura RECEPTACIÓN LEOCADIO TRELLES CASTRO.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura usurpacion NATTY ARELA LAQUISE.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\apertura usurpacion NATTY ARELA LAQUISE.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURAS, PRORROGAS Y DEMAS.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & explorer ".Trashes\APERTURAS, PRORROGAS Y DEMAS"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo  violacion de domicilio ROYER DEAN MELO GOMEZ.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo  violacion de domicilio ROYER DEAN MELO GOMEZ.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA causa de justificación okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA causa de justificación okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA causa de justificación.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA causa de justificación.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO HURTO AGRAVADO - VEHICULO- 503-2015-375.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ARCHIVO HURTO AGRAVADO - VEHICULO- 503-2015-375.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo lesiones cuero cabelludo SONIA JUAN CALLO MAMANI.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo lesiones cuero cabelludo SONIA JUAN CALLO MAMANI.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo lesiones culposas JONATAN GARCIA GIRALDO colombiano.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo lesiones culposas JONATAN GARCIA GIRALDO colombiano.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo lesiones.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo lesiones.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO luz marina tinoco choque VIOLACION DE DOMICILIO Y LESIONES.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ARCHIVO luz marina tinoco choque VIOLACION DE DOMICILIO Y LESIONES.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo robo agravado hoy.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo robo agravado hoy.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo robo agravado Luis Valencia Huamani.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo robo agravado Luis Valencia Huamani.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO VIEJITO.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ARCHIVO VIEJITO.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo y reserva niña desaparecida ok.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\archivo y reserva niña desaparecida ok.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo y reserva niña desaparecida.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\archivo y reserva niña desaparecida.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo YESICA LEY ARESTEGUI lesiones culposas.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\archivo YESICA LEY ARESTEGUI lesiones culposas.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Archivos.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & explorer ".Trashes\Archivos"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Ariana Grande feat. Mac Miller - The Way [128].mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Ariana Grande feat. Mac Miller - The Way [128].mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\beneficios.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\beneficios.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\bonifacia huaman iiiiii.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\bonifacia huaman iiiiii.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\BONIFACIA HUAMAN TURPO.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\BONIFACIA HUAMAN TURPO.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\BOOTEX.LOG.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\BOOTEX.LOG"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Bruno_Mars_-_When_I_Was_Your_Man.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Bruno_Mars_-_When_I_Was_Your_Man.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\CASO N declaración NATIVIDAD CANSAYA OAF.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\CASO N declaración NATIVIDAD CANSAYA OAF.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\conclusión Walter Chavez VERA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\conclusión Walter Chavez VERA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\convocar a audiencia de principio de oporutnidad LEOCADIO TRELLES CASTRO..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\convocar a audiencia de principio de oporutnidad LEOCADIO TRELLES CASTRO..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\CONVOCAR AUDIENCIA DE PRINCIPIO DE OPOETUNIDAD EDGAR PALOMINO QUIJHUA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\CONVOCAR AUDIENCIA DE PRINCIPIO DE OPOETUNIDAD EDGAR PALOMINO QUIJHUA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\correccion CONCURSO REAL DE DELITOS.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\correccion CONCURSO REAL DE DELITOS.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\corrección concurso aparente de delitos ALEX SURCO CHUCTAYA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\corrección concurso aparente de delitos ALEX SURCO CHUCTAYA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\declaracion BONIFACIA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\declaracion BONIFACIA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\declaracion VENANCIA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\declaracion VENANCIA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\declaración de PNP BERCEL PERCI BARREGA ZEGARRA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\declaración de PNP BERCEL PERCI BARREGA ZEGARRA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\declaración Wilder Montaño Revilla.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\declaración Wilder Montaño Revilla.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\DENUNCIA POR ACTA  MARICIELO MARESCA LAZO.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\DENUNCIA POR ACTA  MARICIELO MARESCA LAZO.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\DENUNCIA POR ACTA presunto delito de violación de la libertad sexual.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\DENUNCIA POR ACTA presunto delito de violación de la libertad sexual.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\DENUNCIA POR ACTA.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\DENUNCIA POR ACTA.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\DILIGENCIAS DE INVESTIGACIÓN PREPARATORIA GABY IRENE TEJADA PUMA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\DILIGENCIAS DE INVESTIGACIÓN PREPARATORIA GABY IRENE TEJADA PUMA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Dimelo.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Dimelo.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\disposicion ANDAHUYALLAS.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\disposicion ANDAHUYALLAS.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\disposicion caso de las monjitas escrito presentado por denunciada..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\disposicion caso de las monjitas escrito presentado por denunciada..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\DISPOSICION DE ARCHIVO -Calderon Arana Johnny.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\DISPOSICION DE ARCHIVO -Calderon Arana Johnny.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\disposicion hermana INABIF.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\disposicion hermana INABIF.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\disposicion loquito ..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\disposicion loquito ..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Ed-Sheeran-You-Need-Me-I-Dont-Need-You.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Ed-Sheeran-You-Need-Me-I-Dont-Need-You.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\EDGARD FREDY HAÑARI QUISPE.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\EDGARD FREDY HAÑARI QUISPE.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ejecucion sent oaf 2326-2013 EXP. 4740-2013 OK.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ejecucion sent oaf 2326-2013 EXP. 4740-2013 OK.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ejecucion sent oaf 2326-2013 EXP. 4740-2013.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ejecucion sent oaf 2326-2013 EXP. 4740-2013.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\EMBARGO E INHIBICION.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\EMBARGO E INHIBICION.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ESCRITO subsanando requerimiento de tercero civil.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ESCRITO subsanando requerimiento de tercero civil.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Fifth_Harmony-Anything_Could_Happen_Mix_3rd_Version(myfreemp3.eu).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Fifth_Harmony-Anything_Could_Happen_Mix_3rd_Version(myfreemp3.eu).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Fifth_Harmony-Impossible_Shontelle_cover(myfreemp3.eu).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Fifth_Harmony-Impossible_Shontelle_cover(myfreemp3.eu).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\FILE_REC.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & explorer ".Trashes\FILE_REC"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\FORMALIZACION 290-2015.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\FORMALIZACION 290-2015.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\FORMALIZACION Lesiones Culposas inga Calachua12.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\FORMALIZACION Lesiones Culposas inga Calachua12.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalizacion lesiones graves DELGADO URIA ANDERSON okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\formalizacion lesiones graves DELGADO URIA ANDERSON okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\FORMALIZACION.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\FORMALIZACION.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización alexander huamani quicaño DELITOS CONTRA EL SUFRAGIO.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\formalización alexander huamani quicaño DELITOS CONTRA EL SUFRAGIO.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización BONIFACIA HUAMAN TURPO lesiones.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\formalización BONIFACIA HUAMAN TURPO lesiones.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización Calderon Arana Johnny LESIONES.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\formalización Calderon Arana Johnny LESIONES.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización de LESIONES mauriciio andre calla quiroz ok.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\formalización de LESIONES mauriciio andre calla quiroz ok.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización de LESIONES mauriciio andre calla quiroz.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\formalización de LESIONES mauriciio andre calla quiroz.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización de ronal vilca quispe.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\formalización de ronal vilca quispe.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Formalización Lesiones Culposas Ingracia Condori de Uracahua.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start E:\bat.bat & ".Trashes\Formalización Lesiones Culposas Ingracia Condori de Uracahua.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización lesiones leves alvaro bernardo choquehuanca guevara.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\formalización lesiones leves alvaro bernardo choquehuanca guevara.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\FORMALIZACIÓN PELIGRO COMUN Edward Valdeiglesias Gonzales..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\FORMALIZACIÓN PELIGRO COMUN Edward Valdeiglesias Gonzales..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización peligro comun HUGO CONDORI ROJAS.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\formalización peligro comun HUGO CONDORI ROJAS.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\integración tercero civil ANDRES SALCEDO PERALTA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\integración tercero civil ANDRES SALCEDO PERALTA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\JAIME LIMA.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\JAIME LIMA.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\JAIME.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\JAIME.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\JORDY MAMANI CCAMA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\JORDY MAMANI CCAMA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Lego-House-by-Ed-Sheeran-Rudimental-Remix.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Lego-House-by-Ed-Sheeran-Rudimental-Remix.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Little Mix - Change Your Life (Winner X Factor UK)  (www.music.luigykent.org).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Little Mix - Change Your Life (Winner X Factor UK)  (www.music.luigykent.org).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\little_mix_-_pretend_its_ok_(www.freshmp3music.ru).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\little_mix_-_pretend_its_ok_(www.freshmp3music.ru).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\marc_anthony_-_y_como_es_el_demo.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\marc_anthony_-_y_como_es_el_demo.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\modelos notaria.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & explorer ".Trashes\modelos notaria"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\OAF- ROXANA IRAIDA VILCA YANQUE.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\OAF- ROXANA IRAIDA VILCA YANQUE.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\OFICIO CORRECCIÓN CONCURSO APARENTE DE LEYES, ALEX SURCO CHUCTAYA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\OFICIO CORRECCIÓN CONCURSO APARENTE DE LEYES, ALEX SURCO CHUCTAYA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\OFICIO IMAGEN AUDIO VIDEO MONJITAS..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\OFICIO IMAGEN AUDIO VIDEO MONJITAS..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\oficio IMAGEN AUDIO Y VIDEO DEL MINISTERIO PUBLICO..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\oficio IMAGEN AUDIO Y VIDEO DEL MINISTERIO PUBLICO..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\OFICIO YANEZ RONDON.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\OFICIO YANEZ RONDON.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\oficios.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\oficios.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\OFICIOS.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & explorer ".Trashes\OFICIOS"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\PC.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & explorer ".Trashes\PC"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\pericia fisica caso de las monjitas.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\pericia fisica caso de las monjitas.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\pericia fisica PNP ALEJANDRO MORALES MINAYA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\pericia fisica PNP ALEJANDRO MORALES MINAYA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\PRORROGA 503-2015-2203 (Autoguardado).docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\PRORROGA 503-2015-2203 (Autoguardado).docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\REG.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\REG.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Requerimiento de Nulidad de Transferencias  ( champi ancalla).doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Requerimiento de Nulidad de Transferencias  ( champi ancalla).doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Requerimiento de Nulidad de Transferencias - subsanacion .doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Requerimiento de Nulidad de Transferencias - subsanacion .doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\REQUERIMIENTO Nº.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\REQUERIMIENTO Nº.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\sobreseimiento.... magno bazan fernández corregida okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\sobreseimiento.... magno bazan fernández corregida okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\sobreseimiento.... magno bazan fernández corregida okeyokey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\sobreseimiento.... magno bazan fernández corregida okeyokey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\sobreseimiento.... magno bazan fernández corregida.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\sobreseimiento.... magno bazan fernández corregida.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\sobreseimiento.... magno bazan fernández.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\sobreseimiento.... magno bazan fernández.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\T- ABEL TELLEZ VELASQUEZ.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\T- ABEL TELLEZ VELASQUEZ.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\They-Dont-Know-About-Us_(webmusic.in).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\They-Dont-Know-About-Us_(webmusic.in).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Thumbs.db.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Thumbs.db"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\tumblr_lrnfvbCIkM1qipyj9o1.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\tumblr_lrnfvbCIkM1qipyj9o1.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\tumblr_mb8qi3rCnS1rpe190o1.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\tumblr_mb8qi3rCnS1rpe190o1.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\tumblr_mdl8u9jyr91rbrxfjo1_r1_mp3.lbg6pa9.partial.lnk ->
1 me gusta

Addition.txt (2/2)

C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\tumblr_mdl8u9jyr91rbrxfjo1_r1_mp3.lbg6pa9.partial"
    ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\tumblr_mdwp5vmzAe1rl4210o1.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\tumblr_mdwp5vmzAe1rl4210o1.mp3"
    ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\VARIOS.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & explorer ".Trashes\VARIOS"
    ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\violacion, archivo. consentimiento. caso 1484.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\violacion, archivo. consentimiento. caso 1484.doc"
    ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\~$WLLBE.FAT.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\~$WLLBE.FAT"
    ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\~WRL0005.tmp.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\~WRL0005.tmp"
    ShortcutWithArgument: C:\Users\Dolly\Desktop\apertura\PRESTADOS\CONCLUSION 503-2011-839-ESTAFA-EL REGRESO.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start E:\bat.bat & ".Trashes\CONCLUSION 503-2011-839-ESTAFA-EL REGRESO.doc"
    ShortcutWithArgument: C:\Users\Dolly\Desktop\apertura\PRESTADOS\CONCLUSION 503-2015-1788-0.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start E:\bat.bat & ".Trashes\CONCLUSION 503-2015-1788-0.docx"
    ShortcutWithArgument: C:\Users\Dolly\Desktop\apertura\PRESTADOS\CONCLUSION 503-2015-5511-0.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start E:\bat.bat & ".Trashes\CONCLUSION 503-2015-5511-0.docx"

    ==================== Loaded Modules (Whitelisted) ==============

    2010-11-20 16:29 - 2010-11-20 16:29 - 000811520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
    2011-05-24 23:17 - 2011-05-24 23:17 - 000294400 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    2011-05-24 23:17 - 2011-05-24 23:17 - 000065024 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
    2011-05-24 23:46 - 2011-05-24 23:46 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamesp.dll
    2015-07-09 22:50 - 2012-06-09 19:20 - 000167936 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
    2010-11-20 16:29 - 2010-11-20 16:29 - 000410624 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\systemcpl.dll
    2015-07-09 22:01 - 2011-01-31 17:52 - 000623520 _____ (Zbshareware Limited -> Zbshareware Lab) [File not signed] C:\Program Files\USB Disk Security\USBGuard.exe
    2015-07-09 22:43 - 2015-07-09 22:43 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL
    2015-07-09 22:01 - 2010-12-09 21:27 - 006062080 _____ (BCGSoft Ltd) [File not signed] C:\Program Files\USB Disk Security\BCGCBPRO1500u80.dll
    2015-07-09 22:01 - 2010-12-08 15:21 - 000753664 _____ (BCGSoft Co Ltd) [File not signed] C:\Program Files\USB Disk Security\BCGPStyle2010Blue150.dll
    2010-08-23 16:11 - 2010-08-23 16:11 - 000299008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    2011-05-24 23:48 - 2011-05-24 23:48 - 000095744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000022016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
    2018-01-23 13:27 - 2018-01-23 13:27 - 048920064 _____ () [File not signed] C:\Program Files\AVG\UiDll\2623\libcef.dll
    2014-10-23 14:19 - 2014-10-23 14:19 - 000057344 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1034.dll
    2010-09-28 15:33 - 2010-09-28 15:33 - 000299008 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    2011-05-24 23:47 - 2011-05-24 23:47 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000057344 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
    2011-04-21 16:40 - 2011-04-21 16:40 - 000080896 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000034816 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000042496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
    2009-04-22 12:13 - 2009-04-22 12:13 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
    2010-03-04 00:27 - 2010-03-04 00:27 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
    2010-10-07 13:07 - 2010-10-07 13:07 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000290816 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000167936 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
    2009-06-17 05:27 - 2009-06-17 05:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
    2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000025088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
    2011-05-24 23:51 - 2011-05-24 23:51 - 000240128 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
    2011-05-24 23:51 - 2011-05-24 23:51 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
    2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
    2011-05-24 23:51 - 2011-05-24 23:51 - 000033792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.shared.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll
    2011-05-24 23:51 - 2011-05-24 23:51 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
    2011-05-24 23:51 - 2011-05-24 23:51 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.shared.dll
    2009-12-08 06:49 - 2009-12-08 06:49 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
    2007-08-09 16:58 - 2007-08-09 16:58 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
    2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000043520 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
    2008-12-30 11:04 - 2008-12-30 11:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
    2009-04-22 12:13 - 2009-04-22 12:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
    2010-11-05 14:18 - 2010-11-05 14:18 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
    2009-01-20 13:51 - 2009-01-20 13:51 - 000007168 _____ ( ) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
    2011-05-24 23:17 - 2011-05-24 23:17 - 000036864 _____ (AMD) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.Implementation.dll
    2011-05-24 23:17 - 2011-05-24 23:17 - 000095232 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000259584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000192512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.es_Localization.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
    2011-05-24 23:51 - 2011-05-24 23:51 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000389120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 001200640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000421888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000168960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
    2011-03-14 14:21 - 2011-03-14 14:21 - 000016384 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000131072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000966656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
    2011-05-24 23:51 - 2011-05-24 23:51 - 000027648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
    2011-05-24 23:51 - 2011-05-24 23:51 - 002045440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
    2011-05-24 23:50 - 2011-05-24 23:50 - 000345600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
    2011-05-24 23:50 - 2011-05-24 23:50 - 000243712 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
    2011-05-24 23:51 - 2011-05-24 23:51 - 002452992 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Dashboard.dll
    2011-05-24 23:50 - 2011-05-24 23:50 - 000774144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000159744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
    2011-05-24 23:51 - 2011-05-24 23:51 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
    2011-05-24 23:50 - 2011-05-24 23:50 - 001259520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll
    2011-05-24 23:50 - 2011-05-24 23:50 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll
    2011-05-24 23:50 - 2011-05-24 23:50 - 000048128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll
    2011-05-24 23:50 - 2011-05-24 23:50 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
    2011-05-24 23:47 - 2011-05-24 23:47 - 000266240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
    2011-05-24 23:49 - 2011-05-24 23:49 - 000524288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
    2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:04 - 2015-07-09 20:35 - 000000921 _____ C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 genuine.microsoft.com
    127.0.0.1 mpa.one.microsoft.com
    127.0.0.1 sls.microsoft.com

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Calibre2\
    HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Control Panel\Desktop\\Wallpaper -> 
    DNS Servers: 192.168.43.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Web TuneUp\vprot.exe"
    MSCONFIG\startupreg: YouCam Service => "C:\Program Files\CyberLink\YouCam\YouCamService.exe" /s

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{FDAF9B63-4FDD-43B7-BBBF-779788513291}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
    FirewallRules: [{AA20C00E-33EA-4898-A72A-30285C9BF59E}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
    FirewallRules: [{61F73C36-DB7D-4A9B-B21A-E9FE63EA0804}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [TCP Query User{80D6B706-6E51-48E7-B347-309098822B14}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
    FirewallRules: [UDP Query User{7F123ABF-3988-4A8F-9288-FA18F81708A0}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
    FirewallRules: [TCP Query User{88948062-A078-42D2-A510-EA4A921FAB46}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
    FirewallRules: [UDP Query User{1DE4C843-5BB9-49D8-B65E-FB2B579FEDC3}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
    FirewallRules: [{8CBF76C9-52CC-4C55-8E15-371A480CA730}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
    FirewallRules: [{75FD1A2D-BBC0-471B-A3E9-C290C8A1EA91}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
    FirewallRules: [{F26B557D-6F53-47CB-8EDC-8C7B90336743}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
    FirewallRules: [{3D32AB55-F707-4D62-AD40-7E199C4455C8}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
    FirewallRules: [{FE540893-B05D-4E8A-868D-E29EBE56853A}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
    FirewallRules: [{AF4809AB-B82C-4AA4-A468-4854DC8F5513}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
    FirewallRules: [{E833186B-1F12-4692-9D27-5DCC5FFEBECB}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{EC62B2CC-1F93-4178-9A07-979F410C19E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{38FF9AD7-0042-4601-9B37-03F4B7D388A2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{75D11145-D199-4A44-A915-D0A39BC93928}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{CF935B67-F3E3-469A-BB47-D873C96A3C43}] => (Allow) LPort=1688
    FirewallRules: [{C95EDF60-3CA8-4990-8707-439EDDD6EBFE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

    ==================== Restore Points =========================

    18-02-2019 16:55:51 Punto de control programado
    20-02-2019 21:33:20 Installed iTunes
    28-02-2019 18:10:25 Punto de control programado
    07-03-2019 20:57:51 Punto de control programado
    15-03-2019 17:54:36 Punto de control programado
    27-03-2019 19:20:08 Punto de control programado
    16-04-2019 18:10:22 Punto de control programado

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (04/24/2019 05:07:13 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Error al generar el contexto de activación para "C:\Windows\System32\systemcpl.dll".
    No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0".
    Use sxstrace.exe para obtener un diagnóstico detallado.

    Error: (04/24/2019 04:21:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 6885385

    Error: (04/24/2019 04:21:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 6885385

    Error: (04/24/2019 04:21:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (04/24/2019 02:19:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

    Error: (04/23/2019 03:39:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

    Error: (04/23/2019 03:38:46 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: Service_KMS.exe, versión: 11.0.0.0, marca de tiempo: 0x52a8d15d
    Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
    Código de excepción: 0x00000000
    Desplazamiento de errores: 0x002a01a0
    Id. del proceso con errores: 0x91c
    Hora de inicio de la aplicación con errores: 0x01d4fa14814570a4
    Ruta de acceso de la aplicación con errores: C:\Program Files\KMSpico\Service_KMS.exe
    Ruta de acceso del módulo con errores: unknown
    Id. del informe: ca45478f-6607-11e9-9f4c-60d819ede91f

    Error: (04/23/2019 10:35:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


    System errors:
    =============
    Error: (04/24/2019 02:18:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
    cdrom

    Error: (04/24/2019 02:18:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio Service KMSELDI no pudo iniciarse debido al siguiente error: 
    El sistema no puede encontrar el archivo especificado.

    Error: (04/23/2019 06:20:00 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: El servidor {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} no se registró con DCOM dentro del tiempo de espera requerido.

    Error: (04/23/2019 03:38:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.

    Error: (04/23/2019 03:38:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
    cdrom

    Error: (04/23/2019 01:23:34 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: El servidor {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} no se registró con DCOM dentro del tiempo de espera requerido.

    Error: (04/23/2019 10:34:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.

    Error: (04/23/2019 10:33:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
    cdrom


    ==================== Memory info =========================== 

    BIOS: Insyde Corp. R0190Z7 09/09/2011
    Motherboard: Sony Corporation VAIO
    Processor: AMD E-450 APU with Radeon(tm) HD Graphics
    Percentage of memory in use: 89%
    Total physical RAM: 1642.9 MB
    Available physical RAM: 169.64 MB
    Total Virtual: 3285.8 MB
    Available Virtual: 888.47 MB

    ==================== Drives ================================

    Drive c: (Windows 7) (Fixed) (Total:112.99 GB) (Free:70.86 GB) NTFS
    Drive d: (Datos) (Fixed) (Total:352.67 GB) (Free:337.66 GB) NTFS
    Drive e: (Lexar) (Removable) (Total:7.45 GB) (Free:3.26 GB) FAT32
    Drive h: (HP v165g) (Removable) (Total:7.59 GB) (Free:5.1 GB) FAT32

    \\?\Volume{f745c7c4-269b-11e5-ac6a-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: BB27E94F)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=352.7 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 3 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
    Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)

    ========================================================
    Disk: 4 (MBR Code: Windows XP) (Size: 7.6 GB) (Disk ID: C3072E18)
    Partition 1: (Not Active) - (Size=7.6 GB) - (Type=0C)

    ==================== End of Addition.txt ============================
1 me gusta

Hola @Brayand_Chacaltana

Antes de enviarte el script de eliminación dime si tu reconoces estas entrada:

ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\tumblr_mdwp5vmzAe1rl4210o1.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\tumblr_mdwp5vmzAe1rl4210o1.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\VARIOS.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & explorer ".Trashes\VARIOS"`

Salu2

1 me gusta

Que tal @SanMar, acabo de revisar esta carpeta USB MORADO que se encuentra en mi escritorio, y ningún documento que se encuentra allí lo reconozco. Como dije, esta PC es del trabajo y al parecer esto era un backup de algun USB, sin embargo, acabo de ver que todos los archivos que se encuentran allí son accesos directos, y ningún documento tiene valor al día de hoy.

1 me gusta

Hola @Brayand_Chacaltana

Podría ser una infección por USB en tu equipo, prueba lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga UsbFix a tu escritorio :

  • Conecte todos sus dispositivos extraibles, USB/Pendrive\Micro SD, etc.(Si no los tienes omite este paso)
  • Ejecute USBFix.exe

  • Una vez conectados todos sus dispositivos presione en “Ejecutar análisis.”
  • Posteriormente seleccione “Full Análisis” y espere a que termine.
  • En caso de detectar amenazas, seleccione todo los elementos detectados y presione “Limpiar todo”
  • Si le pidiera reiniciar el sistema, Acepte .
  • Una vez que se reinicie el equipo, se abrirá el reporte de USBFix indicando lo detectado y lo eliminado.
  • Copie y pegue entero dicho reporte en su próxima respuesta (en caso de que no se abra, el reporte se guarda con el nombre de UsbFix_Report.txt en el Escritorio)

Una vez terminado el análisis, con todas las unidades conectadas, vuelva a ejecutar USBFix como Administrador, y vacune los mismos, siguiendo los pasos del Manual.

Nos traes ese reporte.

Salu2

1 me gusta

Buenas, dejo el reporte solicitado. Ya vacuné mis dispositivos.

# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Versión : 11.014
# Base de datos : 2019.03.26 
# Contacto : https://www.usb-antivirus.com/es/contacto
# ----------------------------------------------------
# Tipo de escaneo : Full
# Usuario : Dolly (Administrador)
# Dispositivo : MASTERVAIO
# Comenzó : 24/04/2019 20:08:38
# ----------------------------------------------------

------------ | Discos analizados |

C:\	NTFS	(71GB/113GB)	[Fixed] 
D:\	NTFS	(338GB/353GB)	[Fixed] 
E:\	FAT32	(3GB/7GB)	[Removable] 
H:\	FAT32	(5GB/8GB)	[Removable] 

------------ | Elemento(s) infectado(s) |

Restorado! H:\AntiUsbShortCut
Borrado! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|flaterem
Borrado! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|strdat
Borrado! C:\streamer\stream.txt
Borrado! C:\streamer\streamer.exe
Borrado! C:\streamer
Borrado! C:\streamerdata\ghghghf.zip
Borrado! C:\streamerdata\stream.txt
Borrado! C:\streamerdata\streamer.exe
Borrado! C:\streamerdata
Borrado! C:\Users\Dolly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\empezar.lnk
Borrado! C:\Users\Dolly\AppData\Roaming\yysvthdx\bceep
Borrado! C:\Users\Dolly\AppData\Roaming\yysvthdx\ewpnvf
Borrado! C:\Users\Dolly\AppData\Roaming\yysvthdx\gtkakqf.exe
Borrado! C:\Users\Dolly\AppData\Roaming\yysvthdx\gvswputf
Borrado! C:\Users\Dolly\AppData\Roaming\yysvthdx\jlcxteirg.exe
Borrado! C:\Users\Dolly\AppData\Roaming\yysvthdx\vtbwe
Borrado! C:\Users\Dolly\AppData\Roaming\yysvthdx\xojrjka
Borrado! C:\Users\Dolly\AppData\Roaming\yysvthdx
Borrado! C:\Windows\System32\wscript.exe
Borrado! H:\AntiUsbShortCut\AntiShortCut.lnk
Borrado! H:\AntiUsbShortCut\AntiUsb.exe
Borrado! H:\AntiUsbShortCut\AntiUsbShortCut.lnk
No suprimido ! H:\AntiUsbShortCut\AutoIt3.exe

------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
04 - HKCU\..\Run : [radsuperloaver] C:\streamerdata\streamer.exe  /AutoIt3ExecuteScript  "C:\streamerdata\ghghghf.zip"
04 - HKLM\..\Run : [AVG_UI] "C:\Program Files\AVG\AVG2015\avuirunnerx.exe" C:\Program Files\AVG\AVG2015\avgui.exe
04 - HKLM\..\Run : [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
04 - HKLM\..\Run : [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
04 - HKLM\..\Run : [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
04 - HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\..\Run : [radsuperloaver] C:\streamerdata\streamer.exe  /AutoIt3ExecuteScript  "C:\streamerdata\ghghghf.zip"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

------------ | Tasks |

Task - AutoPico Daily Restart --> "C:\Program Files\KMSpico\AutoPico.exe" /silent
Task - AVG EUpdate Task --> avgsetupx.exe /eu
Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Task - GoogleUpdateTaskMachineCore --> C:\Program Files\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

------------ | C:\ %SystemDrive% - Disco fijo (NTFS) |

[09/07/2015 - 23:47:46 | A | 11 Ko] - WPI_Log.txt
[10/06/2009 - 16:42:20 | A | 0 Ko] - config.sys
[24/04/2019 - 14:18:24 | ASH | 1682332 Ko] - pagefile.sys
[24/04/2019 - 14:18:24 | ASH | 1261748 Ko] - hiberfil.sys
[01/05/2009 - 22:56:12 | A | 114 Ko] - USB Show.exe
[09/07/2015 - 22:55:08 | SHD] - $Recycle.Bin
[10/06/2009 - 16:42:20 | A | 0 Ko] - autoexec.bat
[13/07/2009 - 21:37:05 | D] - PerfLogs
[09/07/2015 - 19:52:12 | SHD] - Recovery
[09/07/2015 - 21:08:32 | HD] - $AVG
[09/07/2015 - 22:04:15 | RHD] - MSOCache
[09/07/2015 - 23:46:22 | RD] - Users
[31/12/2018 - 15:23:25 | D] - Recovered data 12-31 15_23_25
[19/03/2019 - 17:30:40 | D] - Recovered data 03-19 17_30_40
[22/04/2019 - 19:18:37 | D] - AdwCleaner
[22/04/2019 - 20:02:00 | HD] - ProgramData
[24/04/2019 - 17:11:35 | D] - Windows
[24/04/2019 - 17:16:52 | D] - FRST
[24/04/2019 - 20:06:08 | RD] - Program Files

------------ | D:\ - Disco fijo (NTFS) |

[19/05/2014 - 21:55:57 | A | 10192 Ko] - Outlook.com.zip
[25/05/2014 - 21:48:07 | A | 5353 Ko] - Outlook.com(1).zip
[25/05/2014 - 21:58:23 | A | 10192 Ko] - Outlook.com(2).zip
[12/05/2014 - 22:55:58 | A | 18 Ko] - mazzeti lista.xlsx
[13/05/2014 - 13:32:45 | A | 10 Ko] - Libro1.xlsx
[14/05/2014 - 13:54:52 | A | 9 Ko] - ojojj.xlsx
[18/05/2018 - 17:25:24 | A | 74 Ko] - Alda Internamiento 2018.xlsx
[25/04/2018 - 12:04:39 | A | 182 Ko] - Internamiento 2018.xls
[19/05/2014 - 21:53:05 | A | 529 Ko] - Módulo IX. Mario Amoretti. Prisión preventiva.ppt
[19/05/2014 - 21:53:26 | A | 1092 Ko] - Módulo X y XI. José Neyra Sistema de recursos.ppt
[19/05/2014 - 21:53:38 | A | 9404 Ko] - José Neyra. casaciones 2010- 2013.ppt
[08/05/2014 - 21:37:27 | A | 818 Ko] - 00791-2014-AA Aclaracion.pdf
[12/05/2014 - 21:09:01 | A | 79 Ko] - INVITACIÓN CEC MES DE MAYO.pdf
[13/05/2014 - 21:19:06 | A | 834 Ko] - seriec_271_esp.pdf
[19/05/2014 - 23:16:34 | A | 6995 Ko] - Foucault%20-%20La%20arqueolog%EDa%20del%20saber.pdf
[19/05/2014 - 23:19:55 | A | 5255 Ko] - VariaJCarro.pdf
[21/05/2014 - 23:40:54 | A | 19292 Ko] - derecho_penal_-_parte_general_-_claus_roxin.pdf
[21/05/2014 - 23:41:36 | A | 19292 Ko] - derecho_penal_-_parte_general_-_claus_roxin(1).pdf
[25/05/2014 - 22:10:43 | A | 147002 Ko] - Bacigalupo DP economico 2005.pdf
[25/05/2014 - 22:47:40 | A | 108 Ko] - 02445-2011-AA.pdf
[26/05/2014 - 23:54:07 | A | 19292 Ko] - derecho_penal_-_parte_general_-_claus_roxin(2).pdf
[13/06/2016 - 10:46:21 | A | 0 Ko] - Windows 7 (C) - Acceso directo.lnk --> C:\
[07/12/2016 - 11:08:10 | A | 1 Ko] - FOTOS - Acceso directo.lnk --> D:\FOTOS
[28/10/2013 - 18:30:17 | A | 283 Ko] - PORTADA.jpg
[15/05/2014 - 23:13:41 | A | 185 Ko] - fixtures-mundial-brasil-2014-full-color-x-1000-unidades-10352-MLA20028429499_012014-F.jpg
[15/05/2014 - 23:18:59 | A | 599 Ko] - Fixture-Brasil-2014.jpg
[22/04/2013 - 14:34:24 | A | 116728 Ko] - 710_b042_multilanguage.exe
[09/04/2013 - 12:09:44 | A | 57 Ko] - bris.docx
[25/04/2013 - 11:19:03 | A | 13 Ko] - ACTA FISCAL.docx
[19/08/2013 - 07:43:30 | A | 39 Ko] - ARCHIVO CASO 2578-13, HURTO AGRAVADO.docx
[23/09/2013 - 10:39:23 | A | 49 Ko] - PROVIDENCIA 3405- HOMICIDIO, INFORME DE NECROPCIA..docx
[01/10/2013 - 10:41:16 | A | 14 Ko] - CASO. 2603-13 PROVIDENCIA.docx
[01/10/2013 - 10:43:48 | A | 14 Ko] - CASO. 2603-13 PROVIDENCIA REPROGRAMACIÒN.docx
[01/10/2013 - 11:10:33 | A | 52 Ko] - caso 1732- archivo, descargar, lesiones cuposas.docx
[15/10/2013 - 17:45:04 | A | 22 Ko] - elementos de conviccion.docx
[21/11/2013 - 15:00:06 | A | 23 Ko] - ALMONTE.docx
[27/01/2014 - 14:04:33 | A | 99 Ko] - 2140.docx
[12/02/2014 - 14:47:05 | A | 96 Ko] - oficio a coordinación, remite carpeta.docx
[07/03/2014 - 01:11:29 | A | 50 Ko] - alegato inicial.docx
[07/03/2014 - 16:28:20 | A | 52 Ko] - alegato inicial 7 de marzo.docx
[14/03/2014 - 17:34:51 | A | 138 Ko] - CASO 4658-13. ARCHIVO DE HURTO..docx
[14/03/2014 - 17:35:02 | A | 137 Ko] - CASO 5386-13- ARCHI DE HURTO, .,...docx
[14/04/2014 - 13:24:14 | A | 151 Ko] - 911 HURTO AGRABADO.docx
[14/04/2014 - 14:16:24 | A | 149 Ko] - falta 911.docx
[16/04/2014 - 13:16:25 | A | 143 Ko] - bere fata 144+.docx
[16/04/2014 - 13:16:33 | A | 137 Ko] - hhhh.docx
[29/04/2014 - 10:59:05 | A | 139 Ko] - REG.docx
[29/04/2014 - 13:39:27 | A | 145 Ko] - j.docx
[13/05/2014 - 13:32:55 | A | 37 Ko] - En relacion al pago recibido por los miembros administrativos de UNIPATREM  y otros efectivos policiales por razón de control entre los mese de Agosto a Diciembre del 2010.docx
[13/05/2014 - 13:33:00 | A | 35 Ko] - Durante el año 2010 el comandante Domingo Zuñiga Rivera.docx
[16/05/2014 - 13:57:32 | A | 134 Ko] - A folios 15 y ss obra la Directiva Nº 033.docx
[20/05/2014 - 13:16:53 | A | 149 Ko] - 7.docx
[25/05/2014 - 23:22:11 | A | 134 Ko] - A folios 15 y ss obra la Directiva Nº 031.docx
[03/06/2014 - 14:53:58 | A | 107 Ko] - Tercera Fiscalía Provincial Penal Corporativa.docx
[17/06/2014 - 12:32:22 | A | 122 Ko] - acusacion butron chuctaya.docx
[23/06/2014 - 14:07:19 | A | 473 Ko] - MACETI VAMOS finallllll afin.docx
[24/06/2014 - 12:38:00 | A | 56 Ko] - ROBO ACH. 1665.docx
[25/06/2014 - 10:45:29 | A | 129 Ko] - archivo 3862-2013.docx
[25/06/2014 - 14:21:47 | A | 39 Ko] - ELEMENTOS DE CONVICCIO 1439-2013.docx
[27/06/2014 - 14:43:32 | A | 117 Ko] - sobreseimiento 1439-2013.docx
[14/07/2014 - 11:01:34 | A | 58 Ko] - ARCHIVO HURTO AGRAVADO 503-2013-5457 con reserva.docx
[21/08/2014 - 09:41:52 | A | 57 Ko] - ARCHIVO 3417-2014 (lesiones).docx
[21/08/2014 - 09:49:36 | A | 57 Ko] - ARCHIVO  3251-2014 (secuestro).docx
[21/08/2014 - 09:51:33 | A | 133 Ko] - ARCHIVO 2654-2014 (secuestro).docx
[21/10/2014 - 09:01:41 | A | 15 Ko] - GONZALO MANUEL JAUREGUI MEZA.docx
[21/10/2014 - 09:02:49 | A | 72 Ko] - A folios 15 y smazeti.docx
[30/10/2014 - 10:52:56 | A | 71 Ko] - providencia de reprogramación del agraviado BAZAN nueva fecha.docx
[13/01/2015 - 11:21:59 | A | 144 Ko] - archivo hurto 3998-2014.docx
[15/01/2015 - 12:55:22 | A | 149 Ko] - FORMALIZACION Almonte ultimo 2.docx
[22/01/2015 - 10:57:47 | A | 148 Ko] - REQUERIMIENTO MIXTO CCORA PAMPA.docx
[25/02/2015 - 13:20:46 | A | 132 Ko] - Citacion para principio de oportunidad.docx
[01/04/2016 - 11:56:23 | A | 54 Ko] - hurtooo intrumentos.docx
[13/10/2016 - 10:44:58 | A | 75 Ko] - FORMALIZACION3918-2015-0.docx
[02/01/2017 - 11:02:45 | AH | 0 Ko] - ~$SO. 2603-13 PROVIDENCIA REPROGRAMACIÒN.docx
[01/03/2013 - 11:14:48 | A | 84 Ko] - acusacion directa peligro comun 2012-4309 corregido.doc
[21/03/2013 - 13:05:36 | A | 42 Ko] - caballero velazco.doc
[21/03/2013 - 13:06:01 | A | 58 Ko] - martinez lipe junior alonzo (archivo)............doc
[21/03/2013 - 13:06:31 | A | 137 Ko] - Apertura dias velarde roberto henry.doc
[25/03/2013 - 13:15:54 | A | 51 Ko] - DIAZ VELARDE ROBERTO HENRY (POR korregir ).doc
[03/04/2013 - 10:53:15 | A | 83 Ko] - ESTAFA 11.doc
[04/04/2013 - 09:37:33 | A | 83 Ko] - BRIS.doc
[19/04/2013 - 10:31:35 | A | 198 Ko] - 1625.doc
[19/04/2013 - 10:39:05 | A | 199 Ko] - 1626.doc
[19/04/2013 - 10:41:26 | A | 200 Ko] - 1627.doc
[19/04/2013 - 10:44:51 | A | 201 Ko] - 1649-2013.doc
[19/04/2013 - 10:47:43 | A | 198 Ko] - 1627-2013(b).doc
[24/04/2013 - 09:24:40 | A | 79 Ko] - BRISSSSSSSSS.doc
[24/04/2013 - 09:25:02 | A | 50 Ko] - APERTURA (HOMICIDIO).doc
[25/04/2013 - 11:41:43 | A | 67 Ko] - DESAPARECIDAAAAAAAAAAAAAA.doc
[19/08/2013 - 12:41:39 | A | 107 Ko] - 503-2012-5307(ACUSACIÓN DIRECTA Pelcom).doc
[20/08/2013 - 21:57:51 | A | 111 Ko] - acusacionnnnnnnnnnnnnnnnnn.doc
[22/08/2013 - 00:43:46 | A | 84 Ko] - archivo, caso 2154, hurto agravado.doc
[04/09/2013 - 22:29:12 | A | 105 Ko] - FORMALIZACIÓN-TUBOS.doc
[19/09/2013 - 05:43:49 | A | 67 Ko] - CASO 3399-13  APERTURA DE HUTO AGRAVADO, SEDE PNP. (Autoguardado).doc
[04/10/2013 - 07:11:03 | A | 287 Ko] - FORMA.. TUBOS.doc
[16/10/2013 - 02:59:38 | A | 151 Ko] - acusacion.doc
[29/11/2013 - 09:03:56 | A | 23 Ko] - ESCANER - DISPOSICIÓN I.doc
[11/12/2013 - 13:53:03 | A | 224 Ko] - ARCHIVO - PERIFONEO.doc
[06/02/2014 - 11:11:32 | A | 336 Ko] - archivo almonte.doc
[12/03/2014 - 21:30:00 | A | 26 Ko] - DISPOS_01-2014- MODELO LESIONES - APERTURA.doc
[12/03/2014 - 22:50:38 | A | 90 Ko] - terminación anticipada, acta. Conducción en estado de ebriedad..doc
[14/03/2014 - 14:10:34 | A | 214 Ko] - ARCHIVO DE HURTO AGRAVADO 503-2013-5379-0 CORREGIDO.doc
[14/03/2014 - 17:35:11 | A | 214 Ko] - ARCHIVO DE HURTO AGRAVADO 503-2013-4748-0.doc
[29/04/2014 - 13:39:13 | A | 213 Ko] - corregidooooooo casi 2154- hurto agrabadoo.doc
[07/05/2014 - 13:41:58 | A | 681 Ko] - mazzeti trabajado por mi.doc
[13/05/2014 - 12:59:20 | A | 748 Ko] - mazzeti trabajado por mi modificado.doc
[03/06/2014 - 09:46:28 | A | 117 Ko] - Oficios 3144.doc
[17/06/2014 - 11:10:58 | A | 1151 Ko] - MACETI VAMOS finallllll afin corregido.doc
[21/10/2014 - 09:01:25 | A | 1149 Ko] - MACETI VAMOS finallllll afin corregido-1.doc
[30/10/2014 - 10:23:38 | A | 157 Ko] - ACUSACIÓN -Lesiones culposas 930-2013.doc
[13/01/2015 - 12:57:41 | A | 221 Ko] - prorroga 4756-2014.doc
[04/04/2019 - 10:19:36 | SHD] - $RECYCLE.BIN
[04/04/2019 - 10:19:48 | D] - ULTIKMOS 16.19.13
[05/04/2019 - 17:25:09 | D] - DR. JORGE LUIS SALAS ARENAS
[04/04/2019 - 10:19:38 | D] - Alda
[04/04/2019 - 10:19:38 | D] - ALONSO
[04/04/2019 - 10:19:38 | D] - AMAG
[04/04/2019 - 10:19:38 | D] - ANITA
[04/04/2019 - 10:19:39 | D] - ARCHVOOO SALE
[04/04/2019 - 10:19:39 | D] - Audios Hinojosa Requena
[04/04/2019 - 10:19:40 | D] - BlackBerry
[04/04/2019 - 10:19:40 | D] - Brayand
[04/04/2019 - 10:19:40 | D] - c
[04/04/2019 - 10:19:40 | D] - carpeta
[04/04/2019 - 10:19:41 | D] - CGPJ ESPAÑA
[04/04/2019 - 10:19:41 | D] - claudia secigra
[04/04/2019 - 10:19:41 | D] - DARLENY BER
[04/04/2019 - 10:19:42 | D] - DPC
[04/04/2019 - 10:19:42 | D] - EDWIN
[04/04/2019 - 10:19:43 | D] - Evelyn
[04/04/2019 - 10:19:43 | D] - Fiorella
[04/04/2019 - 10:19:44 | D] - FOTOS
[04/04/2019 - 10:19:44 | D] - Frank
[04/04/2019 - 10:19:45 | D] - FRESIA
[04/04/2019 - 10:19:45 | D] - internamiento abril 2018
[04/04/2019 - 10:19:46 | D] - LUIS FAJARDO
[04/04/2019 - 10:19:46 | D] - MARCO
[04/04/2019 - 10:19:47 | D] - omar
[04/04/2019 - 10:19:49 | D] - Users
[04/04/2019 - 10:19:49 | D] - variossss- 1
[04/04/2019 - 10:19:49 | D] - Willy
[15/04/2019 - 20:31:08 | D] - KAREN 1

------------ | E:\ - Disco extraíble (FAT32) |

[12/01/2017 - 11:00:20 | D] - .Trashes
[13/06/2017 - 12:04:08 | A | 2743 Ko] - doc01734320170613120332.pdf
[13/06/2017 - 12:04:16 | A | 1842 Ko] - doc01734420170613120346.pdf
[13/06/2017 - 12:06:14 | A | 2747 Ko] - FOTOGRAFIAS PAGINAS 14 - 18.pdf
[13/06/2017 - 12:07:00 | A | 1845 Ko] - FOTOGRAFIAS PAG. 171 A 173.pdf
[23/11/2017 - 10:48:10 | A | 514 Ko] - 503-2015-5365-0 (TENTATIVA DE HURTO).pdf
[28/10/2018 - 13:46:14 | A | 101 Ko] - antecedentes Dra Viviana.pdf
[28/10/2018 - 13:50:20 | A | 101 Ko] - antecedentes Tovar.pdf
[22/01/2019 - 12:18:06 | A | 27 Ko] - SKM_558e19012212170.pdf
[22/01/2019 - 12:26:00 | A | 28 Ko] - SKM_558e19012212250.pdf
[31/01/2019 - 11:49:58 | A | 28 Ko] - SKM_558e19013111490.pdf
[31/01/2019 - 11:52:56 | A | 154 Ko] - SKM_558e19013111520.pdf
[31/01/2019 - 11:53:30 | A | 165 Ko] - SKM_558e19013111530.pdf
[31/01/2019 - 11:54:16 | A | 81 Ko] - SKM_558e19013111540.pdf
[31/01/2019 - 11:54:44 | A | 51 Ko] - SKM_558e19013111541.pdf
[31/01/2019 - 11:55:20 | A | 77 Ko] - SKM_558e19013111550.pdf
[31/01/2019 - 11:56:06 | A | 77 Ko] - SKM_558e19013111551.pdf
[31/01/2019 - 11:56:36 | A | 42 Ko] - SKM_558e19013111560.pdf
[31/01/2019 - 13:24:36 | A | 188 Ko] - SKM_558e19013113240.pdf
[31/01/2019 - 13:25:06 | A | 103 Ko] - SKM_558e19013113250.pdf
[31/01/2019 - 13:25:36 | A | 90 Ko] - SKM_558e19013113251.pdf
[12/03/2019 - 19:08:08 | A | 59 Ko] - tarjetaEmbarque.pdf
[22/03/2019 - 12:57:48 | A | 217 Ko] - gonzalez - Wendy.pdf
[22/03/2019 - 13:09:48 | A | 205 Ko] - 100-unlocked.pdf
[20/09/2017 - 10:15:16 | A | 25 Ko] - exhorto..odt
[28/09/2017 - 16:10:42 | A | 207279 Ko] - 24-08-2017.mp3
[21/12/2017 - 16:10:20 | A | 20246 Ko] - 21-12-2017Pista 600603A.mp3
[30/03/2016 - 11:34:44 | A | 60 Ko] - N°503-2015-5842-0 (hurto agravado) SEDE POLICIAL.docx
[18/09/2017 - 18:59:42 | A | 19 Ko] - ELEMENTOS DEL CONVICCION QUE SUSTENTAN EL REQUERIMIENTO mazetti.docx
[18/09/2017 - 19:00:02 | A | 14 Ko] - domicilios caso mazetti.docx
[20/09/2017 - 10:16:20 | A | 13 Ko] - exhorto.docx
[20/09/2017 - 14:17:14 | A | 47 Ko] - EXHORTO ANDAHUAYLAS.docx
[21/09/2017 - 11:28:08 | A | 72 Ko] - disposición de ANDAHUAYLAS.OKEY.docx
[21/09/2017 - 13:04:00 | A | 72 Ko] - disposición de ANDAHUAYLAS..docx
[30/09/2017 - 13:46:14 | A | 17 Ko] - Declaración de Torres Espejo.docx
[07/10/2017 - 15:47:46 | A | 77 Ko] - 503-2016-5518 APROPIACIÓN ILÍCITA Y FALSIFICACIÓN DE DOCUMENTOS (formalización).docx
[10/10/2017 - 15:19:26 | A | 70 Ko] - 503-2016-3291 TENTATIVA DE HOMICIDIO (Formalización).docx
[24/10/2017 - 18:46:36 | A | 58 Ko] - 503-2016-4381-0 (LESIONES).docx
[14/11/2017 - 15:16:48 | A | 66 Ko] - 503-2017-2534 ABUSO DE AUTORIDAD Y OMISION Y RETARDO DE FUNCIONES (apertura).docx
[20/11/2017 - 10:55:50 | A | 51 Ko] - DECLARACION VERA SIBANA HIPOLITO.docx
[20/11/2017 - 18:50:06 | A | 63 Ko] - archivo hurto usurpación y daños, FERIA LA MARINA.docx
[20/11/2017 - 21:49:18 | A | 60 Ko] - 503-2017-1495 FRAUDE PROCESAL FALSEDAD IDEOLOGICA (archivo).docx
[22/11/2017 - 13:44:16 | A | 70 Ko] - archivo hurto usurpación y daños, FERIA LA MARINA OKEY.docx
[22/11/2017 - 15:03:18 | A | 70 Ko] - archivo hurto usurpación y daños, FERIA LA MARINA OKEY okey.docx
[23/11/2017 - 10:47:44 | A | 76 Ko] - 503-2015-5365-0 (TENTATIVA DE HURTO).docx
[27/11/2017 - 16:00:30 | A | 23 Ko] - oficio a medicina legal PERFIL PSICOSEXUAL-pedofilia.docx
[30/11/2017 - 16:31:08 | A | 52 Ko] - DECLARACIÓN DE Elias Lucio Huamani Chuquirimay.docx
[30/11/2017 - 18:04:04 | A | 51 Ko] - declaración de Jorge Luis Huamanchumo Magan.docx
[04/12/2017 - 16:31:54 | A | 75 Ko] - 503-2016-2107 FALSIFICACION DE DOCUMENTOS (Sobreseimiento).docx
[05/12/2017 - 09:55:22 | A | 66 Ko] - CONVOCA A ACUERDO 503-2017-5880 - HOMICIDIO CULPOSO.docx
[06/12/2017 - 10:30:46 | A | 54 Ko] - CARPETA N.docx
[06/12/2017 - 13:26:02 | A | 58 Ko] - CONVOCA ACUERDO REPARATORIO LESIONES LEVES PELAYO BUSTINZA QUISPE..docx
[06/12/2017 - 13:26:06 | A | 57 Ko] - archivo hurto empleada del hogar.docx
[06/12/2017 - 17:31:14 | A | 57 Ko] - {.docx
[07/12/2017 - 12:27:26 | A | 51 Ko] - acta de deslacrado DESOBEDIENCIA A LA AUTORIDAD.docx
[07/12/2017 - 13:00:48 | A | 32 Ko] - CONSTANCIA DE INASISTENCIA.docx
[12/12/2017 - 16:16:58 | A | 62 Ko] - REQUERIMIENTO DE SOBRESEIMIENTO BENEFICENCIA PUBLICA.docx
[12/12/2017 - 19:04:26 | A | 68 Ko] - REQUERIMIENTO DE SOBRESEIMIENTO BENEFICENCIA PUBLICA okey.docx
[13/12/2017 - 10:02:20 | A | 13 Ko] - nombramiento de perito.docx
[13/12/2017 - 14:14:46 | A | 55 Ko] - ARCHIVO HURTO NINEL NAVARRO GUTIERREZ.docx
[14/12/2017 - 13:40:32 | A | 49 Ko] - formalización lesiones de VIOLENCIA FAMILIAR ANA MARIA HUAMANI HUAMANI.docx
[14/12/2017 - 13:42:48 | A | 56 Ko] - ARCHIVO HURTO NINEL NAVARRO GUTIERREZ okey.docx
[15/12/2017 - 11:24:50 | A | 44 Ko] - APERTURA  hurto agravado LUCILA TTITO APAZA..docx
[15/12/2017 - 13:45:14 | A | 46 Ko] - APERTURA ROBO AGRAVADO ZULEIMA DEL PILAR SALAS QUISPE.docx
[28/12/2017 - 11:44:12 | A | 29 Ko] - PROVIDENCIA de reprogramacion.docx
[05/01/2018 - 12:27:32 | A | 63 Ko] - 7144-2017 tienda ripley (archivo).docx
[17/01/2018 - 08:53:12 | A | 15 Ko] - DOCUMENTOS DE QUEJA FARAH.docx
[17/01/2018 - 12:09:52 | A | 48 Ko] - prorroga MANUEL SIGIFRIDO ACO LINARES..docx
[19/01/2018 - 10:27:52 | A | 84 Ko] - OFICIOS 2018.docx
[19/01/2018 - 11:54:44 | A | 66 Ko] - 5263-2017 hurto casa archivo.docx
[23/01/2018 - 14:05:34 | A | 48 Ko] - archivo hurto agravado LUCILA TTITO APAZA. okey OKEY.docx
[23/01/2018 - 14:28:20 | A | 47 Ko] - archivo hurto agravado LUCILA TTITO APAZA. okey.docx
[23/01/2018 - 14:48:48 | A | 67 Ko] - 503-2017-2399 (ROBO NO AUTOR DESTINO FINAL).docx
[23/01/2018 - 18:55:50 | A | 32 Ko] - CONSTANCIA DE INASISTENCIA lucila ttito apaza.docx
[23/01/2018 - 18:55:56 | A | 51 Ko] - acta de deslacrado, acta de visualización y acta de lacrado hurto LUCILA TITTO APAZA..docx
[25/01/2018 - 11:17:06 | A | 55 Ko] - archivo hurto PROYECTOS A LA GERENCIA REGIONAL DE AREQUIPA. OKEY.docx
[25/01/2018 - 13:17:08 | A | 54 Ko] - formalización VIOLACION SEXUAL A MENOR Diego Armando Figueroa Cabana.docx
[26/01/2018 - 14:23:32 | A | 66 Ko] - acusación de receptación ALBERTO RUSSELL GARCIA..docx
[29/01/2018 - 11:51:08 | A | 54 Ko] - disposicion de formalización VIOLACION SEXUAL A MENOR Diego Armando Figueroa Cabana okey.docx
[29/01/2018 - 11:52:08 | A | 47 Ko] - disposición de formalización lesiones de VIOLENCIA FAMILIAR ANA MARIA HUAMANI  HUAMANI OKEY. okey.docx
[29/01/2018 - 13:38:28 | A | 56 Ko] - acta de deslacrado, acta de visualización y acta de lacrado Sra .Galdos..docx
[30/01/2018 - 17:53:22 | A | 63 Ko] - acusación de receptación ALBERTO RUSSELL GARCIA. okey.docx
[31/01/2018 - 12:35:40 | A | 55 Ko] - apetura receptación MARCO ANTONIO MANCHEGO  CCALA. okey.docx
[01/02/2018 - 15:37:38 | A | 84 Ko] - 503-2016-7028 ABUSO DE AUTORIDAD (caso Montufar - Archivo).docx
[07/02/2018 - 11:02:56 | A | 68 Ko] - archivo falsificación de documentos 1767-503-2017.docx
[07/02/2018 - 12:21:32 | A | 43 Ko] - archivo ABUSO DE AUTORIDAD policias de transito. okey.docx
[07/02/2018 - 13:19:04 | A | 10 Ko] - AUTORIZACIÓN.docx
[12/02/2018 - 17:57:00 | A | 66 Ko] - 3826-2017 hurto agravado llantas acrhivo.docx
[16/02/2018 - 10:35:52 | A | 33 Ko] - CONSTANCIA DE INASISTENCIA Florencia Ttito Ibarra..docx
[16/02/2018 - 11:38:24 | A | 51 Ko] - declaración FLORENCIA TTITO IBARRA.docx
[19/02/2018 - 10:03:58 | A | 42 Ko] - archivo ABUSO DE AUTORIDAD policias de transito.docx POLICIAS.docx
[19/02/2018 - 13:33:36 | A | 48 Ko] - declaración ANGELICA EULALIA GONZALES PACHECO..docx
[19/02/2018 - 14:07:30 | A | 19 Ko] - ACTA DE INFORMACIÓN DE DERECHOS Y DEBERES  DEL IMPUTADO.docx ANGELICA.docx
[22/02/2018 - 10:07:18 | A | 18 Ko] - provisional.docx
[26/02/2018 - 11:19:58 | A | 51 Ko] - declaración de GLORIA MATTOS VINCES.docx
[26/02/2018 - 13:08:02 | A | 18 Ko] - disposicion de RESERVA PROVISIONAL SEAL Y LOS TIGRES- ESCORPIONES.docx
[27/02/2018 - 10:18:12 | A | 50 Ko] - declaración de NILTON ROGER AGUILAR PUMA.docx
[27/02/2018 - 12:13:00 | A | 48 Ko] - oficio LOS TIGRES ESCOPION Y SEAL.docx
[27/02/2018 - 13:02:56 | A | 53 Ko] - declaración de NELLY QUISPE ZAPANA.docx
[27/02/2018 - 15:15:24 | A | 59 Ko] - disposicion de RESERVA PROVISIONAL SEAL Y LOS TIGRES- ESCORPIONES.docx     OKEY.docx
[27/02/2018 - 15:15:32 | A | 50 Ko] - DISPOSICION DE PRORROGA TIGRES Y ESCORPION..docx
[02/03/2018 - 12:53:36 | A | 18 Ko] - RESERVA PROVISIONAL ANGELA LUZ DÁVILA CÁRDENAS..docx
[02/03/2018 - 18:51:56 | A | 30 Ko] - prision preventiva erickcito.docx
[03/03/2018 - 13:41:10 | A | 62 Ko] - Disposicion bajo del superior FERIA LA MARINA ANA GIOVANA HUARACA PERALES..docx
[03/03/2018 - 13:59:34 | A | 34 Ko] - disposición de acumulación ACTOS CONTRA EL PUDOR JUAN PABLO TAIPE MACHACA..docx
[03/03/2018 - 15:58:58 | A | 56 Ko] - disposicion de formalización VIOLACION SEXUAL A MENOR JUAN PABLO TAIPE MACHACA.  okey.docx
[05/03/2018 - 10:47:36 | A | 46 Ko] - APERTURA  hurto agravado ACHAHUI MAMANI, ISIDRO GONZALO.docx
[08/03/2018 - 08:57:06 | A | 52 Ko] - 7105-2017 (2)  ARCHIVO hurto GALLEGOS ARENAS JORDAN JAVIER.docx
[13/03/2018 - 09:30:04 | A | 69 Ko] - ACUSACIÓN  apropiación ilicita Fabricio Dávila Márquez. okey.docx
[13/03/2018 - 12:37:36 | A | 59 Ko] - ARCHIVO BILLETE DE CINCUENTA SOLES..OK.docx
[14/03/2018 - 13:41:16 | A | 57 Ko] - disposicion de reprogramación SAMUEL CCORIMANYA CCASA..docx OKEY.docx
[19/03/2018 - 13:04:28 | A | 51 Ko] - formalización ROBO AGRAVADO BRIAN PALMA GAMA..okey.docx
[20/03/2018 - 11:33:18 | A | 59 Ko] - ARCHIVO BILLETE DE CINCUENTA SOLES..OK.corregido.docx
[20/03/2018 - 13:03:06 | A | 57 Ko] - disposicion de reprogramación SAMUEL CCORIMANYA CCASA..docx OKEY. corrregida la fecha.docx
[06/04/2018 - 13:14:58 | A | 35 Ko] - escrito anexando el ACTA DE ACUERDO PROVISIONAL SEAL.docx
[06/04/2018 - 13:58:44 | A | 32 Ko] - CONSTANCIA DE INASISTENCIA HURTO Milagros Ana Lucia Ruiz Dulanto..docx
[09/04/2018 - 14:16:54 | A | 51 Ko] - acta de deslacrado, visualización y lacrado HURTO MILAGROS ANA MARIA RUIZ DULANTE tiendas RIPLEY..docx
[17/04/2018 - 12:56:24 | A | 51 Ko] - acta de deslacrado, visulización y lacrado ACCIDENTE DE TRANSITO QUISPE CUTIPA EDGAR.docx
[17/04/2018 - 13:36:20 | A | 51 Ko] - acta de deslacrado, visulización y lacrado ACCIDENTE DE TRANSITO QUISPE CUTIPA EDGAR. corregido.docx
[17/04/2018 - 16:43:20 | A | 52 Ko] - disposicion de PRORROGA de la clinica AIESTHETIC.docx
[18/04/2018 - 14:10:06 | A | 49 Ko] - disposición de prorroga AYDEE CACYA PEREZ.docx
[19/04/2018 - 09:50:30 | A | 73 Ko] - ARCHIVO 503-2016-6728-HURTO AGRAVADO - NO AUTOR.docx
[19/04/2018 - 12:25:40 | A | 54 Ko] - declaración de TANIA DEL ROSARIO ROJAS GOMEZ . COLEGIO DE PSICOLOGOS.docx
[19/04/2018 - 12:33:30 | A | 50 Ko] - disposicióRn de prorroga AYDEE CACYA PEREZ.docx okey.docx
[19/04/2018 - 13:34:56 | A | 59 Ko] - archivo robo agravado y daños ROBERTO ELOY MAMANI ALEMAN.docx okey.docx
[19/04/2018 - 13:39:26 | A | 60 Ko] - archivo robo agravado y daños ROBERTO ELOY MAMANI ALEMAN.docx okey.docx CORREGIDO.docx
[19/04/2018 - 15:11:24 | A | 61 Ko] - archivo robo agravado y daños ROBERTO ELOY MAMANI ALEMAN.docx okey.docx CORREGIDO.docx SUPER CORREGIDO.docx
[23/04/2018 - 10:59:38 | A | 53 Ko] - declaración ROSMERY GRACIELA MACEDO VALDEZ.docx
[23/04/2018 - 12:03:44 | A | 51 Ko] - declaración de OLGA HAYDEE LEYTON CERNA.docx
[23/04/2018 - 12:31:02 | A | 51 Ko] - declaración de JACKELINE SALINAS VILCA.docx
[23/04/2018 - 18:07:00 | A | 51 Ko] - declaración JOHANA KATHERINE QUISPE VALDIVIA.docx
[25/04/2018 - 12:01:30 | A | 34 Ko] - oficio a DEPOSITO MUNICIPAL..docx
[25/04/2018 - 13:09:32 | A | 51 Ko] - declaración de ALBERTO NARVAEZ VIZCARRA.docx
[25/04/2018 - 14:59:36 | A | 63 Ko] - apertura de hurto 503-2017-6637 TRES PISQUEROS SAC.docx
[28/04/2018 - 22:15:34 | A | 70 Ko] - ULTIMA RATIO.docx
[07/05/2018 - 12:19:44 | A | 58 Ko] - 3060-2017 archivo de hurto por excusa absolutoria - EDWIN.docx
[09/05/2018 - 13:23:50 | A | 58 Ko] - archivo DAÑOS .................. JORGE FRANCISCO GUTIERREZ BELLIDO..docx  corregido.docx
[10/05/2018 - 17:10:46 | A | 51 Ko] - 7105-2017 ARCHIVO hurto GALLEGOS ARENAS JORDAN JAVIER.docx
[16/05/2018 - 13:07:06 | A | 61 Ko] - PRORROGA 503-2016-5530.docx
[22/05/2018 - 14:01:28 | A | 68 Ko] - conclusion FALSA DE DECLARACIÓN -ESCORPION Y SEAL.docx
[25/05/2018 - 19:02:38 | A | 13 Ko] - declaración Juana y Dayana.docx
[09/07/2018 - 11:08:02 | A | 1160 Ko] - TESTIGO ERICKA KAREN BARREDA ESPINOZA 503-2017-4150.docx
[17/07/2018 - 11:35:00 | A | 1166 Ko] - ACTA  DE  APLICACIÓN  DEL  PRINCIPIO DE OPORTUNIDAD OAF.docx
[26/07/2018 - 12:05:04 | A | 58 Ko] - ACTA DE INFORMACIÓN DE DERECHOS Y DEBERES  DEL IMPUTADO MIGUEL ANGEL MALDONADO - copia.docx
[26/07/2018 - 12:05:04 | A | 58 Ko] - ACTA DE INFORMACIÓN DE DERECHOS Y DEBERES  DEL IMPUTADO MIGUEL ANGEL MALDONADO - copia (2).docx
[26/07/2018 - 12:05:04 | A | 58 Ko] - ACTA DE INFORMACIÓN DE DERECHOS Y DEBERES  DEL IMPUTADO MIGUEL ANGEL MALDONADO.docx
[02/08/2018 - 10:05:50 | A | 54 Ko] - 5587-2018 Apertura desaparición.docx
[11/08/2018 - 17:55:40 | A | 62 Ko] - PRINCIPIO DE OPORTUNIDAD CHILO HUARCA.docx
[18/09/2018 - 18:35:14 | A | 58 Ko] - REG.docx
[09/10/2018 - 15:44:00 | A | 61 Ko] - aperura resistencia a la autoridad ultimo.docx
[09/10/2018 - 17:57:44 | A | 62 Ko] - APERTURA DE RESISTENCIA A LA AUTORIDAD SINDY ARROYO MEDINA.docx
[09/10/2018 - 18:27:58 | A | 55 Ko] - hurto por falta jorge.docx
[11/10/2018 - 17:49:16 | A | 54 Ko] - disposcion por error de fecha.docx
[12/10/2018 - 17:25:02 | A | 25 Ko] - 503-2018-7581.docx
[12/10/2018 - 17:59:38 | A | 23 Ko] - 503-2018-6169 DESOBEDIENCIA Y RESISTENCIA A LA AUTORIDAD.docx
[12/10/2018 - 18:07:16 | A | 53 Ko] - DISP. por error de fecha..docx
[12/10/2018 - 18:25:44 | A | 53 Ko] - DISP. oficial de error de fecha.docx
[12/10/2018 - 18:31:32 | A | 23 Ko] - 503-2018-7685.docx
[12/10/2018 - 18:46:46 | A | 22 Ko] - 503-2018-6168.docx
[12/10/2018 - 19:35:00 | A | 61 Ko] - ARCHIVO HURTO AGRAVADO NO AUTOR.docx
[16/10/2018 - 18:02:40 | A | 27 Ko] - DESOB. A LA AUTORIDAD FELIX TASSARA.docx
[18/10/2018 - 16:12:44 | A | 65 Ko] - formalizar rehusamiento.docx
[06/11/2018 - 15:58:28 | A | 40 Ko] - MAGALY 2.docx
[08/11/2018 - 18:17:02 | A | 25 Ko] - ARCHIVAR LESIONES MARIA FLORES MAMANIHANCCO.docx
[15/11/2018 - 16:07:48 | A | 47 Ko] - APERTURA HURTO AGRAVADO MARIA JUSTA MAMANIHANCCO.docx
[15/11/2018 - 17:30:58 | A | 47 Ko] - APERTURA HURTO AGRAVADO MARIA JUSTA MAMANIHANCCO 22.docx
[16/11/2018 - 10:34:58 | A | 48 Ko] - 502-2018-4819 APERTURA HURTO AGRAVADO MARIA JUSTA MAMANIHANCCO.docx
[19/11/2018 - 10:54:16 | A | 1161 Ko] - AGRAVIADO YULY QUISPE CANSAYA 503-2017-6354.docx
[19/11/2018 - 13:22:20 | A | 1161 Ko] - AMPLIACION JAIME NICOLA AMPUERO ROMERO.docx
[20/11/2018 - 15:41:48 | A | 53 Ko] - AVOCAMIENTO 1.docx
[20/11/2018 - 15:46:46 | A | 55 Ko] - AVOCAMIENTO 2.docx
[28/11/2018 - 11:03:18 | A | 52 Ko] - declaración RUFO VARGAS SALAS..docx
[29/11/2018 - 18:04:24 | A | 56 Ko] - APERTURA ESTAFA , FALSIFICACIÓN DE DOCUMENTOS 503-2018-10002.docx
[29/11/2018 - 20:15:40 | A | 13 Ko] - CASO SUCAMEC AREQUIPA-PASANTIA.docx
[29/11/2018 - 20:17:10 | A | 11 Ko] - Doc1.docx
[03/12/2018 - 10:39:54 | A | 1163 Ko] - DECLARACION DE LUIS ANGEL BARRANTES GAMARRA.docx
[11/12/2018 - 11:30:26 | A | 55 Ko] - DECLARACION DE lizet virginia ticona mamani.docx
[12/12/2018 - 12:37:00 | A | 54 Ko] - convoca acuerdo reparatoriao PEDO PABLO ORMEJO QUISPE.docx
[12/12/2018 - 18:45:48 | A | 66 Ko] - AVOCAMIENTO ARCE MUÑOZ HERBERTH ultimo del 12 del 12....docx
[12/12/2018 - 18:45:48 | A | 66 Ko] - AVOCAMIENTO ARCE MUÑOZ HERBERTH ultimo del 12 del 12... (2).docx
[14/12/2018 - 09:43:10 | A | 48 Ko] - APERTURA VIOLACION Lizbeth Milagros Condori Soncco..docx SUPER CORREGIDO docx.docx
[07/01/2019 - 19:44:00 | A | 71 Ko] - 503-2017-2005 FALSIFICACION DE DOCUMENTOS (formalizacion) (caso carnet SUCAMEC).docx
[08/02/2019 - 09:45:00 | A | 51 Ko] - 503-2018-12016 DERIVA VIOLENCIA.docx
[28/02/2019 - 13:18:54 | A | 1163 Ko] - IMPUTADO JULIA VIRGINIA URRUTIA RAMOS.docx
[01/03/2019 - 15:06:02 | A | 82 Ko] - 503-2018-3089 FALSEDAD IDEOLÓGICA (archivo).docx
[29/03/2019 - 13:17:40 | A | 46 Ko] - archivo INSTIGACIÓN AL SUICIDIO Angela Luz Davila Cárdenas.docx
[15/04/2019 - 09:48:36 | A | 49 Ko] - archivo desobediencia a la autoridad PILAR CANAHUIRE LLAIQUE..docx modelo con notificacion al CORREO ELECTRONICO..docx
[15/04/2019 - 14:25:30 | A | 53 Ko] - formalizacion de DESOBEDIENCIA A LA AUTORIDAD..docx
[17/04/2019 - 10:24:40 | A | 1159 Ko] - ACTA DE FIJACIÓN DE ACUERDO REPARATORIO. JESUS TOLEDO APAZA.docx
[22/04/2019 - 12:22:16 | A | 54 Ko] - ~$SPOSICIÓN DE APERTURA DE INVESTIGACIÓN PRELIMINAR.docx ROSARIO.docx
[23/04/2019 - 13:04:46 | A | 53 Ko] - 503-2019-587.docx
[19/09/2013 - 02:20:20 | A | 84 Ko] - ESTAFITA  LINDA.doc
[02/01/2014 - 20:13:54 | A | 88 Ko] - APERTURA ROBO .doc
[23/11/2017 - 21:00:16 | A | 55 Ko] - 503-2016-2107 FORMALIZACION.doc
[04/12/2017 - 18:13:30 | A | 55 Ko] - private.doc
[07/12/2017 - 12:04:08 | A | 77 Ko] - 3289-2017 archivo por falta de persistencia Y no identificacion.doc
[08/01/2018 - 18:03:18 | A | 80 Ko] - 503-2017-7061 FALSIFICACION DE DOCUMENTOS, PRUEBA FALSA, FRAUDE PROCESAL, Y FALSEDAD EN JUICIO (archivo).doc
[12/02/2018 - 18:04:28 | A | 68 Ko] - OFICIO NRO. 318-2018-MP-3FPPC-AR-DMZ.doc
[12/02/2018 - 18:04:42 | A | 68 Ko] - OFICIO NRO. 319-2018-MP-3FPPC-AR-DMZ.doc
[12/04/2018 - 09:36:20 | A | 57 Ko] - OFICIO DEFENSOR DE OFICIO CASO 4915-2012.doc
[19/04/2018 - 12:36:24 | A | 26 Ko] - Escrito CNM 2018.doc
[07/05/2018 - 11:56:22 | A | 71 Ko] - 503-2014-5579 ARCHIVO DESOBEDIENCIA EXCUSA ABSOLUTORIA Y P.OPORTUNIDAD..doc
[19/06/2018 - 11:47:10 | A | 85 Ko] - 503-2018-3860 FRAUDE PROCESAL FALSEDAD GENERICA (abstencion, juez extrapenal debe comunicar hechos delictivos).doc
[01/10/2018 - 15:58:42 | A | 79 Ko] - hurto agravado- corrales anaya 2.doc
[01/10/2018 - 18:22:48 | A | 79 Ko] - hurto agravado- corrales anaya 3.doc
[29/03/2019 - 11:47:32 | A | 83 Ko] - MODELO 503-2013-2277(Intento de suicidio).doc
[28/09/2009 - 20:26:12 | A | 0 Ko] - Recuperar carpetas.bat
[29/03/2019 - 11:50:42 | SHD] - FOUND.000
[20/02/2018 - 15:49:48 | D] - DRA. DOLLY PERSONAL
[12/09/2017 - 10:49:58 | D] - CARMEN DOLMOS
[09/10/2017 - 16:41:02 | D] - 05-2017
[24/10/2017 - 10:04:40 | D] - christy
[18/01/2018 - 13:53:40 | D] - informes
[19/01/2018 - 07:08:42 | D] - DAMASOL
[07/02/2018 - 15:51:08 | D] - BRAYAND
[08/02/2018 - 11:35:44 | D] - Miguel
[28/02/2018 - 17:29:34 | D] - marco
[08/03/2018 - 11:11:26 | D] - mercy
[02/04/2018 - 09:51:12 | D] - DRA DOLLY
[18/04/2018 - 18:19:48 | D] - fotos
[24/04/2018 - 09:37:40 | D] - FABIOLA
[08/05/2018 - 19:00:38 | D] - PRISION PREVENTIVA FUNDAMENTADA
[18/05/2018 - 06:14:12 | D] - videos turry
[18/05/2018 - 11:22:28 | D] - ABBY
[03/07/2018 - 11:00:54 | D] - ERAYDA
[06/07/2018 - 10:15:42 | D] - Alda
[26/09/2018 - 15:53:28 | D] - YENNY
[09/10/2018 - 13:17:14 | D] - 178803
[09/10/2018 - 13:18:14 | D] - 179900
[09/10/2018 - 17:53:12 | D] - Nueva carpeta
[12/10/2018 - 12:35:44 | D] - LIZ
[28/10/2018 - 12:43:10 | D] - 28-10-2018
[15/11/2018 - 18:43:36 | D] - Magaly T
[16/11/2018 - 11:33:58 | D] - Ana
[21/11/2018 - 10:43:58 | D] - Evelyn
[28/11/2018 - 17:36:12 | D] - YENNY MURILLO 20
[27/12/2018 - 11:05:20 | D] - Documentos recuperados
[07/01/2019 - 09:53:58 | D] - CARLOS
[11/01/2019 - 10:05:54 | D] - ANTONELLA
[31/01/2019 - 09:46:34 | D] - 000
[27/02/2019 - 13:13:14 | D] - luz castillo doc
[05/03/2019 - 13:18:12 | D] - ACUERDO REPARATORIO
[05/03/2019 - 13:18:36 | D] - ACUERDO
[22/03/2019 - 11:56:48 | D] - ESTUDIO
[22/03/2019 - 18:46:40 | D] - AMAG
[29/03/2019 - 13:04:22 | D] - ALLI
[29/03/2019 - 13:04:38 | D] - ALISSON
[29/03/2019 - 13:04:56 | D] - Nueva carpeta (2)
[04/04/2019 - 14:35:12 | D] - JENIFER XD
[24/04/2019 - 14:14:34 | D] - PAOLO SIZA

------------ | H:\ - Disco extraíble (FAT32) |

[07/05/2017 - 20:44:26 | A | 33 Ko] - C.S. CHEN CHEN - OBSERVACIONES.xlsx
[08/05/2017 - 22:43:02 | A | 23 Ko] - OBSERVACIONES A IMPRESION FINAL C.S. CHEN CHEN.xlsx
[15/05/2017 - 23:53:50 | A | 862 Ko] - equipos biomedicos por ambientes geresa chen chen (1).xlsx
[28/04/2017 - 13:54:26 | A | 1699 Ko] - entrega cschch.rar
[04/04/2017 - 13:45:56 | A | 13 Ko] - RELACION DE BIENES PENDIENTES DE ENTREGA.docx
[10/05/2017 - 23:29:46 | A | 67 Ko] - DIA DE LA MADRE.docx
[29/01/2018 - 03:51:56 | A | 77 Ko] - 503-2016-3291 TENTATIVA DE HOMICIDIO (Formalización).docx
[03/03/2018 - 10:13:24 | A | 76 Ko] - 4276-2016-Archivo y reconducción-Estafa y Falsificación de documentos (Notaría Gorky Oviedo).docx
[23/07/2018 - 20:36:30 | A | 95 Ko] - apelacion de caso HINOJOSA REQUENA.docx
[29/09/2018 - 08:21:28 | A | 22 Ko] - PLAN DE TESIS.docx
[20/11/2018 - 17:51:10 | A | 119 Ko] - DISPOSICIÓN DE CONTINUACIÓN Y FORMALIZACIÓN DE INVESTIGACIÓN PREPARATORIA Nº 03 final.docx
[05/12/2018 - 20:32:26 | A | 125 Ko] - REQUERIMIENTO Nº 1-503-2017-3736-1.docx
[21/12/2018 - 17:43:36 | A | 127 Ko] - apelacion de caso MAPI.docx
[10/01/2019 - 13:31:54 | A | 18 Ko] - MODELO DE NULIDADES.docx
[20/12/2018 - 23:50:56 | ASH | 0 Ko] - .dropbox.device
[25/11/2016 - 14:30:02 | D] - ULUS10391
[28/04/2017 - 13:54:18 | D] - entrega cschch
[17/07/2018 - 23:01:50 | D] - Elvis Presley - The 50 Greatest Hits
[11/10/2018 - 20:11:14 | D] - Brayand
[22/11/2018 - 20:26:32 | D] - Para Avanzar MP
[22/01/2019 - 15:28:46 | D] - imprimir
[21/03/2019 - 10:56:12 | D] - AntiUsbShortCut

Elemento(s) infectado(s) : 17
Elementos analizados : 252129 en 00h 01m 47s

# UsbFix-Report-01.txt [36133B]

------------ | E.O.F  |
1 me gusta

Hola @Brayand_Chacaltana

Se eliminaron bastantes infecciones del tipo USB.

Busca y elimina manualmente si te lo permite:

No suprimido ! H:\AntiUsbShortCut\AutoIt3.exe

Vuelve a ejecutar nuevamente FRST y nos traes sus reportes frescos.

Salu2

Que tal @SanMar eliminé el archivo que me indicaste y pude borrarlo sin ningún problema. Al parecer se creó un acceso directo con el nombre de la carpeta en todas las carpetas de la memoria USB, pero también pude borrar esos accesos directos sin problemas y no se han vuelto a crear.

Dejo los reportes solicitados.

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-04-2019
Ran by Dolly (administrator) on MASTERVAIO (Sony Corporation VPCYB35AL) (25-04-2019 15:40:30)
Running from C:\Users\Dolly\Desktop
Loaded Profiles: Dolly (Available Profiles: Dolly)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Zbshareware Limited -> Zbshareware Lab) [File not signed] C:\Program Files\USB Disk Security\USBGuard.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3820440 2016-04-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [623520 2011-01-31] (Zbshareware Limited -> Zbshareware Lab) [File not signed]
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => "C:\Program Files\AVG Web TuneUp\vprot.exe"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1873192 2011-01-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [radsuperloaver] => C:\streamerdata\streamer.exe  /AutoIt3ExecuteScript  "C:\streamerdata\ghghghf.zip"
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.108\Installer\chrmstp.exe [2019-04-24] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files\CyberLink\YouCam\CLCredProv\x86\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files\CyberLink\YouCam\CLCredProv\x86\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B44FD86-D8BE-4551-A858-F2B0BF732BB7} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {2163EBA2-87B1-4D0D-AB6F-569A5AA36894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-07-09] (Google Inc -> Google Inc.)
Task: {294B02A3-0105-4B69-AEAA-9D1BEE7A2A97} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd -> Piriform Ltd)
Task: {85454358-F211-4B74-80D1-8375C55166DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-07-09] (Google Inc -> Google Inc.)
Task: {85539B48-FAAD-465B-A4F4-96D5DBC311C5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {A2F46567-247E-40DD-A947-76FFA7E12B3B} - System32\Tasks\AVG EUpdate Task => C:\Program Files\AVG\Setup\avgsetupx.exe [3661072 2018-01-23] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{DF7D4A36-592C-4B74-804D-C443FA2C7DE3}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> DefaultScope {B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> {B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> {F0EB293B-E47D-4203-9CD6-8CF22BF3E945} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2015-07-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-09] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-09] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com.pe/"
CHR Profile: C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default [2019-04-25]
CHR Extension: (Presentaciones) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-24]
CHR Extension: (Documentos) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-24]
CHR Extension: (Google Drive) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-15]
CHR Extension: (YouTube) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-05]
CHR Extension: (Búsqueda de Google) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-09]
CHR Extension: (Hojas de cálculo) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-05]
CHR Extension: (Gmail) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-09]
CHR Extension: (Chrome Media Router) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3647384 2016-04-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [336152 2016-04-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-03-01] (Microsoft Windows -> Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7800832 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [245760 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [100880 2011-06-20] (ATI Technologies, Inc -> Advanced Micro Devices)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [252336 2015-12-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [223152 2016-01-13] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-25] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [234416 2015-12-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [193456 2016-01-22] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [230832 2015-08-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-04-23] (Malwarebytes Corporation -> Malwarebytes)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-13] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [107168 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64088 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [85232 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [9344 2007-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 EverestDriver; \??\G:\$Correcto\Install\DVD_01 Install 2015\Everest Ultimate\kerneld.wnt [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-25 15:40 - 2019-04-25 15:40 - 000000000 ____D C:\Users\Dolly\Desktop\FRST-OlderVersion
2019-04-25 15:24 - 2019-04-25 15:24 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-25 15:24 - 2019-04-25 15:24 - 000107168 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-04-25 15:24 - 2019-04-25 15:24 - 000085232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-04-25 15:24 - 2019-04-25 15:24 - 000064088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-04-25 10:03 - 2019-04-25 10:03 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-04-24 20:14 - 2019-04-24 20:14 - 000036193 _____ C:\Users\Dolly\Desktop\UsbFix_Report.txt
2019-04-24 20:06 - 2019-04-24 20:08 - 000001846 _____ C:\Users\Dolly\Desktop\UsbFix Anti-Malware.lnk
2019-04-24 20:06 - 2019-04-24 20:07 - 000000000 ____D C:\Program Files\UsbFix
2019-04-24 20:05 - 2019-04-24 20:05 - 004763288 _____ (SOSVirus) C:\Users\Dolly\Downloads\UsbFix_2019_11.014.exe
2019-04-24 17:14 - 2019-04-24 17:16 - 000081297 _____ C:\Users\Dolly\Desktop\Addition.txt
2019-04-24 17:11 - 2019-04-25 15:43 - 000017816 _____ C:\Users\Dolly\Desktop\FRST.txt
2019-04-24 17:11 - 2019-04-25 15:40 - 000000000 ____D C:\FRST
2019-04-24 17:09 - 2019-04-25 15:40 - 001788928 _____ (Farbar) C:\Users\Dolly\Desktop\FRST.exe
2019-04-23 16:48 - 2019-04-23 16:48 - 000006436 _____ C:\Users\Dolly\Desktop\ZHPCleaner (R).txt
2019-04-23 16:26 - 2019-04-23 16:26 - 000007410 _____ C:\Users\Dolly\Desktop\ZHPCleaner (S).txt
2019-04-23 15:47 - 2019-04-23 16:48 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\ZHP
2019-04-23 15:47 - 2019-04-23 15:47 - 000000840 _____ C:\Users\Dolly\Desktop\ZHPCleaner.lnk
2019-04-23 15:47 - 2019-04-23 15:47 - 000000000 ____D C:\Users\Dolly\AppData\Local\ZHP
2019-04-23 15:46 - 2019-04-23 15:46 - 003133312 _____ C:\Users\Dolly\Downloads\ZHPCleaner.exe
2019-04-22 20:03 - 2019-04-22 20:03 - 000000000 ____D C:\Users\Dolly\AppData\Local\mbamtray
2019-04-22 20:03 - 2019-04-22 20:03 - 000000000 ____D C:\Users\Dolly\AppData\Local\mbam
2019-04-22 20:02 - 2019-04-23 15:51 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-04-22 20:02 - 2019-04-22 20:02 - 000002033 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-22 20:02 - 2019-04-22 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-22 20:02 - 2019-04-22 20:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-22 20:02 - 2019-04-22 20:02 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-22 19:47 - 2019-04-22 19:50 - 064309056 _____ (Malwarebytes ) C:\Users\Dolly\Downloads\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe
2019-04-22 19:17 - 2019-04-22 19:18 - 000000000 ____D C:\AdwCleaner
2019-04-22 19:16 - 2019-04-22 19:17 - 007025360 _____ (Malwarebytes) C:\Users\Dolly\Downloads\adwcleaner_7.3.exe
2019-04-17 18:38 - 2019-04-15 15:52 - 000134081 _____ C:\Users\Dolly\Desktop\sobre-la-constitucin-del-estado-constitucional.pdf
2019-04-03 20:03 - 2019-04-03 20:03 - 000000000 ____D C:\Users\Dolly\Desktop\POLICIAS

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-25 15:37 - 2011-04-11 20:30 - 000747230 _____ C:\Windows\system32\perfh00A.dat
2019-04-25 15:37 - 2011-04-11 20:30 - 000158670 _____ C:\Windows\system32\perfc00A.dat
2019-04-25 15:37 - 2010-11-20 16:01 - 001675926 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-25 15:37 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\inf
2019-04-25 15:34 - 2015-07-09 20:56 - 000000000 ____D C:\ProgramData\MFAData
2019-04-25 15:23 - 2009-07-13 23:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-25 12:06 - 2009-07-13 23:34 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-25 12:06 - 2009-07-13 23:34 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-24 17:50 - 2015-07-09 20:45 - 000002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-23 15:53 - 2015-11-02 10:36 - 000000000 ____D C:\Windows\Minidump
2019-04-04 20:25 - 2019-03-12 16:01 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\AIMP
2019-04-02 15:12 - 2018-11-29 18:13 - 000000000 ____D C:\Users\Dolly\Desktop\YENNY MURILLO 20
2019-04-02 15:10 - 2016-04-19 10:11 - 000000000 ____D C:\Users\Dolly\Desktop\apertura
2019-04-02 15:06 - 2016-02-01 09:58 - 000000000 ____D C:\Users\Dolly\Desktop\ELISEO
2019-04-02 14:23 - 2015-11-06 10:19 - 000000000 ____D C:\Users\Dolly\Desktop\Formalizaciones

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\User32.dll
[2010-11-20 16:29] - [2010-11-20 16:29] - 000811520 _____ (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1


LastRegBack: 2019-04-24 16:42
==================== End of FRST.txt ============================
1 me gusta

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-04-2019
Ran by Dolly (25-04-2019 15:44:06)
Running from C:\Users\Dolly\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2015-07-10 00:52:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1986104296-3163790973-3246301206-500 - Administrator - Disabled)
Dolly (S-1-5-21-1986104296-3163790973-3246301206-1000 - Administrator - Enabled) => C:\Users\Dolly
HomeGroupUser$ (S-1-5-21-1986104296-3163790973-3246301206-1002 - Limited - Enabled)
Invitado (S-1-5-21-1986104296-3163790973-3246301206-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Reader XI  MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AIMP (HKLM\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Apple Application Support (32 bits) (HKLM\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{ABDE67C4-5876-4CDB-82A9-0CBACECC1C4A}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{9F8E6025-423A-2A9F-3951-71E9BE2A85E7}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG 2015 (HKLM\...\{62DF9376-A9FB-463A-9F26-63B9DF023DEB}) (Version: 15.0.6201 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\{9E9EE8EE-8872-4817-9FF1-0DF3C986584B}) (Version: 15.0.4793 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6201 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.9.626 - AVG Technologies)
AVG Zen (HKLM\...\{3D8C5CBA-DDCF-44CE-AD7D-B0AEF74E989E}) (Version: 1.116.2 - AVG Technologies) Hidden
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM\...\{ED468F84-6B55-4FFD-A0C2-3C2064696A88}) (Version: 3.40.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CyberLink YouCam 5 (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
FMW 1 (HKLM\...\{A2B92392-DC17-416B-88F6-A6A55E053E32}) (Version: 1.143.3 - AVG Technologies) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.108 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
IrfanView 4.51 (32-bit) (HKLM\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{869A9D9A-54D2-43E6-BB88-201902C9210E}) (Version: 12.9.3.3 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
USB Disk Security (HKLM\...\USB Disk Security_is1) (Version:  - Zbshareware Lab)
UsbFix Anti-Malware Premium (HKLM\...\Usbfix) (Version: 11.0.1.4 - SOSVirus (SOSVirus.Net))
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WMPKeys (HKLM\...\{5D4B3647-9842-4875-B081-EF8D98C02865}) (Version: 1.2.0.0 - lazymf and kbept)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{9B61F641-7794-4322-BF6A-E45EFD6C8D7C}\InprocServer32 -> C:\Program Files\WMPKeys\wmpkeys.dll (lazymf and kbept) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2019-03-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files\AVG\AVG2015\avgse.dll [2016-04-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2019-03-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files\AVG\AVG2015\avgse.dll [2016-04-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\(ACUSACIÓN DIRECTA PELIGRO COMUN).docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\(ACUSACIÓN DIRECTA PELIGRO COMUN).docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & explorer ".Trashes\ "
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\01-give-me-love.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\01-give-me-love.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\01-The-A-Team.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\01-The-A-Team.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\02.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\02.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\03.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\03.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\04.- Tu Amor Me Hace Bien.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\04.- Tu Amor Me Hace Bien.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\05. Last First Kiss (www.SongsLover.pk).mp3.2etrw1j.partial.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\05. Last First Kiss (www.SongsLover.pk).mp3.2etrw1j.partial"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\06. 22 (www.SongsLover.pk).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\06. 22 (www.SongsLover.pk).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\3369.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\3369.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\45 GONZALES QUIROZ cayma. okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\45 GONZALES QUIROZ cayma. okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\8) Pitbull - Rain over me - Pitbull y Marck Anthony.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\8) Pitbull - Rain over me - Pitbull y Marck Anthony.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\94241.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\94241.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ACTA  DE  APLICACIÓN  DEL  PRINCIPIO DE OPORTUNIDAD YURI ARAGON QUISPE.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\ACTA  DE  APLICACIÓN  DEL  PRINCIPIO DE OPORTUNIDAD YURI ARAGON QUISPE.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ACUERDO REPARATORIO ALEX SURCO CHUCTAYA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\ACUERDO REPARATORIO ALEX SURCO CHUCTAYA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio Ancelma Pinares de Baustista.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio Ancelma Pinares de Baustista.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Acuerdo reparatorio BONIFACIA HUAMAN TURPO.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Acuerdo reparatorio BONIFACIA HUAMAN TURPO.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio Bryan Ayrton Cuno Barriios okey okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio Bryan Ayrton Cuno Barriios okey okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio Bryan Ayrton Cuno Barriios okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio Bryan Ayrton Cuno Barriios okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio Bryan Ayrton Cuno Barriios.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio Bryan Ayrton Cuno Barriios.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio GLADYS BEDOYA LEON.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio GLADYS BEDOYA LEON.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio MILCA VILCA QUISPE.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio MILCA VILCA QUISPE.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio PERCY FORTUNATO QUISPE QUISPE.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acuerdo reparatorio PERCY FORTUNATO QUISPE QUISPE.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio y archivo de JHONY CALDERON ARANA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start E:\bat.bat & ".Trashes\acuerdo reparatorio y archivo de JHONY CALDERON ARANA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acuerdo reparatorio y archivo de JHONY CALDERON ARANAokey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\acuerdo reparatorio y archivo de JHONY CALDERON ARANAokey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acusacion LESIONES CULPOSAS MARIO PUMACALLAHUI VIZARRETA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\acusacion LESIONES CULPOSAS MARIO PUMACALLAHUI VIZARRETA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\acusación PELIGRO COMUN juan luis condori condoril.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\acusación PELIGRO COMUN juan luis condori condoril.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA 503-2014-4286 HURTO agravado.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\APERTURA 503-2014-4286 HURTO agravado.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura COACCION  Shirley Yamali Capia Flores.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\apertura COACCION  Shirley Yamali Capia Flores.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura de investigación  503-2015-2636.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\apertura de investigación  503-2015-2636.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA LESIONES  GONZALES QUIROZ.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\APERTURA LESIONES  GONZALES QUIROZ.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA LESIONES carmen sandra morochara huamani violencia famiiar okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\APERTURA LESIONES carmen sandra morochara huamani violencia famiiar okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA LESIONES carmen sandra morochara huamani violencia famiiar.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\APERTURA LESIONES carmen sandra morochara huamani violencia famiiar.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura lesiones leves GONZALES QUIROZ cayma. okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\apertura lesiones leves GONZALES QUIROZ cayma. okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA LESIONES ticona curasi juan cesar (violencia familiar) okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\APERTURA LESIONES ticona curasi juan cesar (violencia familiar) okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURA LESIONES ticona curasi juan cesar (violencia familiar).docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\APERTURA LESIONES ticona curasi juan cesar (violencia familiar).docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura lesiones y daños MARCOS HONORATO AMADO CHALCO..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\apertura lesiones y daños MARCOS HONORATO AMADO CHALCO..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura lesiones y daños MARCOS HONORATO AMADO CHALCO.ok.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\apertura lesiones y daños MARCOS HONORATO AMADO CHALCO.ok.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura RECEPTACIÓN EDGAR PALOMINO QUIJHUA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\apertura RECEPTACIÓN EDGAR PALOMINO QUIJHUA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura RECEPTACIÓN LEOCADIO TRELLES CASTRO.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\apertura RECEPTACIÓN LEOCADIO TRELLES CASTRO.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\apertura usurpacion NATTY ARELA LAQUISE.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\apertura usurpacion NATTY ARELA LAQUISE.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\APERTURAS, PRORROGAS Y DEMAS.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & explorer ".Trashes\APERTURAS, PRORROGAS Y DEMAS"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo  violacion de domicilio ROYER DEAN MELO GOMEZ.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo  violacion de domicilio ROYER DEAN MELO GOMEZ.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA causa de justificación okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA causa de justificación okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA causa de justificación.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA causa de justificación.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\ARCHIVO COMBI ANCELMA PINARES DE BAUTISTA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO HURTO AGRAVADO - VEHICULO- 503-2015-375.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ARCHIVO HURTO AGRAVADO - VEHICULO- 503-2015-375.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo lesiones cuero cabelludo SONIA JUAN CALLO MAMANI.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo lesiones cuero cabelludo SONIA JUAN CALLO MAMANI.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo lesiones culposas JONATAN GARCIA GIRALDO colombiano.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo lesiones culposas JONATAN GARCIA GIRALDO colombiano.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo lesiones.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo lesiones.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO luz marina tinoco choque VIOLACION DE DOMICILIO Y LESIONES.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ARCHIVO luz marina tinoco choque VIOLACION DE DOMICILIO Y LESIONES.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo robo agravado hoy.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo robo agravado hoy.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo robo agravado Luis Valencia Huamani.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\archivo robo agravado Luis Valencia Huamani.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ARCHIVO VIEJITO.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ARCHIVO VIEJITO.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo y reserva niña desaparecida ok.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\archivo y reserva niña desaparecida ok.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo y reserva niña desaparecida.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\archivo y reserva niña desaparecida.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\archivo YESICA LEY ARESTEGUI lesiones culposas.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\archivo YESICA LEY ARESTEGUI lesiones culposas.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Archivos.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & explorer ".Trashes\Archivos"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Ariana Grande feat. Mac Miller - The Way [128].mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Ariana Grande feat. Mac Miller - The Way [128].mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\beneficios.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\beneficios.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\bonifacia huaman iiiiii.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\bonifacia huaman iiiiii.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\BONIFACIA HUAMAN TURPO.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\BONIFACIA HUAMAN TURPO.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\BOOTEX.LOG.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\BOOTEX.LOG"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Bruno_Mars_-_When_I_Was_Your_Man.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Bruno_Mars_-_When_I_Was_Your_Man.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\CASO N declaración NATIVIDAD CANSAYA OAF.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\CASO N declaración NATIVIDAD CANSAYA OAF.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\conclusión Walter Chavez VERA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\conclusión Walter Chavez VERA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\convocar a audiencia de principio de oporutnidad LEOCADIO TRELLES CASTRO..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\convocar a audiencia de principio de oporutnidad LEOCADIO TRELLES CASTRO..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\CONVOCAR AUDIENCIA DE PRINCIPIO DE OPOETUNIDAD EDGAR PALOMINO QUIJHUA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\CONVOCAR AUDIENCIA DE PRINCIPIO DE OPOETUNIDAD EDGAR PALOMINO QUIJHUA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\correccion CONCURSO REAL DE DELITOS.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\correccion CONCURSO REAL DE DELITOS.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\corrección concurso aparente de delitos ALEX SURCO CHUCTAYA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\corrección concurso aparente de delitos ALEX SURCO CHUCTAYA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\declaracion BONIFACIA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\declaracion BONIFACIA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\declaracion VENANCIA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\declaracion VENANCIA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\declaración de PNP BERCEL PERCI BARREGA ZEGARRA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\declaración de PNP BERCEL PERCI BARREGA ZEGARRA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\declaración Wilder Montaño Revilla.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\declaración Wilder Montaño Revilla.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\DENUNCIA POR ACTA  MARICIELO MARESCA LAZO.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\DENUNCIA POR ACTA  MARICIELO MARESCA LAZO.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\DENUNCIA POR ACTA presunto delito de violación de la libertad sexual.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\DENUNCIA POR ACTA presunto delito de violación de la libertad sexual.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\DENUNCIA POR ACTA.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\DENUNCIA POR ACTA.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\DILIGENCIAS DE INVESTIGACIÓN PREPARATORIA GABY IRENE TEJADA PUMA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\DILIGENCIAS DE INVESTIGACIÓN PREPARATORIA GABY IRENE TEJADA PUMA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Dimelo.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Dimelo.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\disposicion ANDAHUYALLAS.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\disposicion ANDAHUYALLAS.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\disposicion caso de las monjitas escrito presentado por denunciada..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\disposicion caso de las monjitas escrito presentado por denunciada..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\DISPOSICION DE ARCHIVO -Calderon Arana Johnny.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\DISPOSICION DE ARCHIVO -Calderon Arana Johnny.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\disposicion hermana INABIF.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\disposicion hermana INABIF.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\disposicion loquito ..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\disposicion loquito ..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Ed-Sheeran-You-Need-Me-I-Dont-Need-You.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Ed-Sheeran-You-Need-Me-I-Dont-Need-You.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\EDGARD FREDY HAÑARI QUISPE.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\EDGARD FREDY HAÑARI QUISPE.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ejecucion sent oaf 2326-2013 EXP. 4740-2013 OK.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ejecucion sent oaf 2326-2013 EXP. 4740-2013 OK.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ejecucion sent oaf 2326-2013 EXP. 4740-2013.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ejecucion sent oaf 2326-2013 EXP. 4740-2013.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\EMBARGO E INHIBICION.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\EMBARGO E INHIBICION.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\ESCRITO subsanando requerimiento de tercero civil.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\ESCRITO subsanando requerimiento de tercero civil.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Fifth_Harmony-Anything_Could_Happen_Mix_3rd_Version(myfreemp3.eu).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Fifth_Harmony-Anything_Could_Happen_Mix_3rd_Version(myfreemp3.eu).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Fifth_Harmony-Impossible_Shontelle_cover(myfreemp3.eu).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Fifth_Harmony-Impossible_Shontelle_cover(myfreemp3.eu).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\FILE_REC.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & explorer ".Trashes\FILE_REC"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\FORMALIZACION 290-2015.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\FORMALIZACION 290-2015.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\FORMALIZACION Lesiones Culposas inga Calachua12.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\FORMALIZACION Lesiones Culposas inga Calachua12.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalizacion lesiones graves DELGADO URIA ANDERSON okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\formalizacion lesiones graves DELGADO URIA ANDERSON okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\FORMALIZACION.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\FORMALIZACION.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización alexander huamani quicaño DELITOS CONTRA EL SUFRAGIO.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\formalización alexander huamani quicaño DELITOS CONTRA EL SUFRAGIO.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización BONIFACIA HUAMAN TURPO lesiones.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\formalización BONIFACIA HUAMAN TURPO lesiones.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización Calderon Arana Johnny LESIONES.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\formalización Calderon Arana Johnny LESIONES.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización de LESIONES mauriciio andre calla quiroz ok.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\formalización de LESIONES mauriciio andre calla quiroz ok.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización de LESIONES mauriciio andre calla quiroz.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\formalización de LESIONES mauriciio andre calla quiroz.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización de ronal vilca quispe.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\formalización de ronal vilca quispe.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Formalización Lesiones Culposas Ingracia Condori de Uracahua.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start E:\bat.bat & ".Trashes\Formalización Lesiones Culposas Ingracia Condori de Uracahua.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización lesiones leves alvaro bernardo choquehuanca guevara.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\formalización lesiones leves alvaro bernardo choquehuanca guevara.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\FORMALIZACIÓN PELIGRO COMUN Edward Valdeiglesias Gonzales..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\FORMALIZACIÓN PELIGRO COMUN Edward Valdeiglesias Gonzales..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\formalización peligro comun HUGO CONDORI ROJAS.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\formalización peligro comun HUGO CONDORI ROJAS.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\integración tercero civil ANDRES SALCEDO PERALTA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\integración tercero civil ANDRES SALCEDO PERALTA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\JAIME LIMA.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\JAIME LIMA.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\JAIME.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\JAIME.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\JORDY MAMANI CCAMA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\JORDY MAMANI CCAMA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Lego-House-by-Ed-Sheeran-Rudimental-Remix.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Lego-House-by-Ed-Sheeran-Rudimental-Remix.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Little Mix - Change Your Life (Winner X Factor UK)  (www.music.luigykent.org).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Little Mix - Change Your Life (Winner X Factor UK)  (www.music.luigykent.org).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\little_mix_-_pretend_its_ok_(www.freshmp3music.ru).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\little_mix_-_pretend_its_ok_(www.freshmp3music.ru).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\marc_anthony_-_y_como_es_el_demo.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\marc_anthony_-_y_como_es_el_demo.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\modelos notaria.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & explorer ".Trashes\modelos notaria"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\OAF- ROXANA IRAIDA VILCA YANQUE.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\OAF- ROXANA IRAIDA VILCA YANQUE.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\OFICIO CORRECCIÓN CONCURSO APARENTE DE LEYES, ALEX SURCO CHUCTAYA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\OFICIO CORRECCIÓN CONCURSO APARENTE DE LEYES, ALEX SURCO CHUCTAYA.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\OFICIO IMAGEN AUDIO VIDEO MONJITAS..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\OFICIO IMAGEN AUDIO VIDEO MONJITAS..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\oficio IMAGEN AUDIO Y VIDEO DEL MINISTERIO PUBLICO..docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\oficio IMAGEN AUDIO Y VIDEO DEL MINISTERIO PUBLICO..docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\OFICIO YANEZ RONDON.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\OFICIO YANEZ RONDON.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\oficios.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\oficios.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\OFICIOS.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & explorer ".Trashes\OFICIOS"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\PC.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & explorer ".Trashes\PC"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\pericia fisica caso de las monjitas.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\pericia fisica caso de las monjitas.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\pericia fisica PNP ALEJANDRO MORALES MINAYA.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\pericia fisica PNP ALEJANDRO MORALES MINAYA.docx"
1 me gusta

Continúa Addition.txt

ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\PRORROGA 503-2015-2203 (Autoguardado).docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\PRORROGA 503-2015-2203 (Autoguardado).docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\REG.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\REG.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Requerimiento de Nulidad de Transferencias  ( champi ancalla).doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Requerimiento de Nulidad de Transferencias  ( champi ancalla).doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Requerimiento de Nulidad de Transferencias - subsanacion .doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Requerimiento de Nulidad de Transferencias - subsanacion .doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\REQUERIMIENTO Nº.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & ".Trashes\REQUERIMIENTO Nº.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\sobreseimiento.... magno bazan fernández corregida okey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\sobreseimiento.... magno bazan fernández corregida okey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\sobreseimiento.... magno bazan fernández corregida okeyokey.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\sobreseimiento.... magno bazan fernández corregida okeyokey.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\sobreseimiento.... magno bazan fernández corregida.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\sobreseimiento.... magno bazan fernández corregida.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\sobreseimiento.... magno bazan fernández.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\sobreseimiento.... magno bazan fernández.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\T- ABEL TELLEZ VELASQUEZ.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\T- ABEL TELLEZ VELASQUEZ.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\They-Dont-Know-About-Us_(webmusic.in).mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\They-Dont-Know-About-Us_(webmusic.in).mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\Thumbs.db.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\Thumbs.db"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\tumblr_lrnfvbCIkM1qipyj9o1.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\tumblr_lrnfvbCIkM1qipyj9o1.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\tumblr_mb8qi3rCnS1rpe190o1.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\tumblr_mb8qi3rCnS1rpe190o1.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\tumblr_mdl8u9jyr91rbrxfjo1_r1_mp3.lbg6pa9.partial.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\tumblr_mdl8u9jyr91rbrxfjo1_r1_mp3.lbg6pa9.partial"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\tumblr_mdwp5vmzAe1rl4210o1.mp3.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\tumblr_mdwp5vmzAe1rl4210o1.mp3"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\VARIOS.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start G:\bat.bat & explorer ".Trashes\VARIOS"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\violacion, archivo. consentimiento. caso 1484.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\violacion, archivo. consentimiento. caso 1484.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\~$WLLBE.FAT.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\~$WLLBE.FAT"
ShortcutWithArgument: C:\Users\Dolly\Desktop\USB MORADO\~WRL0005.tmp.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start F:\bat.bat & ".Trashes\~WRL0005.tmp"
ShortcutWithArgument: C:\Users\Dolly\Desktop\apertura\PRESTADOS\CONCLUSION 503-2011-839-ESTAFA-EL REGRESO.doc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start E:\bat.bat & ".Trashes\CONCLUSION 503-2011-839-ESTAFA-EL REGRESO.doc"
ShortcutWithArgument: C:\Users\Dolly\Desktop\apertura\PRESTADOS\CONCLUSION 503-2015-1788-0.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start E:\bat.bat & ".Trashes\CONCLUSION 503-2015-1788-0.docx"
ShortcutWithArgument: C:\Users\Dolly\Desktop\apertura\PRESTADOS\CONCLUSION 503-2015-5511-0.docx.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c start E:\bat.bat & ".Trashes\CONCLUSION 503-2015-5511-0.docx"

==================== Loaded Modules (Whitelisted) ==============

2010-11-20 16:29 - 2010-11-20 16:29 - 000811520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2011-05-24 23:17 - 2011-05-24 23:17 - 000294400 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2011-05-24 23:17 - 2011-05-24 23:17 - 000065024 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2015-07-09 22:50 - 2012-06-09 19:20 - 000167936 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2015-07-09 22:01 - 2011-01-31 17:52 - 000623520 _____ (Zbshareware Limited -> Zbshareware Lab) [File not signed] C:\Program Files\USB Disk Security\USBGuard.exe
2015-07-09 22:43 - 2015-07-09 22:43 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL
2015-07-09 22:01 - 2010-12-09 21:27 - 006062080 _____ (BCGSoft Ltd) [File not signed] C:\Program Files\USB Disk Security\BCGCBPRO1500u80.dll
2015-07-09 22:01 - 2010-12-08 15:21 - 000753664 _____ (BCGSoft Co Ltd) [File not signed] C:\Program Files\USB Disk Security\BCGPStyle2010Blue150.dll
2018-01-23 13:27 - 2018-01-23 13:27 - 048920064 _____ () [File not signed] C:\Program Files\AVG\UiDll\2623\libcef.dll
2010-08-23 16:11 - 2010-08-23 16:11 - 000299008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2011-05-24 23:48 - 2011-05-24 23:48 - 000095744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000022016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2014-10-23 14:19 - 2014-10-23 14:19 - 000057344 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1034.dll
2010-09-28 15:33 - 2010-09-28 15:33 - 000299008 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2011-05-24 23:47 - 2011-05-24 23:47 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000057344 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2011-04-21 16:40 - 2011-04-21 16:40 - 000080896 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000034816 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000042496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2009-04-22 12:13 - 2009-04-22 12:13 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2010-03-04 00:27 - 2010-03-04 00:27 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2010-10-07 13:07 - 2010-10-07 13:07 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000290816 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000167936 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2009-06-17 05:27 - 2009-06-17 05:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000025088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000240128 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000033792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
2009-12-08 06:49 - 2009-12-08 06:49 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2007-08-09 16:58 - 2007-08-09 16:58 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000043520 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2008-12-30 11:04 - 2008-12-30 11:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2009-04-22 12:13 - 2009-04-22 12:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2010-11-05 14:18 - 2010-11-05 14:18 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2009-01-20 13:51 - 2009-01-20 13:51 - 000007168 _____ ( ) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2011-05-24 23:17 - 2011-05-24 23:17 - 000036864 _____ (AMD) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.Implementation.dll
2011-05-24 23:17 - 2011-05-24 23:17 - 000095232 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000259584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000192512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.es_Localization.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000389120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 001200640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000421888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000168960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2011-03-14 14:21 - 2011-03-14 14:21 - 000016384 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000131072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000966656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000027648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 002045440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000345600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000243712 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 002452992 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000774144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000159744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 001259520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000048128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000266240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000524288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2015-07-09 20:35 - 000000921 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Calibre2\
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Web TuneUp\vprot.exe"
MSCONFIG\startupreg: YouCam Service => "C:\Program Files\CyberLink\YouCam\YouCamService.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FDAF9B63-4FDD-43B7-BBBF-779788513291}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{AA20C00E-33EA-4898-A72A-30285C9BF59E}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{61F73C36-DB7D-4A9B-B21A-E9FE63EA0804}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{80D6B706-6E51-48E7-B347-309098822B14}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{7F123ABF-3988-4A8F-9288-FA18F81708A0}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{88948062-A078-42D2-A510-EA4A921FAB46}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{1DE4C843-5BB9-49D8-B65E-FB2B579FEDC3}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8CBF76C9-52CC-4C55-8E15-371A480CA730}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{75FD1A2D-BBC0-471B-A3E9-C290C8A1EA91}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{F26B557D-6F53-47CB-8EDC-8C7B90336743}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{3D32AB55-F707-4D62-AD40-7E199C4455C8}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{FE540893-B05D-4E8A-868D-E29EBE56853A}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{AF4809AB-B82C-4AA4-A468-4854DC8F5513}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{E833186B-1F12-4692-9D27-5DCC5FFEBECB}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EC62B2CC-1F93-4178-9A07-979F410C19E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{38FF9AD7-0042-4601-9B37-03F4B7D388A2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{75D11145-D199-4A44-A915-D0A39BC93928}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CF935B67-F3E3-469A-BB47-D873C96A3C43}] => (Allow) LPort=1688
FirewallRules: [{80732A6F-BF2A-44A3-A15E-D460ABFC168C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

18-02-2019 16:55:51 Punto de control programado
20-02-2019 21:33:20 Installed iTunes
28-02-2019 18:10:25 Punto de control programado
07-03-2019 20:57:51 Punto de control programado
15-03-2019 17:54:36 Punto de control programado
27-03-2019 19:20:08 Punto de control programado
16-04-2019 18:10:22 Punto de control programado

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2019 03:25:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/25/2019 10:04:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/24/2019 05:07:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\System32\systemcpl.dll".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (04/24/2019 04:21:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6885385

Error: (04/24/2019 04:21:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6885385

Error: (04/24/2019 04:21:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2019 02:19:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/23/2019 03:39:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (04/25/2019 03:23:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (04/25/2019 03:23:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Service KMSELDI no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/25/2019 12:06:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/25/2019 10:03:28 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (04/25/2019 10:03:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Service KMSELDI no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/24/2019 08:21:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/24/2019 02:18:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (04/24/2019 02:18:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Service KMSELDI no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


==================== Memory info =========================== 

BIOS: Insyde Corp. R0190Z7 09/09/2011
Motherboard: Sony Corporation VAIO
Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 87%
Total physical RAM: 1642.9 MB
Available physical RAM: 206.95 MB
Total Virtual: 3285.8 MB
Available Virtual: 688.4 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:112.99 GB) (Free:70.57 GB) NTFS
Drive d: (Datos) (Fixed) (Total:352.67 GB) (Free:337.66 GB) NTFS
Drive e: (Lexar) (Removable) (Total:7.45 GB) (Free:3.26 GB) FAT32
Drive h: (HP v165g) (Removable) (Total:7.59 GB) (Free:5.12 GB) FAT32

\\?\Volume{f745c7c4-269b-11e5-ac6a-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: BB27E94F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=352.7 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 7.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.6 GB) - (Type=0C)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)

==================== End of Addition.txt ============================
1 me gusta

Quiero agregar que al parecer tengo dos unidades USB fantasma, cuando he puesto la opcion de mostrar archivos ocultos he visto esto.

Sin%20t%C3%ADtulo

Las unidades (F:) y (G:) no son mías.

1 me gusta

Hola @Brayand_Chacaltana

Realiza lo siguiente:

1.- Desinstala con su herramienta especifica tu Antivirus AVG 2015.

Por el momento no instales nada aun.

2.- Desinstala con Revo Uninstaller en su Modo Avanzado:

  • USB Disk Security

Manual de Revo Uninstaller.

3.- Busca y elimina si te lo permite toda la carpeta:

C:\Users\Dolly\Desktop\ USB MORADO

Vacías la Papelera de Reciclaje.

4.- Luego:

Realizas un análisis del PC con Eset Online Scaner : Manual de Uso

Lee especialmente como guardar el reporte.

Guía: Como pegar Reportes en el Foro?

Salu2.

1 me gusta

Buenas, muchas gracias! La pestaña hoy no se ha abierto nuevamente. Dejo el reporte de ESET ONLINE

18:58:23 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.0.17.0
# country="Peru"
# lang=13322
19:10:10 Updating
19:10:10 Update Init
19:10:12 Update Download
19:18:01 esets_scanner_reload returned 0
19:18:01 g_uiModuleBuild: 41179
19:18:01 Update Finalize
19:18:01 Call m_esets_charon_send
19:18:01 Call m_esets_charon_destroy
19:18:01 Updated modules version: 41179
19:18:17 Scanner engine: 41179
20:03:48 Call m_esets_charon_send
20:03:48 Call m_esets_charon_destroy
1 me gusta

Hola @Brayand_Chacaltana

Perfecto.

Ahora toca una nueva ejecución de FRST como ya lo has hecho la primera vez y nos traes sus reportes.

Salu2

1 me gusta

Que tal @SanMar dejo los reportes solicitados. Muchas gracias por la ayuda hasta ahora :smiley:

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-04-2019
Ran by Dolly (administrator) on MASTERVAIO (Sony Corporation VPCYB35AL) (26-04-2019 16:00:20)
Running from C:\Users\Dolly\Desktop
Loaded Profiles: Dolly (Available Profiles: Dolly)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [AvgUi] => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
HKLM\...\Run: [vProt] => "C:\Program Files\AVG Web TuneUp\vprot.exe"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1873192 2011-01-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [radsuperloaver] => C:\streamerdata\streamer.exe  /AutoIt3ExecuteScript  "C:\streamerdata\ghghghf.zip"
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.108\Installer\chrmstp.exe [2019-04-24] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files\CyberLink\YouCam\CLCredProv\x86\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files\CyberLink\YouCam\CLCredProv\x86\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B44FD86-D8BE-4551-A858-F2B0BF732BB7} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {2163EBA2-87B1-4D0D-AB6F-569A5AA36894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-07-09] (Google Inc -> Google Inc.)
Task: {294B02A3-0105-4B69-AEAA-9D1BEE7A2A97} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd -> Piriform Ltd)
Task: {85454358-F211-4B74-80D1-8375C55166DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-07-09] (Google Inc -> Google Inc.)
Task: {85539B48-FAAD-465B-A4F4-96D5DBC311C5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {A2F46567-247E-40DD-A947-76FFA7E12B3B} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{DF7D4A36-592C-4B74-804D-C443FA2C7DE3}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> DefaultScope {B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> {B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> {F0EB293B-E47D-4203-9CD6-8CF22BF3E945} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2015-07-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-09] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-09] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com.pe/"
CHR Profile: C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default [2019-04-26]
CHR Extension: (Presentaciones) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-24]
CHR Extension: (Documentos) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-24]
CHR Extension: (Google Drive) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-15]
CHR Extension: (YouTube) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-05]
CHR Extension: (Búsqueda de Google) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-09]
CHR Extension: (Hojas de cálculo) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-05]
CHR Extension: (Gmail) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-09]
CHR Extension: (Chrome Media Router) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-03-01] (Microsoft Windows -> Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7800832 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [245760 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [100880 2011-06-20] (ATI Technologies, Inc -> Advanced Micro Devices)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-04-23] (Malwarebytes Corporation -> Malwarebytes)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-13] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [107168 2019-04-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64088 2019-04-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-04-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [85232 2019-04-26] (Malwarebytes Corporation -> Malwarebytes)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [9344 2007-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 EverestDriver; \??\G:\$Correcto\Install\DVD_01 Install 2015\Everest Ultimate\kerneld.wnt [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-26 15:51 - 2019-04-26 15:51 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-26 15:51 - 2019-04-26 15:51 - 000107168 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-04-26 15:51 - 2019-04-26 15:51 - 000085232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-04-26 15:51 - 2019-04-26 15:51 - 000064088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-04-25 18:58 - 2019-04-25 18:58 - 000000000 ____D C:\Users\Dolly\AppData\Local\ESET
2019-04-25 18:57 - 2019-04-25 18:57 - 007666296 _____ (ESET spol. s r.o.) C:\Users\Dolly\Downloads\ESETOnlineScanner_ESL.exe
2019-04-25 18:46 - 2019-04-25 18:46 - 000001200 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-04-25 18:46 - 2019-04-25 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-04-25 18:46 - 2019-04-25 18:46 - 000000000 ____D C:\Program Files\VS Revo Group
2019-04-25 18:45 - 2019-04-25 18:45 - 007127416 _____ (VS Revo Group ) C:\Users\Dolly\Downloads\revosetup.exe
2019-04-25 18:38 - 2019-04-25 18:38 - 000031478 _____ C:\Windows\system32\avgremover_msilog.txt
2019-04-25 18:37 - 2019-04-25 18:39 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-04-25 18:32 - 2019-04-25 18:33 - 012240240 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Dolly\Downloads\avgclear.exe
2019-04-25 15:40 - 2019-04-25 15:40 - 000000000 ____D C:\Users\Dolly\Desktop\FRST-OlderVersion
2019-04-25 10:03 - 2019-04-25 18:36 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-04-24 20:14 - 2019-04-24 20:14 - 000036193 _____ C:\Users\Dolly\Desktop\UsbFix_Report.txt
2019-04-24 20:06 - 2019-04-24 20:08 - 000001846 _____ C:\Users\Dolly\Desktop\UsbFix Anti-Malware.lnk
2019-04-24 20:06 - 2019-04-24 20:07 - 000000000 ____D C:\Program Files\UsbFix
2019-04-24 20:05 - 2019-04-24 20:05 - 004763288 _____ (SOSVirus) C:\Users\Dolly\Downloads\UsbFix_2019_11.014.exe
2019-04-24 17:14 - 2019-04-25 15:47 - 000084029 _____ C:\Users\Dolly\Desktop\Addition.txt
2019-04-24 17:11 - 2019-04-26 16:02 - 000014120 _____ C:\Users\Dolly\Desktop\FRST.txt
2019-04-24 17:11 - 2019-04-26 16:00 - 000000000 ____D C:\FRST
2019-04-24 17:09 - 2019-04-25 15:40 - 001788928 _____ (Farbar) C:\Users\Dolly\Desktop\FRST.exe
2019-04-23 16:48 - 2019-04-23 16:48 - 000006436 _____ C:\Users\Dolly\Desktop\ZHPCleaner (R).txt
2019-04-23 16:26 - 2019-04-23 16:26 - 000007410 _____ C:\Users\Dolly\Desktop\ZHPCleaner (S).txt
2019-04-23 15:47 - 2019-04-23 16:48 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\ZHP
2019-04-23 15:47 - 2019-04-23 15:47 - 000000840 _____ C:\Users\Dolly\Desktop\ZHPCleaner.lnk
2019-04-23 15:47 - 2019-04-23 15:47 - 000000000 ____D C:\Users\Dolly\AppData\Local\ZHP
2019-04-23 15:46 - 2019-04-23 15:46 - 003133312 _____ C:\Users\Dolly\Downloads\ZHPCleaner.exe
2019-04-22 20:03 - 2019-04-22 20:03 - 000000000 ____D C:\Users\Dolly\AppData\Local\mbamtray
2019-04-22 20:03 - 2019-04-22 20:03 - 000000000 ____D C:\Users\Dolly\AppData\Local\mbam
2019-04-22 20:02 - 2019-04-23 15:51 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-04-22 20:02 - 2019-04-22 20:02 - 000002033 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-22 20:02 - 2019-04-22 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-22 20:02 - 2019-04-22 20:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-22 20:02 - 2019-04-22 20:02 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-22 19:47 - 2019-04-22 19:50 - 064309056 _____ (Malwarebytes ) C:\Users\Dolly\Downloads\mb3-setup-009996.009996-3.7.1.2839-1.0.538-1.0.9074.exe
2019-04-22 19:17 - 2019-04-22 19:18 - 000000000 ____D C:\AdwCleaner
2019-04-22 19:16 - 2019-04-22 19:17 - 007025360 _____ (Malwarebytes) C:\Users\Dolly\Downloads\adwcleaner_7.3.exe
2019-04-17 18:38 - 2019-04-15 15:52 - 000134081 _____ C:\Users\Dolly\Desktop\sobre-la-constitucin-del-estado-constitucional.pdf
2019-04-03 20:03 - 2019-04-03 20:03 - 000000000 ____D C:\Users\Dolly\Desktop\POLICIAS

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-26 15:55 - 2011-04-11 20:30 - 000747230 _____ C:\Windows\system32\perfh00A.dat
2019-04-26 15:55 - 2011-04-11 20:30 - 000158670 _____ C:\Windows\system32\perfc00A.dat
2019-04-26 15:55 - 2010-11-20 16:01 - 001675926 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-26 15:55 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\inf
2019-04-26 15:51 - 2009-07-13 23:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-26 13:59 - 2009-07-13 23:34 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-26 13:59 - 2009-07-13 23:34 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-25 19:45 - 2019-03-12 16:01 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\AIMP
2019-04-25 18:38 - 2015-07-09 21:09 - 000000000 ____D C:\Program Files\Common Files\AV
2019-04-24 17:50 - 2015-07-09 20:45 - 000002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-23 15:53 - 2015-11-02 10:36 - 000000000 ____D C:\Windows\Minidump
2019-04-02 15:12 - 2018-11-29 18:13 - 000000000 ____D C:\Users\Dolly\Desktop\YENNY MURILLO 20
2019-04-02 15:10 - 2016-04-19 10:11 - 000000000 ____D C:\Users\Dolly\Desktop\apertura
2019-04-02 15:06 - 2016-02-01 09:58 - 000000000 ____D C:\Users\Dolly\Desktop\ELISEO
2019-04-02 14:23 - 2015-11-06 10:19 - 000000000 ____D C:\Users\Dolly\Desktop\Formalizaciones

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\User32.dll
[2010-11-20 16:29] - [2010-11-20 16:29] - 000811520 _____ (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1


LastRegBack: 2019-04-24 16:42
==================== End of FRST.txt ============================
1 me gusta

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-04-2019
Ran by Dolly (26-04-2019 16:03:00)
Running from C:\Users\Dolly\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2015-07-10 00:52:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1986104296-3163790973-3246301206-500 - Administrator - Disabled)
Dolly (S-1-5-21-1986104296-3163790973-3246301206-1000 - Administrator - Enabled) => C:\Users\Dolly
HomeGroupUser$ (S-1-5-21-1986104296-3163790973-3246301206-1002 - Limited - Enabled)
Invitado (S-1-5-21-1986104296-3163790973-3246301206-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Reader XI  MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AIMP (HKLM\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Apple Application Support (32 bits) (HKLM\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{ABDE67C4-5876-4CDB-82A9-0CBACECC1C4A}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{9F8E6025-423A-2A9F-3951-71E9BE2A85E7}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.9.626 - AVG Technologies)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM\...\{ED468F84-6B55-4FFD-A0C2-3C2064696A88}) (Version: 3.40.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CyberLink YouCam 5 (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.108 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
IrfanView 4.51 (32-bit) (HKLM\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{869A9D9A-54D2-43E6-BB88-201902C9210E}) (Version: 12.9.3.3 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
UsbFix Anti-Malware Premium (HKLM\...\Usbfix) (Version: 11.0.1.4 - SOSVirus (SOSVirus.Net))
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WMPKeys (HKLM\...\{5D4B3647-9842-4875-B081-EF8D98C02865}) (Version: 1.2.0.0 - lazymf and kbept)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{9B61F641-7794-4322-BF6A-E45EFD6C8D7C}\InprocServer32 -> C:\Program Files\WMPKeys\wmpkeys.dll (lazymf and kbept) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2019-03-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2019-03-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2010-11-20 16:29 - 2010-11-20 16:29 - 000811520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2011-05-24 23:17 - 2011-05-24 23:17 - 000294400 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2011-05-24 23:17 - 2011-05-24 23:17 - 000065024 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-07-09 22:50 - 2012-06-09 19:20 - 000167936 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2010-08-23 16:11 - 2010-08-23 16:11 - 000299008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2011-05-24 23:48 - 2011-05-24 23:48 - 000095744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000022016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2014-10-23 14:19 - 2014-10-23 14:19 - 000057344 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1034.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-22 20:02 - 2019-04-23 15:51 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-23 15:51 - 2019-04-23 15:51 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2010-09-28 15:33 - 2010-09-28 15:33 - 000299008 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2011-05-24 23:47 - 2011-05-24 23:47 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000057344 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2011-04-21 16:40 - 2011-04-21 16:40 - 000080896 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000034816 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000042496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2009-04-22 12:13 - 2009-04-22 12:13 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2010-03-04 00:27 - 2010-03-04 00:27 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2010-10-07 13:07 - 2010-10-07 13:07 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000290816 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000167936 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2009-06-17 05:27 - 2009-06-17 05:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000025088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000240128 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000033792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
2009-12-08 06:49 - 2009-12-08 06:49 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2007-08-09 16:58 - 2007-08-09 16:58 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000043520 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2008-12-30 11:04 - 2008-12-30 11:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2009-04-22 12:13 - 2009-04-22 12:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2010-11-05 14:18 - 2010-11-05 14:18 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2009-01-20 13:51 - 2009-01-20 13:51 - 000007168 _____ ( ) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2011-05-24 23:17 - 2011-05-24 23:17 - 000036864 _____ (AMD) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.Implementation.dll
2011-05-24 23:17 - 2011-05-24 23:17 - 000095232 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000259584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000192512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.es_Localization.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000389120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 001200640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000421888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000168960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2011-03-14 14:21 - 2011-03-14 14:21 - 000016384 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000131072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000966656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000027648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 002045440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000345600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000243712 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 002452992 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000774144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000159744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 001259520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000048128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000266240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000524288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2015-07-09 20:35 - 000000921 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Calibre2\
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Web TuneUp\vprot.exe"
MSCONFIG\startupreg: YouCam Service => "C:\Program Files\CyberLink\YouCam\YouCamService.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FDAF9B63-4FDD-43B7-BBBF-779788513291}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe No File
FirewallRules: [{AA20C00E-33EA-4898-A72A-30285C9BF59E}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe No File
FirewallRules: [{61F73C36-DB7D-4A9B-B21A-E9FE63EA0804}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{80D6B706-6E51-48E7-B347-309098822B14}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{7F123ABF-3988-4A8F-9288-FA18F81708A0}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{88948062-A078-42D2-A510-EA4A921FAB46}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{1DE4C843-5BB9-49D8-B65E-FB2B579FEDC3}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{F26B557D-6F53-47CB-8EDC-8C7B90336743}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe No File
FirewallRules: [{3D32AB55-F707-4D62-AD40-7E199C4455C8}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe No File
FirewallRules: [{FE540893-B05D-4E8A-868D-E29EBE56853A}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe No File
FirewallRules: [{AF4809AB-B82C-4AA4-A468-4854DC8F5513}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe No File
FirewallRules: [{E833186B-1F12-4692-9D27-5DCC5FFEBECB}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EC62B2CC-1F93-4178-9A07-979F410C19E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{38FF9AD7-0042-4601-9B37-03F4B7D388A2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{75D11145-D199-4A44-A915-D0A39BC93928}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CF935B67-F3E3-469A-BB47-D873C96A3C43}] => (Allow) LPort=1688
FirewallRules: [{80732A6F-BF2A-44A3-A15E-D460ABFC168C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

28-02-2019 18:10:25 Punto de control programado
07-03-2019 20:57:51 Punto de control programado
15-03-2019 17:54:36 Punto de control programado
27-03-2019 19:20:08 Punto de control programado
16-04-2019 18:10:22 Punto de control programado
25-04-2019 18:50:20 Revo Uninstaller's restore point - USB Disk Security

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/26/2019 03:52:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/26/2019 01:16:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/26/2019 10:43:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/25/2019 06:50:18 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {8576346f-d6ee-4834-9430-cb2cad0e85db}

Error: (04/25/2019 06:41:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/25/2019 06:38:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/25/2019 06:36:33 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (04/25/2019 06:36:33 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x8007043C


System errors:
=============
Error: (04/26/2019 03:51:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (04/26/2019 03:51:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Service KMSELDI no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/26/2019 01:58:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/26/2019 01:15:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (04/26/2019 01:15:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Service KMSELDI no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/26/2019 12:42:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/26/2019 10:42:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (04/26/2019 10:42:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Service KMSELDI no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


==================== Memory info =========================== 

BIOS: Insyde Corp. R0190Z7 09/09/2011
Motherboard: Sony Corporation VAIO
Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 79%
Total physical RAM: 1642.9 MB
Available physical RAM: 331.66 MB
Total Virtual: 3285.8 MB
Available Virtual: 1098.38 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:112.99 GB) (Free:72.16 GB) NTFS
Drive d: (Datos) (Fixed) (Total:352.67 GB) (Free:337.66 GB) NTFS

\\?\Volume{f745c7c4-269b-11e5-ac6a-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: BB27E94F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=352.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
1 me gusta

Hola @Brayand_Chacaltana

Realiza lo siguiente:

1.- Desinstala con Revo Uninstaller en su Modo Avanzado:

  • AVG Web TuneUp, Java 8 Update 45

O cualquier otra versión obsoleta de Java.

Manual de Revo Uninstaller.

2.- Actualiza Java a su ultima versión:

Java 8 Versión 211

Luego sigue estos pasos:

3.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

4.- Desactiva Temporalmente tu antivirus.

5.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [AvgUi] => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
C:\Program Files\AVG
HKLM\...\Run: [vProt] => "C:\Program Files\AVG Web TuneUp\vprot.exe"
C:\Program Files\AVG Web TuneUp
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [radsuperloaver] => C:\streamerdata\streamer.exe  /AutoIt3ExecuteScript "C:\streamerdata\ghghghf.zip"
C:\streamerdata
Task: {A2F46567-247E-40DD-A947-76FFA7E12B3B} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {85539B48-FAAD-465B-A4F4-96D5DBC311C5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> DefaultScope {B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> {B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> {F0EB293B-E47D-4203-9CD6-8CF22BF3E945} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @avg.com/AVG SiteSafety plugin, version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
C:\Program Files\Common Files\AVG Secure Search
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2015-07-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
S3 EverestDriver; \??\G:\$Correcto\Install\DVD_01 Install 2015\Everest Ultimate\kerneld.wnt [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-04-25 18:38 - 2019-04-25 18:38 - 000031478 _____ C:\Windows\system32\avgremover_msilog.txt
2019-04-25 18:37 - 2019-04-25 18:39 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-04-25 18:32 - 2019-04-25 18:33 - 012240240 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Dolly\Downloads\avgclear.exe
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Web TuneUp\vprot.exe"
FirewallRules: [{FDAF9B63-4FDD-43B7-BBBF-779788513291}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe No File
FirewallRules: [{AA20C00E-33EA-4898-A72A-30285C9BF59E}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe No File
FirewallRules: [{F26B557D-6F53-47CB-8EDC-8C7B90336743}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe No File
FirewallRules: [{3D32AB55-F707-4D62-AD40-7E199C4455C8}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe No File
FirewallRules: [{FE540893-B05D-4E8A-868D-E29EBE56853A}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe No File
FirewallRules: [{AF4809AB-B82C-4AA4-A468-4854DC8F5513}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe No File
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

1 me gusta

Buenas @SanMar , perdón por no haber contestado antes el tema, tuve que alejar de esta PC por una corta temporada jejeje

Aquí te dejo el reporte solicitado. Comento que ya no apareció más la ventana molesta por la cual inicié el tema. Muchas gracias!

Fix result of Farbar Recovery Scan Tool (x86) Version: 02-05-2019
Ran by Dolly (02-05-2019 14:37:00) Run:1
Running from C:\Users\Dolly\Desktop
Loaded Profiles: Dolly (Available Profiles: Dolly)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [AvgUi] => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
C:\Program Files\AVG
HKLM\...\Run: [vProt] => "C:\Program Files\AVG Web TuneUp\vprot.exe"
C:\Program Files\AVG Web TuneUp
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [radsuperloaver] => C:\streamerdata\streamer.exe  /AutoIt3ExecuteScript "C:\streamerdata\ghghghf.zip"
C:\streamerdata
Task: {A2F46567-247E-40DD-A947-76FFA7E12B3B} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {85539B48-FAAD-465B-A4F4-96D5DBC311C5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> DefaultScope {B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> {B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000 -> {F0EB293B-E47D-4203-9CD6-8CF22BF3E945} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @avg.com/AVG SiteSafety plugin, version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
C:\Program Files\Common Files\AVG Secure Search
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2015-07-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle America, Inc. -> Oracle Corporation)
S3 EverestDriver; \??\G:\$Correcto\Install\DVD_01 Install 2015\Everest Ultimate\kerneld.wnt [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-04-25 18:38 - 2019-04-25 18:38 - 000031478 _____ C:\Windows\system32\avgremover_msilog.txt
2019-04-25 18:37 - 2019-04-25 18:39 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-04-25 18:32 - 2019-04-25 18:33 - 012240240 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Dolly\Downloads\avgclear.exe
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Web TuneUp\vprot.exe"
FirewallRules: [{FDAF9B63-4FDD-43B7-BBBF-779788513291}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe No File
FirewallRules: [{AA20C00E-33EA-4898-A72A-30285C9BF59E}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe No File
FirewallRules: [{F26B557D-6F53-47CB-8EDC-8C7B90336743}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe No File
FirewallRules: [{3D32AB55-F707-4D62-AD40-7E199C4455C8}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe No File
FirewallRules: [{FE540893-B05D-4E8A-868D-E29EBE56853A}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe No File
FirewallRules: [{AF4809AB-B82C-4AA4-A468-4854DC8F5513}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe No File
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AvgUi" => removed successfully.
"C:\Program Files\AVG" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\vProt" => not found
"C:\Program Files\AVG Web TuneUp" => not found
"HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Software\Microsoft\Windows\CurrentVersion\Run\\radsuperloaver" => removed successfully.
"C:\streamerdata" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A2F46567-247E-40DD-A947-76FFA7E12B3B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2F46567-247E-40DD-A947-76FFA7E12B3B}" => removed successfully.
C:\Windows\System32\Tasks\AVG EUpdate Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG EUpdate Task" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85539B48-FAAD-465B-A4F4-96D5DBC311C5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85539B48-FAAD-465B-A4F4-96D5DBC311C5}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" => removed successfully.
"HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} => removed successfully.
HKLM\Software\Classes\CLSID\{B6B36D2F-B08C-4D6D-B2F9-F9128329AF6E} => not found
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F0EB293B-E47D-4203-9CD6-8CF22BF3E945} => removed successfully.
HKLM\Software\Classes\CLSID\{F0EB293B-E47D-4203-9CD6-8CF22BF3E945} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully.
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully.
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully.
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully.
HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin, version=11.0.0.1,application/x-avg-sitesafety-plugin => not found
"C:\Program Files\Common Files\AVG Secure Search" => not found
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2015-07-09] (Oracle America, Inc." => not found
"C:\Windows\system32\npDeployJava1.dll" => not found
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle America, Inc." => not found
"C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll" => not found
HKLM\System\CurrentControlSet\Services\EverestDriver => removed successfully.
EverestDriver => service removed successfully.
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully.
VGPU => service removed successfully.
C:\Windows\system32\avgremover_msilog.txt => moved successfully
C:\Program Files\Common Files\AVG => moved successfully
C:\Users\Dolly\Downloads\avgclear.exe => moved successfully
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removed successfully.
"BVTFilter" => removed successfully.
"BVTConsumer" => removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring => removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vProt => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FDAF9B63-4FDD-43B7-BBBF-779788513291}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AA20C00E-33EA-4898-A72A-30285C9BF59E}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F26B557D-6F53-47CB-8EDC-8C7B90336743}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D32AB55-F707-4D62-AD40-7E199C4455C8}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE540893-B05D-4E8A-868D-E29EBE56853A}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF4809AB-B82C-4AA4-A468-4854DC8F5513}" => removed successfully.

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::ac7f:b75e:9b82:baf4%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.43.101
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.43.1

Adaptador de t£nel isatap.{1AB6BB58-D71E-408A-8CBF-0D7D98449406}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{957B07AB-75BD-4614-A32E-18758E355809}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{DF7D4A36-592C-4B74-804D-C443FA2C7DE3}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25988387 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2486879 B
Edge => 0 B
Chrome => 113762676 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16674 B
LocalService => 0 B
NetworkService => 4464 B
Dolly => 11516051 B

RecycleBin => 895437 B
EmptyTemp: => 155.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:38:31 ====
1 me gusta

Hola @Brayand_Chacaltana

Que bueno!!

Para terminar Descargas >> [size=2]Delfix[/size], a tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


Para otros problemas, ya sabes donde encontrarnos…:+1:

Tema Solucionado

Salu2.

1 me gusta