Memoria RAM al 100%, cuando no hay nada abierto

Buenas, tengo este problema desde hoy en una de las PC del trabajo.

Hoy cuando la encendí, la PC me andaba muy lento: todo demoraba para abrir y había lucho lag. Cuando abrí el adm de tareas, vi esto:

Tuve que tomar la foto desde mi teléfono sin captura de pantalla porque la PC esta imposible, no se puede hacer nada.

No se que hacer, gracias de antemano por la respuesta.

Hola @Brayand_Chacaltana

Danos mas datos.

1.- Portátil o Sobremesa?

2.- Marca y Modelo de tu equipo?

3.- Sistema Operativo - Versión?


Para descartar que sea infección realiza los pasos que te dejo mas abajo, pero en Modo Seguro con Red.

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad. No es necesario en Modo Seguro

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos:

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado marcando todas las unidades
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner , ZHPCleaner y Malwarebytes.

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2.

Buenas @SanMar, perdon por la demora en la respuesta, el analisis sobre todo de Malwarebytes Antimalware tomó la vida en completarse jajajaja!

Es un portátil, Sony Vaio, y tiene Windows 7 Ultimate.

Dejo los reportes solicitados:

ADWCLEANER

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    07-11-2019
# Duration: 00:00:01
# OS:       Windows 7 Ultimate
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted       C:\Users\Dolly\Downloads\DriverToolkitInstaller.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1311 octets] - [11/07/2019 18:04:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

ZHPCLEANER

~ ZHPCleaner v2019.7.11.96 by Nicolas Coolman (2019/07/11)
~ Run by Dolly (Administrator)  (11/07/2019 17:57:44)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\Dolly\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Dolly\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)

---\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados. (ADS)

---\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados. (Servicio)

---\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados. (Navegador)

---\  Hosts carpeta (1)
~ El archivo hosts es legítimo (1)

---\  Tareas automáticas programadas. (1)
BORRADOS tareas: [DriverToolkit Autorun] [C:\Windows\Tasks\DriverToolkit Autorun.job (Not File) ]  =>.SUP.DriverToolkit

---\  Explorador ( Archivos, Carpetas ) (17)
MOVIDO carpeta: C:\Users\Public\Desktop\DriverToolkit.lnk  [Bad : C:\Program Files\DriverToolkit\DriverToolkit.exe](.Megaify Software Co., Ltd..)  =>.SUP.DriverToolkit
MOVIDO carpeta: C:\Windows\Tasks\DriverToolkit Autorun.job    =>.SUP.DriverToolkit
MOVIDO carpeta: C:\Windows\Installer\wix{C74DCAC0-DDB3-4135-A70C-0553BF9490BC}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta: C:\Users\Dolly\AppData\Local\Temp\CVR11BF.tmp.cvr    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Dolly\AppData\Local\Temp\CVR19F5.tmp.cvr    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Dolly\AppData\Local\Temp\CVR77ED.tmp.cvr    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Dolly\AppData\Local\Temp\CVRAA52.tmp.cvr    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Dolly\AppData\Local\Temp\CVRDD76.tmp.cvr    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Dolly\AppData\Local\Temp\CVREE92.tmp.cvr    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Dolly\AppData\Local\Temp\~DF01DD682397F75EBE.TMP    =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Dolly\AppData\Local\Temp\~DF4077F7360E35F71C.TMP    =>.SUP.Temporary.Other
MOVIDO archivo: C:\Program Files\DriverToolkit  =>.SUP.DriverToolkit
MOVIDO archivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit  =>.SUP.DriverToolkit
MOVIDO archivo: C:\Users\Dolly\AppData\Local\DriverToolkit  =>.SUP.DriverToolkit
MOVIDO archivo: C:\Users\Dolly\AppData\LocalLow\EmieBrowserModeList  =>.SUP.Empty
MOVIDO archivo: C:\Users\Dolly\AppData\LocalLow\EmieSiteList  =>.SUP.Empty
MOVIDO archivo: C:\Users\Dolly\AppData\LocalLow\EmieUserList  =>.SUP.Empty

---\  Registro ( Claves, Valores, Datos) (97)
BORRADOS clave*: HKEY_USERS\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\DriverToolkit []  =>.SUP.DriverToolkit
BORRADOS clave**: HKCU\Software\DriverToolkit []  =>.SUP.DriverToolkit
BORRADOS clave*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1 [Megaify Software]  =>.SUP.Megaify
BORRADOS clave*: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverToolkit Autorun []  =>.SUP.DriverToolkit
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows Media Player\wmplayer.exe [Reproductor de Windows Media]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\program files\winamp\winamp.exe [Winamp]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\VideoLAN\VLC\vlc.exe [VLC media player]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Google\Chrome\Application\chrome.exe [Google Chrome]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe [Adobe Reader ]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Internet Explorer\iexplore.exe [Internet Explorer]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\iTunes\iTunes.exe [iTunes]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\IrfanView\i_view32.exe [IrfanView 32-bit]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\PROGRA~1\MICROS~2\Office14\OIS.EXE [Microsoft Office 2010]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows Photo Viewer\PhotoViewer.dll [Visualizador de fotos de Windows]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe [Microsoft Visual Studio Version Selector]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Microsoft Office\Office14\WINWORD.EXE [Microsoft Word]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows NT\Accessories\WORDPAD.EXE [WordPad]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Dolly\Downloads\avg_free_stb_all_2015_5315_ppc1 (1).exe [AVG Setup Self-Extractor based on 7-Zip]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Dolly\Downloads\aimp_4.51.2084.exe [AIMP Setup]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Dolly\Downloads\A2DVID-00252643-0041.EXE [A2DVID-00252643-0041]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe [MPC-HC]  =>.SUP.Orphan.MUICache
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\Antispam\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\log\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\IDS\config\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\IDS\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\avi\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\Cfg\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\lsdb\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\lsdb\prev\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\Chjw\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\admincli\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\Content\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\Notification\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\myapps\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\$AVG\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\$AVG\$VAULT\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\$AVG\$CHJW\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG2015\DB\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\3rd_party\licenses\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\3rd_party\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\Drivers\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\Drivers\Win8\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\html\reportcard\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\html\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\banners\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\driverupdate\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\driverupdate\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\familysafety\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\familysafety\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\firewallicon\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\firewallicon\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\livekive\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\livekive\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\mobile\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\mobile\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\mobile-ps\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\mobile-ps\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\multiscreen-pd\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\multiscreen-pd\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\multiscreen-tr\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\multiscreen-tr\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\pct.an\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\pct.an\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\pct.ok\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\pct.ok\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\sounds\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\tablet\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\tablet\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\tablet-ps\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\tablet-ps\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\techbuddy\component\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\awacs\techbuddy\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\AVG2015\Tuneup\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\Framework\Common\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\Framework\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\Framework\1\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG\log\fmw1\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\AVG\log\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\Zen\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Avg\log\zen1\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Avg\Diag\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\Zen\3rd_party\licenses\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\Zen\3rd_party\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Bluetooth Suite\help_normal\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Bluetooth Suite\help_fujisu\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Bluetooth Suite\Modules\HID\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Sony\Vegas Pro 11.0\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Sony\Vegas Pro 11.0\FileIO Plug-Ins\ac3plug\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Sony\Vegas Pro 11.0\FileIO Plug-Ins\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Sony\Vegas Pro 11.0\FileIO Plug-Ins\ac3plug\ac3market\ [No Folder]  =>.SUP.Obsolete.NoFolder
BORRADOS valor: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Sony\Vegas Pro 11.0\External Control Drivers\ [No Folder]  =>.SUP.Obsolete.NoFolder

---\  Resumen de elementos en su estación de trabajo (7)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.DriverToolkit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Other
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Megaify
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Orphan.MUICache
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.NoFolder

---\ Limpieza adicional. (5)
~ Clave de registro Tracing borrados (3)
~ Quitar los antiguos informes de ZHPCleaner. (2)

---\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ falta este navegador! (Mozilla Firefox)
~ falta este navegador! (Opera Software)

---\ STATISTIQUES
~ Items escaneado : 557
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 12/12
~ Ahorro de espacio (bytes) : 32768
~ End of clean in 00h00mn26s

---\  Reporte (2)
ZHPCleaner-[S]-11072019-17_56_54.txt
ZHPCleaner-[R]-11072019-17_58_10.txt

MALWAREBYTES ANTIMALWARE

   Malwarebytes
    www.malwarebytes.com
    -Detalles del registro-
    Fecha del análisis: 12/7/19
    Hora del análisis: 2:54
    Archivo de registro: 41ef0c90-a47a-11e9-81c4-f0bf97901a8d.json

    -Información del software-
    Versión: 3.8.3.2965
    Versión de los componentes: 1.0.613
    Versión del paquete de actualización: 1.0.11502
    Licencia: Prueba

    -Información del sistema-
    SO: Windows 7 Service Pack 1
    CPU: x86
    Sistema de archivos: NTFS
    Usuario: System

    -Resumen del análisis-
    Tipo de análisis: Análisis de amenazas
    Análisis iniciado por:: Programador de tareas
    Resultado: Completado
    Objetos analizados: 189485
    Amenazas detectadas: 4
    Amenazas en cuarentena: 4
    Tiempo transcurrido: 9 min, 4 seg

    -Opciones de análisis-
    Memoria: Activado
    Inicio: Activado
    Sistema de archivos: Activado
    Archivo: Activado
    Rootkits: Desactivado
    Heurística: Activado
    PUP: Detectar
    PUM: Detectar

    -Detalles del análisis-
    Proceso: 0
    (No hay elementos maliciosos detectados)

    Módulo: 0
    (No hay elementos maliciosos detectados)

    Clave del registro: 1
    PUP.Optional.DriverToolkit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1F0D7256-97D7-4CF3-B39E-8E9624B2B415}, En cuarentena, [1024], [559429],1.0.11502

    Valor del registro: 1
    PUP.Optional.DriverToolkit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1F0D7256-97D7-4CF3-B39E-8E9624B2B415}|PATH, En cuarentena, [1024], [559429],1.0.11502

    Datos del registro: 0
    (No hay elementos maliciosos detectados)

    Secuencia de datos: 0
    (No hay elementos maliciosos detectados)

    Carpeta: 0
    (No hay elementos maliciosos detectados)

    Archivo: 2
    PUP.Optional.DriverToolkit, C:\USERS\DOLLY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\DRIVERTOOLKIT\DRIVERTOOLKIT.EXE, En cuarentena, [1024], [512879],1.0.11502
    PUP.Optional.InstallCore, C:\USERS\DOLLY\DOWNLOADS\BLUETOOTHDRIVERINSTALLER_0108278239.EXE, En cuarentena, [446], [579700],1.0.11502

    Sector físico: 0
    (No hay elementos maliciosos detectados)

    WMI: 0
    (No hay elementos maliciosos detectados)

    (end)

Hola @Brayand_Chacaltana

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Buenas @SanMar, te dejo los reportes solicitados:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-07-2019
Ran by Dolly (administrator) on MASTERVAIO (Sony Corporation VPCYB35AL) (14-07-2019 13:27:23)
Running from C:\Users\Dolly\Downloads
Loaded Profiles: Dolly &  (Available Profiles: Dolly)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1873192 2011-01-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [BtTray] => C:\Program Files\Bluetooth Suite\BtTray.exe [851584 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-07-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [123520 2014-09-18] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [flaterem] => C:\streamer\streamer.exe [862216 2017-12-08] (Alfredo Anibal Santos Silva -> Carifred)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\MountPoints2: {46776bba-8639-11e9-ab88-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\MountPoints2: {5a752ef6-7757-11e9-a592-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\Run: [flaterem] => C:\streamer\streamer.exe [862216 2017-12-08] (Alfredo Anibal Santos Silva -> Carifred)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: {46776bba-8639-11e9-ab88-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: {5a752ef6-7757-11e9-a592-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files\CyberLink\YouCam\CLCredProv\x86\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files\CyberLink\YouCam\CLCredProv\x86\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B44FD86-D8BE-4551-A858-F2B0BF732BB7} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {0E6FE292-9936-494C-9925-C7A8CDEDC6D4} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1722880 2019-06-25] () [File not signed]
Task: {2163EBA2-87B1-4D0D-AB6F-569A5AA36894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-07-09] (Google Inc -> Google Inc.)
Task: {294B02A3-0105-4B69-AEAA-9D1BEE7A2A97} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {85454358-F211-4B74-80D1-8375C55166DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-07-09] (Google Inc -> Google Inc.)
Task: {B93C6B93-AE94-494A-8803-EF38A499530D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3228552 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {BBB0B46D-9B5B-44F6-BA76-D735D86CC1B5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1913648 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {C01ED511-B991-4CE8-8825-E78D98089B7A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [192704 2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Dolly\Downloads\adwcleaner_7.3.exe
Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{DF7D4A36-592C-4B74-804D-C443FA2C7DE3}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com.pe/"
CHR Profile: C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default [2019-07-14]
CHR Extension: (Presentaciones) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-24]
CHR Extension: (Documentos) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-24]
CHR Extension: (Google Drive) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-15]
CHR Extension: (YouTube) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-05]
CHR Extension: (Búsqueda de Google) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-09]
CHR Extension: (Hojas de cálculo) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-20]
CHR Extension: (Avast Online Security) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-05]
CHR Extension: (Gmail) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5551168 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [272000 2014-09-18] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [365048 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-03-01] (Microsoft Windows -> Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7800832 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [245760 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34696 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [174472 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225816 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171216 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56504 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [214944 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40904 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [140080 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101192 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73008 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783232 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403952 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167576 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312968 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [77952 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [100880 2011-06-20] (ATI Technologies, Inc -> Advanced Micro Devices)
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [292992 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
S3 btath_avdt; C:\Windows\System32\drivers\btath_avdt.sys [96896 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [25728 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [156288 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [64640 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [117888 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
S1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-13] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [173512 2019-07-14] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [190624 2019-07-14] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64296 2019-07-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [241760 2019-07-14] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [86768 2019-07-14] (Malwarebytes Corporation -> Malwarebytes)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [9344 2007-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-14 13:27 - 2019-07-14 13:29 - 000022656 _____ C:\Users\Dolly\Downloads\FRST.txt
2019-07-14 13:27 - 2019-07-14 13:27 - 000000000 ____D C:\FRST
2019-07-14 13:26 - 2019-07-14 13:26 - 001446912 _____ (Farbar) C:\Users\Dolly\Downloads\FRST.exe
2019-07-14 13:08 - 2019-07-14 13:08 - 000190624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-07-14 13:08 - 2019-07-14 13:08 - 000086768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-07-14 13:08 - 2019-07-14 13:08 - 000064296 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-07-14 13:07 - 2019-07-14 13:20 - 000241760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-14 13:07 - 2019-07-14 13:07 - 000000000 ___RD C:\Users\Dolly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2019-07-12 17:10 - 2019-07-12 17:10 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\AVAST Software
2019-07-12 17:09 - 2019-07-12 17:09 - 000002012 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-07-12 17:09 - 2019-07-12 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-07-12 16:41 - 2019-07-11 17:24 - 000312200 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-12 16:07 - 2019-07-12 16:07 - 000002089 _____ C:\Users\Dolly\Desktop\reporte malware.txt
2019-07-11 18:08 - 2019-07-14 13:20 - 000153756 _____ C:\Windows\ntbtlog.txt
2019-07-11 18:07 - 2019-07-11 18:07 - 000000284 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-07-11 18:03 - 2019-07-11 18:07 - 000000000 ____D C:\AdwCleaner
2019-07-11 18:01 - 2019-07-11 18:02 - 000020322 _____ C:\Users\Dolly\Desktop\ZHPCleaner.txt
2019-07-11 17:58 - 2019-07-11 17:58 - 000020333 _____ C:\Users\Dolly\Desktop\ZHPCleaner (R).txt
2019-07-11 17:56 - 2019-07-11 17:56 - 000021827 _____ C:\Users\Dolly\Desktop\ZHPCleaner (S).txt
2019-07-11 17:28 - 2019-07-11 17:28 - 000000801 _____ C:\Users\Dolly\Desktop\ZHPCleaner.lnk
2019-07-11 17:24 - 2019-07-11 17:24 - 000783232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000403952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000312968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000214944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000174472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000171216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000167576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000140080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000101192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000073008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000056504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000040904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000034696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-07-11 17:22 - 2019-07-11 17:22 - 000000000 ____D C:\Program Files\AVAST Software
2019-07-11 17:21 - 2019-07-11 17:24 - 000000000 ____D C:\ProgramData\AVAST Software
2019-07-11 17:21 - 2019-07-11 17:21 - 000000978 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-11 17:21 - 2019-07-11 17:21 - 000000300 ____H C:\Windows\Tasks\CCleaner Update.job
2019-07-11 17:20 - 2019-07-14 13:20 - 000173512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-07-11 17:20 - 2019-07-11 17:20 - 000002033 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-11 17:20 - 2019-07-11 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-11 17:19 - 2019-07-11 17:19 - 020638704 _____ (Piriform Software Ltd) C:\Users\Dolly\Downloads\ccsetup558.exe
2019-07-11 17:19 - 2019-07-11 17:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-11 17:19 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-07-11 17:18 - 2019-07-11 17:18 - 007025360 _____ (Malwarebytes) C:\Users\Dolly\Downloads\adwcleaner_7.3.exe
2019-07-11 17:18 - 2019-07-11 17:18 - 003140992 _____ (Nicolas Coolman) C:\Users\Dolly\Downloads\ZHPCleaner.exe
2019-07-11 17:17 - 2019-07-11 17:18 - 064525528 _____ (Malwarebytes ) C:\Users\Dolly\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11502.exe
2019-07-11 17:08 - 2019-07-11 17:08 - 000007606 _____ C:\Users\Dolly\AppData\Local\Resmon.ResmonCfg
2019-07-03 21:04 - 2014-05-14 11:23 - 001973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-07-03 21:04 - 2014-05-14 11:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-07-03 21:04 - 2014-05-14 11:23 - 000054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-07-03 21:04 - 2014-05-14 11:23 - 000045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-07-03 21:04 - 2014-05-14 11:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-07-03 21:04 - 2014-05-14 11:17 - 002425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-07-03 21:04 - 2014-05-14 11:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-07-03 21:03 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-07-03 21:03 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-07-02 00:05 - 2019-07-02 00:05 - 000000000 ____D C:\Users\Dolly\Tracing
2019-07-01 23:44 - 2019-07-01 23:44 - 000000000 ____D C:\Windows\es
2019-07-01 23:44 - 2014-03-31 21:36 - 000049856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2019-07-01 23:43 - 2019-07-01 23:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2019-07-01 23:43 - 2019-07-01 23:43 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2019-07-01 23:43 - 2019-07-01 23:43 - 000001413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2019-07-01 23:43 - 2019-07-01 23:43 - 000001329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2019-07-01 23:43 - 2019-07-01 23:43 - 000001260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2019-07-01 23:41 - 2019-07-01 23:44 - 000000000 ____D C:\Program Files\Windows Live
2019-07-01 23:41 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-07-01 23:41 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-07-01 23:41 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-07-01 23:41 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-07-01 23:39 - 2019-07-01 23:39 - 000002220 _____ C:\Users\Dolly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-07-01 23:39 - 2019-07-01 23:39 - 000002103 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-07-01 23:39 - 2019-07-01 23:39 - 000000000 ___RD C:\Users\Dolly\OneDrive
2019-07-01 23:39 - 2019-07-01 23:39 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2019-07-01 23:38 - 2019-07-01 23:38 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-07-01 23:37 - 2019-07-02 00:05 - 000000000 ____D C:\Users\Dolly\AppData\Local\Windows Live
2019-07-01 23:37 - 2019-07-01 23:37 - 000000000 ____D C:\Program Files\Common Files\Windows Live
2019-07-01 23:17 - 2019-07-01 23:19 - 139189424 _____ (Microsoft Corporation) C:\Users\Dolly\Downloads\Windows Essentials 2012.exe
2019-07-01 21:34 - 2019-07-11 17:29 - 000000000 ____D C:\Users\Dolly\Desktop\123
2019-07-01 21:34 - 2019-07-01 21:34 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\Publish Providers
2019-07-01 21:27 - 2019-07-02 17:39 - 000000000 ____D C:\Users\Dolly\AppData\Local\Sony
2019-07-01 21:27 - 2019-07-02 17:39 - 000000000 ____D C:\Program Files\Sony
2019-07-01 21:27 - 2019-07-01 21:27 - 000000000 ____D C:\ProgramData\Sony
2019-07-01 21:25 - 2019-07-01 21:58 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\Sony
2019-07-01 21:22 - 2019-07-01 21:24 - 208755954 _____ C:\Users\Dolly\Downloads\Sony Vegas Pro v11.0 Build 700 Final x86.rar
2019-06-26 17:58 - 2019-07-11 17:25 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\MPC-HC
2019-06-26 17:57 - 2019-06-26 17:57 - 000000000 ____D C:\Windows\system32\directx
2019-06-26 17:57 - 2019-06-26 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-06-26 17:57 - 2019-06-26 17:57 - 000000000 ____D C:\Program Files\K-Lite Codec Pack
2019-06-26 17:57 - 2018-01-28 04:00 - 000694784 _____ C:\Windows\system32\xvidcore.dll
2019-06-26 17:57 - 2018-01-28 04:00 - 000284672 _____ C:\Windows\system32\xvidvfw.dll
2019-06-26 17:57 - 2017-07-30 05:50 - 003850240 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll
2019-06-26 17:57 - 2015-10-24 11:00 - 000112128 _____ C:\Windows\system32\ff_vfw.dll
2019-06-26 17:57 - 2015-02-25 11:27 - 000473088 _____ (hxxp://www.mp3dev.org/) C:\Windows\system32\lameACM.acm
2019-06-26 17:57 - 2012-07-21 05:54 - 000122880 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2019-06-26 17:57 - 2012-05-21 16:48 - 000000415 _____ C:\Windows\system32\lame_acm.xml
2019-06-26 17:57 - 2011-12-07 12:32 - 000216064 _____ ( ) C:\Windows\system32\lagarith.dll
2019-06-26 17:57 - 2004-05-18 13:16 - 000039936 _____ (Disappearing Inc.) C:\Windows\system32\huffyuv.dll
2019-06-26 17:53 - 2019-06-26 17:54 - 059789295 _____ (KLCP ) C:\Users\Dolly\Downloads\K-Lite_Codec_Pack_1500_Mega.exe
2019-06-26 17:50 - 2019-06-26 19:00 - 000000000 ____D C:\Users\Dolly\Desktop\CASO EL PINTOR
2019-06-19 18:11 - 2019-06-19 18:11 - 001931730 _____ C:\Users\Dolly\Downloads\48591642-Litigacion-Penal-y-Juicio-Oral.pdf
2019-06-19 18:11 - 2019-06-19 18:11 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\Google

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-14 13:06 - 2009-07-13 23:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-12 18:04 - 2009-07-13 23:34 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-12 18:04 - 2009-07-13 23:34 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-12 17:10 - 2011-04-11 20:30 - 000747230 _____ C:\Windows\system32\perfh00A.dat
2019-07-12 17:10 - 2011-04-11 20:30 - 000158670 _____ C:\Windows\system32\perfc00A.dat
2019-07-12 17:10 - 2010-11-20 16:01 - 001675926 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-12 17:10 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\inf
2019-07-12 16:46 - 2019-06-11 18:49 - 000000000 _RSHD C:\streamer
2019-07-11 17:58 - 2019-04-23 15:47 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\ZHP
2019-07-11 17:21 - 2015-07-09 22:48 - 000000000 ____D C:\Program Files\CCleaner
2019-07-11 17:06 - 2019-06-11 18:49 - 000000000 _RSHD C:\streamerdata
2019-07-09 12:15 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\rescache
2019-07-02 00:05 - 2015-07-09 19:52 - 000000000 ____D C:\Users\Dolly
2019-07-01 23:43 - 2015-07-09 22:09 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2019-07-01 23:41 - 2009-07-13 21:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-01 21:58 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\LiveKernelReports
2019-07-01 16:26 - 2019-05-06 09:11 - 000000000 ____D C:\Users\Dolly\AppData\Local\ElevatedDiagnostics
2019-06-28 15:53 - 2009-07-13 23:53 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-06-26 20:57 - 2019-03-12 16:01 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\AIMP
2019-06-26 18:43 - 2015-07-09 22:50 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\vlc
2019-06-21 16:41 - 2015-07-09 20:45 - 000002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories ================

2019-07-11 17:08 - 2019-07-11 17:08 - 000007606 _____ () C:\Users\Dolly\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-03 10:12
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-07-2019
Ran by Dolly (14-07-2019 13:30:00)
Running from C:\Users\Dolly\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2015-07-10 00:52:17)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1986104296-3163790973-3246301206-500 - Administrator - Disabled)
Dolly (S-1-5-21-1986104296-3163790973-3246301206-1000 - Administrator - Enabled) => C:\Users\Dolly
HomeGroupUser$ (S-1-5-21-1986104296-3163790973-3246301206-1002 - Limited - Enabled)
Invitado (S-1-5-21-1986104296-3163790973-3246301206-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Reader XI  MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AIMP (HKLM\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Apple Application Support (32 bits) (HKLM\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{ABDE67C4-5876-4CDB-82A9-0CBACECC1C4A}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{9F8E6025-423A-2A9F-3951-71E9BE2A85E7}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BS FAG version 3.0 (HKLM\...\{1859C22D-2DA3-4A45-8659-D5124FB9FF88}_is1) (Version: 3.0 - Broto Suseno)
calibre (HKLM\...\{ED468F84-6B55-4FFD-A0C2-3C2064696A88}) (Version: 3.40.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
CyberLink YouCam 5 (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Galería de fotos (HKLM\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
IrfanView 4.51 (32-bit) (HKLM\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{869A9D9A-54D2-43E6-BB88-201902C9210E}) (Version: 12.9.3.3 - Apple Inc.)
Java 8 Update 211 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 15.0.0 (32-bit) (HKLM\...\KLiteCodecPack_is1) (Version: 15.0.0 - KLCP)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (HKLM\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Qualcomm Atheros 61x4 Bluetooth Suite (HKLM\...\{6B576143-BBF3-4F47-AC1E-6D37835D39E5}) (Version: 4.0.0.400 - Qualcomm Atheros Communications)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
Ultra MPEG-4 Converter 5.2.0603 (HKLM\...\Ultra MPEG-4 Converter_is1) (Version:  - Aone Software)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WMPKeys (HKLM\...\{5D4B3647-9842-4875-B081-EF8D98C02865}) (Version: 1.2.0.0 - lazymf and kbept)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554_Classes\CLSID\{9B61F641-7794-4322-BF6A-E45EFD6C8D7C}\InprocServer32 -> C:\Program Files\WMPKeys\wmpkeys.dll (lazymf and kbept) [File not signed]
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{9B61F641-7794-4322-BF6A-E45EFD6C8D7C}\InprocServer32 -> C:\Program Files\WMPKeys\wmpkeys.dll (lazymf and kbept) [File not signed]
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2019-03-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files\Bluetooth Suite\BtvAppExt.dll [2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files\Bluetooth Suite\ShellContextExt.dll [2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2019-03-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-09-18 21:21 - 2014-09-18 21:21 - 000027776 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\CommApi.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000170112 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\FolderViewImpl.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000028800 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\ipc.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000023680 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\TCPConnection.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000086656 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\utils.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:DBC416F8 [292]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2019-05-02 14:38 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Calibre2\;C:\Program Files\Windows Live\Shared
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: flaterem => C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: YouCam Service => "C:\Program Files\CyberLink\YouCam\YouCamService.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{8AA29F64-0770-4AAA-AF8A-259DF68E4EFF}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{19C18378-A97C-4E12-8C96-12350D0DD692}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{3A837D2B-A51B-4B94-B677-EDE8A2B0C41A}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{0A93544F-C554-47AD-8AF0-CE7AE1B388A5}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{9CB93013-EAC1-412F-B79C-CA0B50629AC0}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{3F229716-24F6-44A2-896E-1BA4009FC0FE}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{72D5D3C3-B3C6-4876-8035-2B24F21F869A}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{11FE586E-683C-4B48-8FB6-1828A07F564A}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CBA76857-11B6-4080-9ACB-474614A18B33}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3ADBE90B-E53D-4C99-B3A2-BE845CB694EA}] => (Allow) C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52CF29F3-A76B-42C2-BA66-9A323870229A}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{683664AC-5829-4DAF-B6AA-057966241FE3}] => (Allow) LPort=2869
FirewallRules: [{E4ED1BDA-5644-4C15-881B-FBF2BCF29A87}] => (Allow) LPort=1900
FirewallRules: [{EFCEC245-0C76-48C8-B73E-2EE2426BDF6F}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

16-05-2019 21:18:57 Punto de control programado
03-06-2019 16:38:20 Punto de control programado
17-06-2019 18:49:33 Punto de control programado
26-06-2019 16:22:54 Punto de control programado
01-07-2019 23:37:54 Windows Live Essentials
01-07-2019 23:39:53 Se ha instalado DirectX
01-07-2019 23:40:29 Se ha instalado DirectX
01-07-2019 23:40:58 Se ha instalado DirectX
01-07-2019 23:42:02 WLSetup
02-07-2019 17:34:44 Revo Uninstaller's restore point - Vegas Pro 11.0
02-07-2019 17:35:12 Removed Vegas Pro 11.0
03-07-2019 21:02:29 Windows Update
14-07-2019 13:11:22 Windows Update

==================== Faulty Device Manager Devices =============

Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2019 01:29:27 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (07/14/2019 01:23:27 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (07/14/2019 01:21:19 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (07/14/2019 01:19:26 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (07/14/2019 01:19:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x8007043C

Error: (07/12/2019 04:41:50 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/12/2019 04:41:49 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/12/2019 04:41:49 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.

Contexto: aplicación Windows

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (07/14/2019 01:27:15 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1068" al intentar iniciar el servicio BITS con argumentos "" para ejecutar el servidor:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (07/14/2019 01:27:06 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (07/14/2019 01:20:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error: 
El controlador no se cargó porque el sistema se está arrancando en modo a prueba de errores.

Error: (07/14/2019 01:19:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (07/14/2019 01:19:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (07/14/2019 01:19:48 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/14/2019 01:19:48 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/14/2019 01:19:45 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "" para ejecutar el servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}


==================== Memory info =========================== 

BIOS: Insyde Corp. R0190Z7 09/09/2011
Motherboard: Sony Corporation VAIO
Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 92%
Total physical RAM: 1642.9 MB
Available physical RAM: 129.1 MB
Total Virtual: 3285.8 MB
Available Virtual: 1226.62 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:112.99 GB) (Free:57.4 GB) NTFS
Drive d: (Datos) (Fixed) (Total:352.67 GB) (Free:337.24 GB) NTFS

\\?\Volume{f745c7c4-269b-11e5-ac6a-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: BB27E94F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=352.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola @Brayand_Chacaltana

Por alguna razón ejecutaste FRST en Modo Seguro con Red?


Ejecutaste FRST desde una ubicación incorrecta.

  • Running from C:\Users\Dolly\Downloads

Cortalo de la carpeta descargas y pegalo en tu escritorio.


Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Inicie su ordenador en >>> Modo Seguro con Red

Luego vaya a::

Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start
CloseProcesses:
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\MountPoints2: {46776bba-8639-11e9-ab88-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\MountPoints2: {5a752ef6-7757-11e9-a592-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: {46776bba-8639-11e9-ab88-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: {5a752ef6-7757-11e9-a592-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [112128 2015-10-24] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Dolly\Downloads\adwcleaner_7.3.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
2019-07-11 18:07 - 2019-07-11 18:07 - 000000284 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
AlternateDataStreams: C:\ProgramData\Temp:DBC416F8 [292]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

Nos comentas…

Salu2

Que tal @SanMar

Así, fue debido a que ahora estoy trabajando con la PC en modo seguro nomas, de otro modo realmente no se puede trabajar en la PC, la lentitud es demasiada.

Correcto, eso haré.

Dejo el reporte solicitado.

Fix result of Farbar Recovery Scan Tool (x86) Version: 15-07-2019 01
Ran by Dolly (15-07-2019 17:39:01) Run:1
Running from C:\Users\Dolly\Desktop
Loaded Profiles: Dolly (Available Profiles: Dolly)
Boot Mode: Safe Mode (with Networking)

==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\MountPoints2: {46776bba-8639-11e9-ab88-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\MountPoints2: {5a752ef6-7757-11e9-a592-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: {46776bba-8639-11e9-ab88-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: {5a752ef6-7757-11e9-a592-60d819ede91f} - E:\HiSuiteDownLoader.exe
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [112128 2015-10-24] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Dolly\Downloads\adwcleaner_7.3.exe
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
2019-07-11 18:07 - 2019-07-11 18:07 - 000000284 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
AlternateDataStreams: C:\ProgramData\Temp:DBC416F8 [292]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
"HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Software\Microsoft\Windows\CurrentVersion\Run\\strdat" => removed successfully.
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully.
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46776bba-8639-11e9-ab88-60d819ede91f} => removed successfully.
HKLM\Software\Classes\CLSID\{46776bba-8639-11e9-ab88-60d819ede91f} => not found
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a752ef6-7757-11e9-a592-60d819ede91f} => removed successfully.
HKLM\Software\Classes\CLSID\{5a752ef6-7757-11e9-a592-60d819ede91f} => not found
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: E - E:\HiSuiteDownLoader.exe => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: {46776bba-8639-11e9-ab88-60d819ede91f} - E:\HiSuiteDownLoader.exe => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\...\MountPoints2: {5a752ef6-7757-11e9-a592-60d819ede91f} - E:\HiSuiteDownLoader.exe => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.X264" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.HFYU" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.LAGS" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.XVID" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FFDS" => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
C:\Windows\Tasks\AdwCleaner_onReboot.job => moved successfully
"HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully.
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07142019132102554\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp => Error: No automatic fix found for this entry.
HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully.
HKLM\System\CurrentControlSet\Services\Service KMSELDI => removed successfully.
Service KMSELDI => service removed successfully.
"C:\Windows\Tasks\AdwCleaner_onReboot.job" => not found
C:\ProgramData\Temp => ":DBC416F8" ADS removed successfully.

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::ac7f:b75e:9b82:baf4%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.43.101
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.43.1

Adaptador de t£nel isatap.{44BD1599-7841-41E0-B9FB-15B0C59ED7B9}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{957B07AB-75BD-4614-A32E-18758E355809}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{DF7D4A36-592C-4B74-804D-C443FA2C7DE3}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16568499 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3217520 B
Edge => 0 B
Chrome => 10313320 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 2664 B
Dolly => 11301578 B

RecycleBin => 0 B
EmptyTemp: => 39.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:39:38 ====

Te comento, luego que terminó el proceso y reiniciada la PC, entré al modo normal de windows, y si bien la PC tiene una pequeña mejoría, los picos de memoria RAM y CPU siguen estando muy altos, y de tanto en tanto hay un lagaso. Muchas gracias por toda la ayuda brindada hasta ahora. Quedo a la espera de la siguiente respuesta :smiley:

Hola @Brayand_Chacaltana

Perfecto.

Algo queda mal desinfectado por que hay una infección que se reitera de tus USB.

Realiza lo siguiente en Modo Normal:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga UsbFix a tu escritorio :

  • Conecte todos sus dispositivos extraibles, USB/Pendrive\Micro SD, etc.
  • Ejecute USBFix.exe

  • Una vez conectados todos sus dispositivos presione en "Ejecutar análisis."
  • Posteriormente seleccione “Full Análisis” y espere a que termine.
  • En caso de detectar amenazas, seleccione todo los elementos detectados y presione "Limpiar todo"
  • Si le pidiera reiniciar el sistema, Acepte .
  • Una vez que se reinicie el equipo, se abrirá el reporte de USBFix indicando lo detectado y lo eliminado.
  • Copie y pegue entero dicho reporte en su próxima respuesta (en caso de que no se abra, el reporte se guarda con el nombre de UsbFix_Report.txt en el Escritorio)

Una vez terminado el análisis, con todas las unidades conectadas, vuelva a ejecutar USBFix como Administrador, y vacune los mismos, siguiendo los pasos del Manual.


Luego de reiniciar necesito que inicies en Modo Normal de Windows nuevamente, con todos los programas cerrados (Navegador Cerrado) ejecutes FRST tal como la primera vez y nos pegues los reportes frescos.

Necesito que sea en Modo Normal para ver todos los procesos que se ejecutan.

Salu2

Que tal @SanMar, dejo los reportes solicitados:

USBFIX

# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Versión : 11.016
# Base de datos : 2019.05.21 
# Contacto : https://www.usb-antivirus.com/es/contacto
# ----------------------------------------------------
# Tipo de escaneo : Full
# Usuario : Dolly (Administrador)
# Dispositivo : MASTERVAIO
# Comenzó : 16/07/2019 18:02:00
# ----------------------------------------------------

------------ | Discos analizados |

C:\	NTFS	(56GB/113GB)	[Fixed] 
D:\	NTFS	(337GB/353GB)	[Fixed] 
E:\	FAT32	(161GB/952GB)	[Removable] 
H:\	FAT32	(526GB/7GB)	[Removable] 
I:\	FAT	(50GB/2GB)	[Removable] 

------------ | Elemento(s) infectado(s) |

Restorado! E:\~WRL0005.tmp
Restorado! E:\~WRL2734.tmp
Restorado! E:\~WRL3980.tmp
Restorado! I:\~$DELITOS ADUANEROS  FINAL (1).pptx
Borrado! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|flaterem
Borrado! HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\flaterem
Borrado! C:\streamer\stream.txt
Borrado! C:\streamer\streamer.exe
Borrado! C:\streamer
Borrado! C:\streamerdata\streamer.exe
Borrado! C:\streamerdata

------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
04 - HKLM\..\Run : [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [BtTray] "C:\Program Files\Bluetooth Suite\BtTray.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
04 - HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

------------ | Tasks |

Task - AutoPico Daily Restart --> "C:\Program Files\KMSpico\AutoPico.exe" /silent
Task - Avast Emergency Update --> C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Task - GoogleUpdateTaskMachineCore --> C:\Program Files\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Task - klcp_update --> "C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=30

------------ | C:\ %SystemDrive% - Disco fijo (NTFS) |

[09/07/2015 - 23:47:46 | A | 11 Ko] - WPI_Log.txt
[15/07/2019 - 17:36:35 | A | 0 Ko] - DelFix.txt
[10/06/2009 - 16:42:20 | A | 0 Ko] - config.sys
[16/07/2019 - 16:06:49 | ASH | 1261748 Ko] - hiberfil.sys
[16/07/2019 - 16:06:53 | ASH | 1682332 Ko] - pagefile.sys
[24/04/2019 - 20:17:18 | RASHD] - autorun.inf
[01/05/2009 - 22:56:12 | A | 114 Ko] - USB Show.exe
[09/07/2015 - 22:55:08 | SHD] - $Recycle.Bin
[10/06/2009 - 16:42:20 | A | 0 Ko] - autoexec.bat
[13/07/2009 - 21:37:05 | D] - PerfLogs
[09/07/2015 - 19:52:12 | SHD] - Recovery
[09/07/2015 - 22:04:15 | RHD] - MSOCache
[09/07/2015 - 23:46:22 | RD] - Users
[31/12/2018 - 15:23:25 | D] - Recovered data 12-31 15_23_25
[19/03/2019 - 17:30:40 | D] - Recovered data 03-19 17_30_40
[09/05/2019 - 18:46:02 | D] - video_output
[06/06/2019 - 17:25:15 | D] - Recovered data 06-06 17_25_15
[06/06/2019 - 17:26:33 | D] - Recovered data 06-06 17_26_33
[11/07/2019 - 17:21:31 | HD] - ProgramData
[11/07/2019 - 17:58:00 | RD] - Program Files
[11/07/2019 - 18:07:41 | D] - AdwCleaner
[12/07/2019 - 16:41:50 | D] - Windows
[15/07/2019 - 17:43:18 | D] - FRST

------------ | D:\ - Disco fijo (NTFS) |

[19/05/2014 - 21:55:57 | A | 10192 Ko] - Outlook.com.zip
[25/05/2014 - 21:48:07 | A | 5353 Ko] - Outlook.com(1).zip
[25/05/2014 - 21:58:23 | A | 10192 Ko] - Outlook.com(2).zip
[12/05/2014 - 22:55:58 | A | 18 Ko] - mazzeti lista.xlsx
[13/05/2014 - 13:32:45 | A | 10 Ko] - Libro1.xlsx
[14/05/2014 - 13:54:52 | A | 9 Ko] - ojojj.xlsx
[18/05/2018 - 17:25:24 | A | 74 Ko] - Alda Internamiento 2018.xlsx
[25/04/2018 - 12:04:39 | A | 182 Ko] - Internamiento 2018.xls
[12/07/2019 - 17:25:32 | HD] - msdownld.tmp
[19/05/2014 - 21:53:05 | A | 529 Ko] - Módulo IX. Mario Amoretti. Prisión preventiva.ppt
[19/05/2014 - 21:53:26 | A | 1092 Ko] - Módulo X y XI. José Neyra Sistema de recursos.ppt
[19/05/2014 - 21:53:38 | A | 9404 Ko] - José Neyra. casaciones 2010- 2013.ppt
[08/05/2014 - 21:37:27 | A | 818 Ko] - 00791-2014-AA Aclaracion.pdf
[12/05/2014 - 21:09:01 | A | 79 Ko] - INVITACIÓN CEC MES DE MAYO.pdf
[13/05/2014 - 21:19:06 | A | 834 Ko] - seriec_271_esp.pdf
[19/05/2014 - 23:16:34 | A | 6995 Ko] - Foucault%20-%20La%20arqueolog%EDa%20del%20saber.pdf
[19/05/2014 - 23:19:55 | A | 5255 Ko] - VariaJCarro.pdf
[21/05/2014 - 23:40:54 | A | 19292 Ko] - derecho_penal_-_parte_general_-_claus_roxin.pdf
[21/05/2014 - 23:41:36 | A | 19292 Ko] - derecho_penal_-_parte_general_-_claus_roxin(1).pdf
[25/05/2014 - 22:10:43 | A | 147002 Ko] - Bacigalupo DP economico 2005.pdf
[25/05/2014 - 22:47:40 | A | 108 Ko] - 02445-2011-AA.pdf
[26/05/2014 - 23:54:07 | A | 19292 Ko] - derecho_penal_-_parte_general_-_claus_roxin(2).pdf
[13/06/2016 - 10:46:21 | A | 0 Ko] - Windows 7 (C) - Acceso directo.lnk --> C:\
[07/12/2016 - 11:08:10 | A | 1 Ko] - FOTOS - Acceso directo.lnk --> D:\FOTOS
[28/10/2013 - 18:30:17 | A | 283 Ko] - PORTADA.jpg
[15/05/2014 - 23:13:41 | A | 185 Ko] - fixtures-mundial-brasil-2014-full-color-x-1000-unidades-10352-MLA20028429499_012014-F.jpg
[15/05/2014 - 23:18:59 | A | 599 Ko] - Fixture-Brasil-2014.jpg
[11/06/2019 - 18:49:18 | RASHD] - autorun.inf
[22/04/2013 - 14:34:24 | A | 116728 Ko] - 710_b042_multilanguage.exe
[09/04/2013 - 12:09:44 | A | 57 Ko] - bris.docx
[25/04/2013 - 11:19:03 | A | 13 Ko] - ACTA FISCAL.docx
[19/08/2013 - 07:43:30 | A | 39 Ko] - ARCHIVO CASO 2578-13, HURTO AGRAVADO.docx
[23/09/2013 - 10:39:23 | A | 49 Ko] - PROVIDENCIA 3405- HOMICIDIO, INFORME DE NECROPCIA..docx
[01/10/2013 - 10:41:16 | A | 14 Ko] - CASO. 2603-13 PROVIDENCIA.docx
[01/10/2013 - 10:43:48 | A | 14 Ko] - CASO. 2603-13 PROVIDENCIA REPROGRAMACIÒN.docx
[01/10/2013 - 11:10:33 | A | 52 Ko] - caso 1732- archivo, descargar, lesiones cuposas.docx
[15/10/2013 - 17:45:04 | A | 22 Ko] - elementos de conviccion.docx
[21/11/2013 - 15:00:06 | A | 23 Ko] - ALMONTE.docx
[27/01/2014 - 14:04:33 | A | 99 Ko] - 2140.docx
[12/02/2014 - 14:47:05 | A | 96 Ko] - oficio a coordinación, remite carpeta.docx
[07/03/2014 - 01:11:29 | A | 50 Ko] - alegato inicial.docx
[07/03/2014 - 16:28:20 | A | 52 Ko] - alegato inicial 7 de marzo.docx
[14/03/2014 - 17:34:51 | A | 138 Ko] - CASO 4658-13. ARCHIVO DE HURTO..docx
[14/03/2014 - 17:35:02 | A | 137 Ko] - CASO 5386-13- ARCHI DE HURTO, .,...docx
[14/04/2014 - 13:24:14 | A | 151 Ko] - 911 HURTO AGRABADO.docx
[14/04/2014 - 14:16:24 | A | 149 Ko] - falta 911.docx
[16/04/2014 - 13:16:25 | A | 143 Ko] - bere fata 144+.docx
[16/04/2014 - 13:16:33 | A | 137 Ko] - hhhh.docx
[29/04/2014 - 10:59:05 | A | 139 Ko] - REG.docx
[29/04/2014 - 13:39:27 | A | 145 Ko] - j.docx
[13/05/2014 - 13:32:55 | A | 37 Ko] - En relacion al pago recibido por los miembros administrativos de UNIPATREM  y otros efectivos policiales por razón de control entre los mese de Agosto a Diciembre del 2010.docx
[13/05/2014 - 13:33:00 | A | 35 Ko] - Durante el año 2010 el comandante Domingo Zuñiga Rivera.docx
[16/05/2014 - 13:57:32 | A | 134 Ko] - A folios 15 y ss obra la Directiva Nº 033.docx
[20/05/2014 - 13:16:53 | A | 149 Ko] - 7.docx
[25/05/2014 - 23:22:11 | A | 134 Ko] - A folios 15 y ss obra la Directiva Nº 031.docx
[03/06/2014 - 14:53:58 | A | 107 Ko] - Tercera Fiscalía Provincial Penal Corporativa.docx
[17/06/2014 - 12:32:22 | A | 122 Ko] - acusacion butron chuctaya.docx
[23/06/2014 - 14:07:19 | A | 473 Ko] - MACETI VAMOS finallllll afin.docx
[24/06/2014 - 12:38:00 | A | 56 Ko] - ROBO ACH. 1665.docx
[25/06/2014 - 10:45:29 | A | 129 Ko] - archivo 3862-2013.docx
[25/06/2014 - 14:21:47 | A | 39 Ko] - ELEMENTOS DE CONVICCIO 1439-2013.docx
[27/06/2014 - 14:43:32 | A | 117 Ko] - sobreseimiento 1439-2013.docx
[14/07/2014 - 11:01:34 | A | 58 Ko] - ARCHIVO HURTO AGRAVADO 503-2013-5457 con reserva.docx
[21/08/2014 - 09:41:52 | A | 57 Ko] - ARCHIVO 3417-2014 (lesiones).docx
[21/08/2014 - 09:49:36 | A | 57 Ko] - ARCHIVO  3251-2014 (secuestro).docx
[21/08/2014 - 09:51:33 | A | 133 Ko] - ARCHIVO 2654-2014 (secuestro).docx
[21/10/2014 - 09:01:41 | A | 15 Ko] - GONZALO MANUEL JAUREGUI MEZA.docx
[21/10/2014 - 09:02:49 | A | 72 Ko] - A folios 15 y smazeti.docx
[30/10/2014 - 10:52:56 | A | 71 Ko] - providencia de reprogramación del agraviado BAZAN nueva fecha.docx
[13/01/2015 - 11:21:59 | A | 144 Ko] - archivo hurto 3998-2014.docx
[15/01/2015 - 12:55:22 | A | 149 Ko] - FORMALIZACION Almonte ultimo 2.docx
[22/01/2015 - 10:57:47 | A | 148 Ko] - REQUERIMIENTO MIXTO CCORA PAMPA.docx
[25/02/2015 - 13:20:46 | A | 132 Ko] - Citacion para principio de oportunidad.docx
[01/04/2016 - 11:56:23 | A | 54 Ko] - hurtooo intrumentos.docx
[13/10/2016 - 10:44:58 | A | 75 Ko] - FORMALIZACION3918-2015-0.docx
[02/01/2017 - 11:02:45 | AH | 0 Ko] - ~$SO. 2603-13 PROVIDENCIA REPROGRAMACIÒN.docx
[09/07/2019 - 15:36:32 | A | 53 Ko] - APERTURA VIOLACION Lizbeth Milagros Condori Soncco..docx  super corregido.docx  OKEY OKEY.docx
[01/03/2013 - 11:14:48 | A | 84 Ko] - acusacion directa peligro comun 2012-4309 corregido.doc
[21/03/2013 - 13:05:36 | A | 42 Ko] - caballero velazco.doc
[21/03/2013 - 13:06:01 | A | 58 Ko] - martinez lipe junior alonzo (archivo)............doc
[21/03/2013 - 13:06:31 | A | 137 Ko] - Apertura dias velarde roberto henry.doc
[25/03/2013 - 13:15:54 | A | 51 Ko] - DIAZ VELARDE ROBERTO HENRY (POR korregir ).doc
[03/04/2013 - 10:53:15 | A | 83 Ko] - ESTAFA 11.doc
[04/04/2013 - 09:37:33 | A | 83 Ko] - BRIS.doc
[19/04/2013 - 10:31:35 | A | 198 Ko] - 1625.doc
[19/04/2013 - 10:39:05 | A | 199 Ko] - 1626.doc
[19/04/2013 - 10:41:26 | A | 200 Ko] - 1627.doc
[19/04/2013 - 10:44:51 | A | 201 Ko] - 1649-2013.doc
[19/04/2013 - 10:47:43 | A | 198 Ko] - 1627-2013(b).doc
[24/04/2013 - 09:24:40 | A | 79 Ko] - BRISSSSSSSSS.doc
[24/04/2013 - 09:25:02 | A | 50 Ko] - APERTURA (HOMICIDIO).doc
[25/04/2013 - 11:41:43 | A | 67 Ko] - DESAPARECIDAAAAAAAAAAAAAA.doc
[19/08/2013 - 12:41:39 | A | 107 Ko] - 503-2012-5307(ACUSACIÓN DIRECTA Pelcom).doc
[20/08/2013 - 21:57:51 | A | 111 Ko] - acusacionnnnnnnnnnnnnnnnnn.doc
[22/08/2013 - 00:43:46 | A | 84 Ko] - archivo, caso 2154, hurto agravado.doc
[04/09/2013 - 22:29:12 | A | 105 Ko] - FORMALIZACIÓN-TUBOS.doc
[19/09/2013 - 05:43:49 | A | 67 Ko] - CASO 3399-13  APERTURA DE HUTO AGRAVADO, SEDE PNP. (Autoguardado).doc
[04/10/2013 - 07:11:03 | A | 287 Ko] - FORMA.. TUBOS.doc
[16/10/2013 - 02:59:38 | A | 151 Ko] - acusacion.doc
[29/11/2013 - 09:03:56 | A | 23 Ko] - ESCANER - DISPOSICIÓN I.doc
[11/12/2013 - 13:53:03 | A | 224 Ko] - ARCHIVO - PERIFONEO.doc
[06/02/2014 - 11:11:32 | A | 336 Ko] - archivo almonte.doc
[12/03/2014 - 21:30:00 | A | 26 Ko] - DISPOS_01-2014- MODELO LESIONES - APERTURA.doc
[12/03/2014 - 22:50:38 | A | 90 Ko] - terminación anticipada, acta. Conducción en estado de ebriedad..doc
[14/03/2014 - 14:10:34 | A | 214 Ko] - ARCHIVO DE HURTO AGRAVADO 503-2013-5379-0 CORREGIDO.doc
[14/03/2014 - 17:35:11 | A | 214 Ko] - ARCHIVO DE HURTO AGRAVADO 503-2013-4748-0.doc
[29/04/2014 - 13:39:13 | A | 213 Ko] - corregidooooooo casi 2154- hurto agrabadoo.doc
[07/05/2014 - 13:41:58 | A | 681 Ko] - mazzeti trabajado por mi.doc
[13/05/2014 - 12:59:20 | A | 748 Ko] - mazzeti trabajado por mi modificado.doc
[03/06/2014 - 09:46:28 | A | 117 Ko] - Oficios 3144.doc
[17/06/2014 - 11:10:58 | A | 1151 Ko] - MACETI VAMOS finallllll afin corregido.doc
[21/10/2014 - 09:01:25 | A | 1149 Ko] - MACETI VAMOS finallllll afin corregido-1.doc
[30/10/2014 - 10:23:38 | A | 157 Ko] - ACUSACIÓN -Lesiones culposas 930-2013.doc
[13/01/2015 - 12:57:41 | A | 221 Ko] - prorroga 4756-2014.doc
[04/04/2019 - 10:19:36 | SHD] - $RECYCLE.BIN
[12/07/2019 - 17:25:40 | D] - ULTIKMOS 16.19.13
[11/06/2019 - 18:49:20 | D] - DR. JORGE LUIS SALAS ARENAS
[04/04/2019 - 10:19:39 | D] - ARCHVOOO SALE
[04/04/2019 - 10:19:39 | D] - Audios Hinojosa Requena
[04/04/2019 - 10:19:40 | D] - carpeta
[04/04/2019 - 10:19:41 | D] - CGPJ ESPAÑA
[04/04/2019 - 10:19:41 | D] - claudia secigra
[04/04/2019 - 10:19:41 | D] - DARLENY BER
[04/04/2019 - 10:19:42 | D] - DPC
[04/04/2019 - 10:19:43 | D] - Evelyn
[03/05/2019 - 12:13:15 | D] - c
[11/06/2019 - 18:49:16 | D] - Alda
[11/06/2019 - 18:49:17 | D] - ALONSO
[11/06/2019 - 18:49:17 | D] - ANITA
[09/07/2019 - 15:36:36 | D] - EDWIN
[12/07/2019 - 17:22:46 | D] - Fiorella
[12/07/2019 - 17:24:01 | D] - FOTOS
[12/07/2019 - 17:24:07 | D] - Frank
[12/07/2019 - 17:24:29 | D] - FRESIA
[12/07/2019 - 17:24:44 | D] - internamiento abril 2018
[12/07/2019 - 17:24:54 | D] - KAREN 1
[12/07/2019 - 17:25:20 | D] - LUIS FAJARDO
[12/07/2019 - 17:25:28 | D] - MARCO
[12/07/2019 - 17:25:37 | D] - omar
[12/07/2019 - 17:25:47 | D] - Users
[12/07/2019 - 17:25:50 | D] - variossss- 1
[12/07/2019 - 17:26:03 | D] - Willy
[14/07/2019 - 14:09:49 | D] - Brayand
[15/07/2019 - 17:53:48 | D] - AMAG

------------ | E:\ - Disco extraíble (FAT32) |

[18/07/2018 - 17:26:18 | A | 28 Ko] - informe grupal niño jesus de praga.xlsx
[18/07/2018 - 17:30:12 | A | 29 Ko] - informe grupal divino maestro.xlsx
[18/07/2018 - 00:57:22 | N | 58 Ko] - ~WRL0005.tmp
[12/06/2019 - 18:46:10 | N | 89 Ko] - ~WRL3980.tmp
[26/06/2019 - 01:22:54 | N | 33 Ko] - ~WRL2734.tmp
[23/07/2018 - 11:41:54 | A | 226 Ko] - dni.PNG
[23/07/2018 - 11:43:40 | A | 864 Ko] - tit.PNG
[23/07/2018 - 11:45:02 | A | 234 Ko] - constancia.PNG
[23/07/2018 - 11:46:26 | A | 509 Ko] - secigra 1.PNG
[23/07/2018 - 11:47:34 | A | 442 Ko] - secigra 2.PNG
[23/07/2018 - 11:49:02 | A | 1074 Ko] - certificado.PNG
[23/07/2018 - 11:49:56 | A | 198 Ko] - italiano.PNG
[26/03/2018 - 10:38:26 | A | 54 Ko] - constancia_474_20101735 (1).pdf
[31/07/2018 - 23:27:10 | A | 160 Ko] - CV PODER JUDICIAL.pdf
[07/08/2018 - 23:18:48 | A | 194 Ko] - 3393_BasesConcurso.pdf
[07/08/2018 - 23:21:42 | A | 57 Ko] - Consulta RUC_ versión Imprimible.pdf
[30/12/2018 - 23:38:48 | A | 342 Ko] - res_2017029010214038000742573.pdf
[30/12/2018 - 23:38:58 | A | 390 Ko] - res_2017029010214108000034188.pdf
[25/01/2019 - 07:21:22 | A | 3195 Ko] - Casación-71-2012-Cañete-Legis.pe_.pdf
[17/06/2019 - 23:08:20 | A | 2 Ko] - RHE10725725723E0014.pdf
[19/06/2019 - 10:36:50 | A | 69 Ko] - sentencia tribunal supremo español.pdf
[19/06/2019 - 12:33:02 | A | 3015 Ko] - tcmgg.pdf
[16/07/2018 - 14:39:34 | A | 9 Ko] - INFORME CATEEEEL.odt
[20/03/2019 - 19:43:14 | A | 44 Ko] - acusacion america movil.odt
[17/08/2016 - 12:43:52 | A | 50 Ko] - declaración ANGEL ARAPA VARGAS.docx
[17/08/2016 - 13:39:34 | A | 50 Ko] - declaración de Pastor Postigo Roger DAVID. SUNAT.docx
[18/08/2016 - 13:38:52 | A | 60 Ko] - declaracion marco antonio manrique velazco.docx
[31/01/2018 - 05:59:28 | A | 81 Ko] - DISPOSICIÓN DE FORMALIZACION DE LA INVESTIGACION Nº 004-2018 503-2016-505.docx
[04/06/2018 - 14:35:10 | A | 54 Ko] - PROVIDENCIA.docx
[05/07/2018 - 16:47:14 | A | 21 Ko] - INFORME-PSICOLÓGICO-SANTI.docx
[16/07/2018 - 14:39:54 | A | 15 Ko] - INFORME CATEEEEL.docx
[18/07/2018 - 11:00:16 | A | 60 Ko] - CASONº  1506015600-2018-102.docx
[23/07/2018 - 11:51:20 | A | 3574 Ko] - HOJA DE VIDA MIGUEL ANTONIO QUISPE NIETO 72572572.docx
[30/07/2018 - 08:32:20 | A | 13 Ko] - CARTA PODER.docx
[05/08/2018 - 22:58:22 | A | 49 Ko] - FM01-GCPH-RRHH_DJ-CLV-CPR2017 (1).docx
[05/08/2018 - 22:59:12 | A | 51 Ko] - FM02-GCPH-RRHH_DJ-CLV-CPR2017.docx
[07/08/2018 - 23:48:12 | A | 12 Ko] - AFICHE.docx
[13/08/2018 - 19:43:04 | A | 145 Ko] - REQUERIMIENTO Nº 003 DE ACUSACION 507-2017-2669.docx
[14/08/2018 - 18:38:36 | A | 62 Ko] - REQUERIMIENTO DE PRISION PREVENTIVA ELMER ORTIZ TICLAYAURI.docx
[27/08/2018 - 18:47:42 | A | 60 Ko] - 102-2018-600.docx
[27/08/2018 - 21:23:28 | A | 64 Ko] - ultimo organizacion criminal.docx
[29/08/2018 - 16:36:54 | A | 69 Ko] - archivo caso 600-2018-102.docx
[02/09/2018 - 22:50:36 | A | 50 Ko] - apertura caso nuevo de estafa.docx
[04/09/2018 - 19:38:40 | A | 62 Ko] - amplaicion de diligencias carpeta fiscal 502-2018.871.docx
[14/09/2018 - 15:55:58 | A | 77 Ko] - ARCHIVO 503-2017-7045.docx
[21/09/2018 - 12:41:10 | A | 19 Ko] - SOBRE EL DELITO DE ESTAFA.docx
[21/09/2018 - 18:17:08 | A | 54 Ko] - aperura resistencia a la autoridad ultimo.docx
[24/09/2018 - 18:16:06 | A | 86 Ko] - ARCHIVO CASO 503-2017-1708 final .docx
[26/09/2018 - 18:54:14 | A | 33 Ko] - forma caso pintor.docx
[27/09/2018 - 19:44:48 | A | 88 Ko] - requerimiento de levantamiento de comunicaciones.docx
[28/09/2018 - 18:44:14 | A | 69 Ko] - PROVIDENCIA DE DILIGENCIAS CASO PINTOR FINAL.docx
[02/10/2018 - 12:34:14 | A | 20 Ko] - mc ok.docx
[10/10/2018 - 20:35:04 | A | 45 Ko] - APERTURA HURTO 503-2018-10202 sabino pastor gonzales ponce..docx
[11/10/2018 - 21:15:54 | A | 32 Ko] - MUY URGENTE.docx
[12/10/2018 - 12:43:04 | A | 106 Ko] - REQUERIMIENTO DE ACUSACION DE GARATE CONDORI.docx
[12/10/2018 - 18:36:52 | A | 56 Ko] - PROLOGACION DE PRISION.docx
[21/10/2018 - 18:18:56 | A | 22 Ko] - ejecucion de garantia.docx
[21/10/2018 - 20:27:24 | A | 152 Ko] - REQUERIMIENTO Nº 503-3827-2015 DEFRAUDACION TRIBUTARIA.docx
[22/10/2018 - 10:11:52 | A | 1007 Ko] - escrito de correcion de medida cautelar final.docx
[22/10/2018 - 10:22:32 | A | 14 Ko] - escrito de correcion de medida cautelar.docx
[22/10/2018 - 19:46:04 | A | 60 Ko] - APELACION EXPEDIENTE 5366-2017.docx
[22/10/2018 - 19:56:14 | A | 56 Ko] - apelacioN ENDARA DE LSISTEMA.docx
[24/10/2018 - 14:49:42 | A | 13 Ko] - Expediente Nro. 35-2012docx.docx
[27/11/2018 - 15:38:22 | A | 21 Ko] - ACTA DE INFORMACIÓN DE DERECHOS Y DEBERES  DEL IMPUTADO GUARDAR SILENCIO DE YURI FELIX CHAVEZ LUQUE.docx
[29/11/2018 - 13:26:18 | A | 107 Ko] - REQUERIMIENTO Nº 1-503-2017-3736-1.docx
[03/12/2018 - 12:24:02 | A | 1160 Ko] - VICTOR GERALD BRIAN ROSAS FERNANDEZ.docx
[03/12/2018 - 12:24:44 | A | 1160 Ko] - DECLARACION DE VICTOR GERALD BRIAN ROSAS FERNANDEZ.docx
[03/12/2018 - 12:42:48 | A | 1160 Ko] - DECLARACION DE PAMELA MARQUEZ SALAS.docx
[07/12/2018 - 17:31:26 | A | 61 Ko] - rechaza inhibicion.docx
[13/12/2018 - 20:18:54 | A | 67 Ko] - archivo 503-2017-6356.docx
[18/12/2018 - 18:43:38 | A | 55 Ko] - APERTURA 505-2018-3406.docx
[19/12/2018 - 11:37:06 | A | 14 Ko] - CARTA NOTARIAL 2 MARTHA VIDARTE.docx
[20/12/2018 - 17:53:28 | A | 72 Ko] - archivo caso 503-2018-3159.docx
[31/12/2018 - 01:22:02 | A | 51 Ko] - apertura 503-2018-12383.docx
[31/12/2018 - 14:32:48 | A | 75 Ko] - AVOCAMIENTO ARCE MUÑOZ.docx
[14/01/2019 - 18:05:22 | A | 61 Ko] - Diligencias de pintor.docx
[18/01/2019 - 15:22:12 | A | 64 Ko] - Diligencias de pintor ULTIMO.docx
[22/01/2019 - 11:59:26 | A | 48 Ko] - FORMALIZACION 503-2017-4787.docx
[22/01/2019 - 22:09:56 | A | 18 Ko] - CONTRATO DE ARRENDAMIENTO CENTRO ODONTOLOGICO.docx
[22/01/2019 - 22:11:44 | A | 21 Ko] - CONTRATO DE ALQUILER FARMACIA O BOTICA.docx
[15/03/2019 - 09:57:06 | A | 13 Ko] - solicitud al banco de la nacion.docx
[20/03/2019 - 19:44:40 | A | 80 Ko] - acusacion de america movil word.docx
[21/03/2019 - 15:16:08 | A | 103 Ko] - REQUERIMIENTO DE ACUSACION 3323-2016.docx
[21/03/2019 - 21:18:28 | A | 127 Ko] - REQUERIMIENTO DE ACUSACION 3323-2016 final.docx
[10/04/2019 - 15:00:54 | A | 87 Ko] - ARCHIVO 503-2018-871.docx
[10/04/2019 - 18:52:30 | A | 100 Ko] - ultimo 871.docx
[11/04/2019 - 20:32:44 | A | 117 Ko] - ARCHIVO 503-2018-871 final.docx
[30/05/2019 - 15:15:40 | A | 12 Ko] - ARRESTO CIUDADANO.docx
[04/06/2019 - 13:42:58 | A | 28 Ko] - DECLARACION JUAN JOSÉ DUEÑAS GARCÍA.docx
[07/06/2019 - 19:06:26 | A | 80 Ko] - CASO Nº 503-2017-899 nem bis idem.docx
[10/06/2019 - 20:54:28 | A | 26 Ko] - SEGUDNA PARTE MARTIN BERRIOS.docx
[13/06/2019 - 17:39:16 | A | 86 Ko] - CASO Nº 503-2017-899 nem bis idem ULI.docx
[18/06/2019 - 22:56:34 | A | 17 Ko] - Dolly Carrmela2.docx
[18/06/2019 - 22:57:02 | A | 66 Ko] - ACUSACION COMPLEMENTARIA.docx
[18/06/2019 - 22:57:24 | A | 55 Ko] - ROBO CON VIOLENCIA INTIMIDACIÓN IMPLICITA.docx
[19/06/2019 - 12:32:32 | A | 86 Ko] - transcripcion audios.docx
[20/06/2019 - 10:51:56 | A | 77 Ko] - ACUSACION COMPLEMENTARIA 2.docx
[26/06/2019 - 09:59:20 | A | 39 Ko] - ALEGATOS CIERRE CASO POLICIAS.docx
[02/07/2019 - 21:14:42 | A | 18 Ko] - AUDIO POLICIA FINAL.docx
[03/07/2019 - 14:08:26 | A | 28 Ko] - AUDIO POLICIA FINAL 123.docx
[09/07/2019 - 20:13:30 | A | 18 Ko] - ALEATOS DE CLAUSURA MONTOYA.docx
[10/07/2019 - 16:02:38 | A | 19 Ko] - ALEATOS DE CLAUSURA MONTOYA final.docx
[05/08/2018 - 23:51:00 | A | 142 Ko] - FORMALIZACION CON NUEVOS ELMENTOS DE ELMER.doc
[14/12/2018 - 18:48:54 | A | 27 Ko] - DECLARACION ROSALES.doc
[12/06/2018 - 15:57:10 | D] - usb
[16/07/2018 - 17:10:14 | D] - DESARROLLO TODO HOY
[23/07/2018 - 11:55:22 | D] - ESCANEOS
[06/08/2018 - 10:29:44 | D] - Nueva carpeta
[06/08/2018 - 10:29:44 | D] - Nueva carpeta (2)
[10/10/2018 - 11:05:22 | D] - ROBO AGRAVADO
[28/12/2018 - 18:31:02 | D] - ANA ALEJO
[08/04/2019 - 19:47:56 | D] - CASO CILF SAC

------------ | H:\ - Disco extraíble (FAT32) |

[12/01/2017 - 11:00:20 | D] - .Trashes
[13/06/2017 - 12:04:08 | A | 2743 Ko] - doc01734320170613120332.pdf
[13/06/2017 - 12:04:16 | A | 1842 Ko] - doc01734420170613120346.pdf
[13/06/2017 - 12:06:14 | A | 2747 Ko] - FOTOGRAFIAS PAGINAS 14 - 18.pdf
[13/06/2017 - 12:07:00 | A | 1845 Ko] - FOTOGRAFIAS PAG. 171 A 173.pdf
[23/11/2017 - 10:48:10 | A | 514 Ko] - 503-2015-5365-0 (TENTATIVA DE HURTO).pdf
[28/10/2018 - 13:46:14 | A | 101 Ko] - antecedentes Dra Viviana.pdf
[28/10/2018 - 13:50:20 | A | 101 Ko] - antecedentes Tovar.pdf
[22/01/2019 - 12:18:06 | A | 27 Ko] - SKM_558e19012212170.pdf
[22/01/2019 - 12:26:00 | A | 28 Ko] - SKM_558e19012212250.pdf
[31/01/2019 - 11:49:58 | A | 28 Ko] - SKM_558e19013111490.pdf
[31/01/2019 - 11:52:56 | A | 154 Ko] - SKM_558e19013111520.pdf
[31/01/2019 - 11:53:30 | A | 165 Ko] - SKM_558e19013111530.pdf
[31/01/2019 - 11:54:16 | A | 81 Ko] - SKM_558e19013111540.pdf
[31/01/2019 - 11:54:44 | A | 51 Ko] - SKM_558e19013111541.pdf
[31/01/2019 - 11:55:20 | A | 77 Ko] - SKM_558e19013111550.pdf
[31/01/2019 - 11:56:06 | A | 77 Ko] - SKM_558e19013111551.pdf
[31/01/2019 - 11:56:36 | A | 42 Ko] - SKM_558e19013111560.pdf
[31/01/2019 - 13:24:36 | A | 188 Ko] - SKM_558e19013113240.pdf
[31/01/2019 - 13:25:06 | A | 103 Ko] - SKM_558e19013113250.pdf
[31/01/2019 - 13:25:36 | A | 90 Ko] - SKM_558e19013113251.pdf
[12/03/2019 - 19:08:08 | A | 59 Ko] - tarjetaEmbarque.pdf
[22/03/2019 - 12:57:48 | A | 217 Ko] - gonzalez - Wendy.pdf
[22/03/2019 - 13:09:48 | A | 205 Ko] - 100-unlocked.pdf
[27/05/2019 - 19:52:36 | A | 2453 Ko] - la_jurisdiccion_constitucional_como_forma_creacion_derecho.pdf
[27/05/2019 - 19:52:38 | A | 856 Ko] - Justificacion_significacion_derechos_constitucionales_implicitos.pdf
[30/05/2019 - 19:04:48 | A | 777 Ko] - 05811-2015-HC.pdf
[20/09/2017 - 10:15:16 | A | 25 Ko] - exhorto..odt
[28/09/2017 - 16:10:42 | A | 207279 Ko] - 24-08-2017.mp3
[21/12/2017 - 16:10:20 | A | 20246 Ko] - 21-12-2017Pista 600603A.mp3
[24/04/2019 - 20:17:20 | RASHD] - autorun.inf
[04/06/2019 - 16:15:02 | A | 10660 Ko] - aimp_4.51.2084.exe
[30/03/2016 - 11:34:44 | A | 60 Ko] - N°503-2015-5842-0 (hurto agravado) SEDE POLICIAL.docx
[18/09/2017 - 18:59:42 | A | 19 Ko] - ELEMENTOS DEL CONVICCION QUE SUSTENTAN EL REQUERIMIENTO mazetti.docx
[18/09/2017 - 19:00:02 | A | 14 Ko] - domicilios caso mazetti.docx
[20/09/2017 - 10:16:20 | A | 13 Ko] - exhorto.docx
[20/09/2017 - 14:17:14 | A | 47 Ko] - EXHORTO ANDAHUAYLAS.docx
[21/09/2017 - 11:28:08 | A | 72 Ko] - disposición de ANDAHUAYLAS.OKEY.docx
[21/09/2017 - 13:04:00 | A | 72 Ko] - disposición de ANDAHUAYLAS..docx
[30/09/2017 - 13:46:14 | A | 17 Ko] - Declaración de Torres Espejo.docx
[07/10/2017 - 15:47:46 | A | 77 Ko] - 503-2016-5518 APROPIACIÓN ILÍCITA Y FALSIFICACIÓN DE DOCUMENTOS (formalización).docx
[10/10/2017 - 15:19:26 | A | 70 Ko] - 503-2016-3291 TENTATIVA DE HOMICIDIO (Formalización).docx
[24/10/2017 - 18:46:36 | A | 58 Ko] - 503-2016-4381-0 (LESIONES).docx
[14/11/2017 - 15:16:48 | A | 66 Ko] - 503-2017-2534 ABUSO DE AUTORIDAD Y OMISION Y RETARDO DE FUNCIONES (apertura).docx
[20/11/2017 - 10:55:50 | A | 51 Ko] - DECLARACION VERA SIBANA HIPOLITO.docx
[20/11/2017 - 18:50:06 | A | 63 Ko] - archivo hurto usurpación y daños, FERIA LA MARINA.docx
[20/11/2017 - 21:49:18 | A | 60 Ko] - 503-2017-1495 FRAUDE PROCESAL FALSEDAD IDEOLOGICA (archivo).docx
[22/11/2017 - 13:44:16 | A | 70 Ko] - archivo hurto usurpación y daños, FERIA LA MARINA OKEY.docx
[22/11/2017 - 15:03:18 | A | 70 Ko] - archivo hurto usurpación y daños, FERIA LA MARINA OKEY okey.docx
[23/11/2017 - 10:47:44 | A | 76 Ko] - 503-2015-5365-0 (TENTATIVA DE HURTO).docx
[27/11/2017 - 16:00:30 | A | 23 Ko] - oficio a medicina legal PERFIL PSICOSEXUAL-pedofilia.docx
[30/11/2017 - 16:31:08 | A | 52 Ko] - DECLARACIÓN DE Elias Lucio Huamani Chuquirimay.docx
[30/11/2017 - 18:04:04 | A | 51 Ko] - declaración de Jorge Luis Huamanchumo Magan.docx
[04/12/2017 - 16:31:54 | A | 75 Ko] - 503-2016-2107 FALSIFICACION DE DOCUMENTOS (Sobreseimiento).docx
[05/12/2017 - 09:55:22 | A | 66 Ko] - CONVOCA A ACUERDO 503-2017-5880 - HOMICIDIO CULPOSO.docx
[06/12/2017 - 10:30:46 | A | 54 Ko] - CARPETA N.docx
[06/12/2017 - 13:26:02 | A | 58 Ko] - CONVOCA ACUERDO REPARATORIO LESIONES LEVES PELAYO BUSTINZA QUISPE..docx
[06/12/2017 - 13:26:06 | A | 57 Ko] - archivo hurto empleada del hogar.docx
[06/12/2017 - 17:31:14 | A | 57 Ko] - {.docx
[07/12/2017 - 12:27:26 | A | 51 Ko] - acta de deslacrado DESOBEDIENCIA A LA AUTORIDAD.docx
[07/12/2017 - 13:00:48 | A | 32 Ko] - CONSTANCIA DE INASISTENCIA.docx
[12/12/2017 - 16:16:58 | A | 62 Ko] - REQUERIMIENTO DE SOBRESEIMIENTO BENEFICENCIA PUBLICA.docx
[12/12/2017 - 19:04:26 | A | 68 Ko] - REQUERIMIENTO DE SOBRESEIMIENTO BENEFICENCIA PUBLICA okey.docx
[13/12/2017 - 10:02:20 | A | 13 Ko] - nombramiento de perito.docx
[13/12/2017 - 14:14:46 | A | 55 Ko] - ARCHIVO HURTO NINEL NAVARRO GUTIERREZ.docx
[14/12/2017 - 13:40:32 | A | 49 Ko] - formalización lesiones de VIOLENCIA FAMILIAR ANA MARIA HUAMANI HUAMANI.docx
[14/12/2017 - 13:42:48 | A | 56 Ko] - ARCHIVO HURTO NINEL NAVARRO GUTIERREZ okey.docx
[15/12/2017 - 11:24:50 | A | 44 Ko] - APERTURA  hurto agravado LUCILA TTITO APAZA..docx
[15/12/2017 - 13:45:14 | A | 46 Ko] - APERTURA ROBO AGRAVADO ZULEIMA DEL PILAR SALAS QUISPE.docx
[28/12/2017 - 11:44:12 | A | 29 Ko] - PROVIDENCIA de reprogramacion.docx
[05/01/2018 - 12:27:32 | A | 63 Ko] - 7144-2017 tienda ripley (archivo).docx
[17/01/2018 - 08:53:12 | A | 15 Ko] - DOCUMENTOS DE QUEJA FARAH.docx
[17/01/2018 - 12:09:52 | A | 48 Ko] - prorroga MANUEL SIGIFRIDO ACO LINARES..docx
[19/01/2018 - 10:27:52 | A | 84 Ko] - OFICIOS 2018.docx
[19/01/2018 - 11:54:44 | A | 66 Ko] - 5263-2017 hurto casa archivo.docx
[23/01/2018 - 14:05:34 | A | 48 Ko] - archivo hurto agravado LUCILA TTITO APAZA. okey OKEY.docx
[23/01/2018 - 14:28:20 | A | 47 Ko] - archivo hurto agravado LUCILA TTITO APAZA. okey.docx
[23/01/2018 - 14:48:48 | A | 67 Ko] - 503-2017-2399 (ROBO NO AUTOR DESTINO FINAL).docx
[23/01/2018 - 18:55:50 | A | 32 Ko] - CONSTANCIA DE INASISTENCIA lucila ttito apaza.docx
[23/01/2018 - 18:55:56 | A | 51 Ko] - acta de deslacrado, acta de visualización y acta de lacrado hurto LUCILA TITTO APAZA..docx
[25/01/2018 - 11:17:06 | A | 55 Ko] - archivo hurto PROYECTOS A LA GERENCIA REGIONAL DE AREQUIPA. OKEY.docx
[25/01/2018 - 13:17:08 | A | 54 Ko] - formalización VIOLACION SEXUAL A MENOR Diego Armando Figueroa Cabana.docx
[26/01/2018 - 14:23:32 | A | 66 Ko] - acusación de receptación ALBERTO RUSSELL GARCIA..docx
[29/01/2018 - 11:51:08 | A | 54 Ko] - disposicion de formalización VIOLACION SEXUAL A MENOR Diego Armando Figueroa Cabana okey.docx
[29/01/2018 - 11:52:08 | A | 47 Ko] - disposición de formalización lesiones de VIOLENCIA FAMILIAR ANA MARIA HUAMANI  HUAMANI OKEY. okey.docx
[29/01/2018 - 13:38:28 | A | 56 Ko] - acta de deslacrado, acta de visualización y acta de lacrado Sra .Galdos..docx
[30/01/2018 - 17:53:22 | A | 63 Ko] - acusación de receptación ALBERTO RUSSELL GARCIA. okey.docx
[31/01/2018 - 12:35:40 | A | 55 Ko] - apetura receptación MARCO ANTONIO MANCHEGO  CCALA. okey.docx
[01/02/2018 - 15:37:38 | A | 84 Ko] - 503-2016-7028 ABUSO DE AUTORIDAD (caso Montufar - Archivo).docx
[07/02/2018 - 11:02:56 | A | 68 Ko] - archivo falsificación de documentos 1767-503-2017.docx
[07/02/2018 - 12:21:32 | A | 43 Ko] - archivo ABUSO DE AUTORIDAD policias de transito. okey.docx
[07/02/2018 - 13:19:04 | A | 10 Ko] - AUTORIZACIÓN.docx
[12/02/2018 - 17:57:00 | A | 66 Ko] - 3826-2017 hurto agravado llantas acrhivo.docx
[16/02/2018 - 10:35:52 | A | 33 Ko] - CONSTANCIA DE INASISTENCIA Florencia Ttito Ibarra..docx
[16/02/2018 - 11:38:24 | A | 51 Ko] - declaración FLORENCIA TTITO IBARRA.docx
[19/02/2018 - 10:03:58 | A | 42 Ko] - archivo ABUSO DE AUTORIDAD policias de transito.docx POLICIAS.docx
[19/02/2018 - 13:33:36 | A | 48 Ko] - declaración ANGELICA EULALIA GONZALES PACHECO..docx
[19/02/2018 - 14:07:30 | A | 19 Ko] - ACTA DE INFORMACIÓN DE DERECHOS Y DEBERES  DEL IMPUTADO.docx ANGELICA.docx
[22/02/2018 - 10:07:18 | A | 18 Ko] - provisional.docx
[26/02/2018 - 11:19:58 | A | 51 Ko] - declaración de GLORIA MATTOS VINCES.docx
[26/02/2018 - 13:08:02 | A | 18 Ko] - disposicion de RESERVA PROVISIONAL SEAL Y LOS TIGRES- ESCORPIONES.docx
[27/02/2018 - 10:18:12 | A | 50 Ko] - declaración de NILTON ROGER AGUILAR PUMA.docx
[27/02/2018 - 12:13:00 | A | 48 Ko] - oficio LOS TIGRES ESCOPION Y SEAL.docx
[27/02/2018 - 13:02:56 | A | 53 Ko] - declaración de NELLY QUISPE ZAPANA.docx
[27/02/2018 - 15:15:24 | A | 59 Ko] - disposicion de RESERVA PROVISIONAL SEAL Y LOS TIGRES- ESCORPIONES.docx     OKEY.docx
[27/02/2018 - 15:15:32 | A | 50 Ko] - DISPOSICION DE PRORROGA TIGRES Y ESCORPION..docx
[02/03/2018 - 12:53:36 | A | 18 Ko] - RESERVA PROVISIONAL ANGELA LUZ DÁVILA CÁRDENAS..docx
[02/03/2018 - 18:51:56 | A | 30 Ko] - prision preventiva erickcito.docx
[03/03/2018 - 13:41:10 | A | 62 Ko] - Disposicion bajo del superior FERIA LA MARINA ANA GIOVANA HUARACA PERALES..docx
[03/03/2018 - 13:59:34 | A | 34 Ko] - disposición de acumulación ACTOS CONTRA EL PUDOR JUAN PABLO TAIPE MACHACA..docx
[03/03/2018 - 15:58:58 | A | 56 Ko] - disposicion de formalización VIOLACION SEXUAL A MENOR JUAN PABLO TAIPE MACHACA.  okey.docx
[05/03/2018 - 10:47:36 | A | 46 Ko] - APERTURA  hurto agravado ACHAHUI MAMANI, ISIDRO GONZALO.docx
[08/03/2018 - 08:57:06 | A | 52 Ko] - 7105-2017 (2)  ARCHIVO hurto GALLEGOS ARENAS JORDAN JAVIER.docx
[13/03/2018 - 09:30:04 | A | 69 Ko] - ACUSACIÓN  apropiación ilicita Fabricio Dávila Márquez. okey.docx
[13/03/2018 - 12:37:36 | A | 59 Ko] - ARCHIVO BILLETE DE CINCUENTA SOLES..OK.docx
[14/03/2018 - 13:41:16 | A | 57 Ko] - disposicion de reprogramación SAMUEL CCORIMANYA CCASA..docx OKEY.docx
[19/03/2018 - 13:04:28 | A | 51 Ko] - formalización ROBO AGRAVADO BRIAN PALMA GAMA..okey.docx
[20/03/2018 - 11:33:18 | A | 59 Ko] - ARCHIVO BILLETE DE CINCUENTA SOLES..OK.corregido.docx
[20/03/2018 - 13:03:06 | A | 57 Ko] - disposicion de reprogramación SAMUEL CCORIMANYA CCASA..docx OKEY. corrregida la fecha.docx
[06/04/2018 - 13:14:58 | A | 35 Ko] - escrito anexando el ACTA DE ACUERDO PROVISIONAL SEAL.docx
[06/04/2018 - 13:58:44 | A | 32 Ko] - CONSTANCIA DE INASISTENCIA HURTO Milagros Ana Lucia Ruiz Dulanto..docx
[09/04/2018 - 14:16:54 | A | 51 Ko] - acta de deslacrado, visualización y lacrado HURTO MILAGROS ANA MARIA RUIZ DULANTE tiendas RIPLEY..docx
[17/04/2018 - 12:56:24 | A | 51 Ko] - acta de deslacrado, visulización y lacrado ACCIDENTE DE TRANSITO QUISPE CUTIPA EDGAR.docx
[17/04/2018 - 13:36:20 | A | 51 Ko] - acta de deslacrado, visulización y lacrado ACCIDENTE DE TRANSITO QUISPE CUTIPA EDGAR. corregido.docx
[17/04/2018 - 16:43:20 | A | 52 Ko] - disposicion de PRORROGA de la clinica AIESTHETIC.docx
[18/04/2018 - 14:10:06 | A | 49 Ko] - disposición de prorroga AYDEE CACYA PEREZ.docx
[19/04/2018 - 09:50:30 | A | 73 Ko] - ARCHIVO 503-2016-6728-HURTO AGRAVADO - NO AUTOR.docx
[19/04/2018 - 12:25:40 | A | 54 Ko] - declaración de TANIA DEL ROSARIO ROJAS GOMEZ . COLEGIO DE PSICOLOGOS.docx
[19/04/2018 - 12:33:30 | A | 50 Ko] - disposicióRn de prorroga AYDEE CACYA PEREZ.docx okey.docx
[19/04/2018 - 13:34:56 | A | 59 Ko] - archivo robo agravado y daños ROBERTO ELOY MAMANI ALEMAN.docx okey.docx
[19/04/2018 - 13:39:26 | A | 60 Ko] - archivo robo agravado y daños ROBERTO ELOY MAMANI ALEMAN.docx okey.docx CORREGIDO.docx
[19/04/2018 - 15:11:24 | A | 61 Ko] - archivo robo agravado y daños ROBERTO ELOY MAMANI ALEMAN.docx okey.docx CORREGIDO.docx SUPER CORREGIDO.docx
[23/04/2018 - 10:59:38 | A | 53 Ko] - declaración ROSMERY GRACIELA MACEDO VALDEZ.docx
[23/04/2018 - 12:03:44 | A | 51 Ko] - declaración de OLGA HAYDEE LEYTON CERNA.docx
[23/04/2018 - 12:31:02 | A | 51 Ko] - declaración de JACKELINE SALINAS VILCA.docx
[23/04/2018 - 18:07:00 | A | 51 Ko] - declaración JOHANA KATHERINE QUISPE VALDIVIA.docx
[25/04/2018 - 12:01:30 | A | 34 Ko] - oficio a DEPOSITO MUNICIPAL..docx
[25/04/2018 - 13:09:32 | A | 51 Ko] - declaración de ALBERTO NARVAEZ VIZCARRA.docx
[25/04/2018 - 14:59:36 | A | 63 Ko] - apertura de hurto 503-2017-6637 TRES PISQUEROS SAC.docx
[28/04/2018 - 22:15:34 | A | 70 Ko] - ULTIMA RATIO.docx
[07/05/2018 - 12:19:44 | A | 58 Ko] - 3060-2017 archivo de hurto por excusa absolutoria - EDWIN.docx
[09/05/2018 - 13:23:50 | A | 58 Ko] - archivo DAÑOS .................. JORGE FRANCISCO GUTIERREZ BELLIDO..docx  corregido.docx
[10/05/2018 - 17:10:46 | A | 51 Ko] - 7105-2017 ARCHIVO hurto GALLEGOS ARENAS JORDAN JAVIER.docx
[16/05/2018 - 13:07:06 | A | 61 Ko] - PRORROGA 503-2016-5530.docx
[22/05/2018 - 14:01:28 | A | 68 Ko] - conclusion FALSA DE DECLARACIÓN -ESCORPION Y SEAL.docx
[25/05/2018 - 19:02:38 | A | 13 Ko] - declaración Juana y Dayana.docx
[09/07/2018 - 11:08:02 | A | 1160 Ko] - TESTIGO ERICKA KAREN BARREDA ESPINOZA 503-2017-4150.docx
[17/07/2018 - 11:35:00 | A | 1166 Ko] - ACTA  DE  APLICACIÓN  DEL  PRINCIPIO DE OPORTUNIDAD OAF.docx
[26/07/2018 - 12:05:04 | A | 58 Ko] - ACTA DE INFORMACIÓN DE DERECHOS Y DEBERES  DEL IMPUTADO MIGUEL ANGEL MALDONADO - copia (2).docx
[26/07/2018 - 12:05:04 | A | 58 Ko] - ACTA DE INFORMACIÓN DE DERECHOS Y DEBERES  DEL IMPUTADO MIGUEL ANGEL MALDONADO - copia.docx
[26/07/2018 - 12:05:04 | A | 58 Ko] - ACTA DE INFORMACIÓN DE DERECHOS Y DEBERES  DEL IMPUTADO MIGUEL ANGEL MALDONADO.docx
[02/08/2018 - 10:05:50 | A | 54 Ko] - 5587-2018 Apertura desaparición.docx
[11/08/2018 - 17:55:40 | A | 62 Ko] - PRINCIPIO DE OPORTUNIDAD CHILO HUARCA.docx
[18/09/2018 - 18:35:14 | A | 58 Ko] - REG.docx
[09/10/2018 - 15:44:00 | A | 61 Ko] - aperura resistencia a la autoridad ultimo.docx
[09/10/2018 - 17:57:44 | A | 62 Ko] - APERTURA DE RESISTENCIA A LA AUTORIDAD SINDY ARROYO MEDINA.docx
[09/10/2018 - 18:27:58 | A | 55 Ko] - hurto por falta jorge.docx
[11/10/2018 - 17:49:16 | A | 54 Ko] - disposcion por error de fecha.docx
[12/10/2018 - 17:25:02 | A | 25 Ko] - 503-2018-7581.docx
[12/10/2018 - 17:59:38 | A | 23 Ko] - 503-2018-6169 DESOBEDIENCIA Y RESISTENCIA A LA AUTORIDAD.docx
[12/10/2018 - 18:07:16 | A | 53 Ko] - DISP. por error de fecha..docx
[12/10/2018 - 18:25:44 | A | 53 Ko] - DISP. oficial de error de fecha.docx
[12/10/2018 - 18:31:32 | A | 23 Ko] - 503-2018-7685.docx
[12/10/2018 - 18:46:46 | A | 22 Ko] - 503-2018-6168.docx
[12/10/2018 - 19:35:00 | A | 61 Ko] - ARCHIVO HURTO AGRAVADO NO AUTOR.docx
[16/10/2018 - 18:02:40 | A | 27 Ko] - DESOB. A LA AUTORIDAD FELIX TASSARA.docx
[18/10/2018 - 16:12:44 | A | 65 Ko] - formalizar rehusamiento.docx
[06/11/2018 - 15:58:28 | A | 40 Ko] - MAGALY 2.docx
[08/11/2018 - 18:17:02 | A | 25 Ko] - ARCHIVAR LESIONES MARIA FLORES MAMANIHANCCO.docx
[15/11/2018 - 16:07:48 | A | 47 Ko] - APERTURA HURTO AGRAVADO MARIA JUSTA MAMANIHANCCO.docx
[15/11/2018 - 17:30:58 | A | 47 Ko] - APERTURA HURTO AGRAVADO MARIA JUSTA MAMANIHANCCO 22.docx
[16/11/2018 - 10:34:58 | A | 48 Ko] - 502-2018-4819 APERTURA HURTO AGRAVADO MARIA JUSTA MAMANIHANCCO.docx
[19/11/2018 - 10:54:16 | A | 1161 Ko] - AGRAVIADO YULY QUISPE CANSAYA 503-2017-6354.docx
[19/11/2018 - 13:22:20 | A | 1161 Ko] - AMPLIACION JAIME NICOLA AMPUERO ROMERO.docx
[20/11/2018 - 15:41:48 | A | 53 Ko] - AVOCAMIENTO 1.docx
[20/11/2018 - 15:46:46 | A | 55 Ko] - AVOCAMIENTO 2.docx
[28/11/2018 - 11:03:18 | A | 52 Ko] - declaración RUFO VARGAS SALAS..docx
[29/11/2018 - 18:04:24 | A | 56 Ko] - APERTURA ESTAFA , FALSIFICACIÓN DE DOCUMENTOS 503-2018-10002.docx
[29/11/2018 - 20:15:40 | A | 13 Ko] - CASO SUCAMEC AREQUIPA-PASANTIA.docx
[29/11/2018 - 20:17:10 | A | 11 Ko] - Doc1.docx
[03/12/2018 - 10:39:54 | A | 1163 Ko] - DECLARACION DE LUIS ANGEL BARRANTES GAMARRA.docx
[11/12/2018 - 11:30:26 | A | 55 Ko] - DECLARACION DE lizet virginia ticona mamani.docx
[12/12/2018 - 12:37:00 | A | 54 Ko] - convoca acuerdo reparatoriao PEDO PABLO ORMEJO QUISPE.docx
[12/12/2018 - 18:45:48 | A | 66 Ko] - AVOCAMIENTO ARCE MUÑOZ HERBERTH ultimo del 12 del 12....docx
[12/12/2018 - 18:45:48 | A | 66 Ko] - AVOCAMIENTO ARCE MUÑOZ HERBERTH ultimo del 12 del 12... (2).docx
[14/12/2018 - 09:43:10 | A | 48 Ko] - APERTURA VIOLACION Lizbeth Milagros Condori Soncco..docx SUPER CORREGIDO docx.docx
[07/01/2019 - 19:44:00 | A | 71 Ko] - 503-2017-2005 FALSIFICACION DE DOCUMENTOS (formalizacion) (caso carnet SUCAMEC).docx
[08/02/2019 - 09:45:00 | A | 51 Ko] - 503-2018-12016 DERIVA VIOLENCIA.docx
[28/02/2019 - 13:18:54 | A | 1163 Ko] - IMPUTADO JULIA VIRGINIA URRUTIA RAMOS.docx
[01/03/2019 - 15:06:02 | A | 82 Ko] - 503-2018-3089 FALSEDAD IDEOLÓGICA (archivo).docx
[24/03/2019 - 22:07:24 | A | 21 Ko] - DELITO DE TENENCIA ILEGAL DE ARMAS.docx
[29/03/2019 - 13:17:40 | A | 46 Ko] - archivo INSTIGACIÓN AL SUICIDIO Angela Luz Davila Cárdenas.docx
[15/04/2019 - 09:48:36 | A | 49 Ko] - archivo desobediencia a la autoridad PILAR CANAHUIRE LLAIQUE..docx modelo con notificacion al CORREO ELECTRONICO..docx
[15/04/2019 - 14:25:30 | A | 53 Ko] - formalizacion de DESOBEDIENCIA A LA AUTORIDAD..docx
[17/04/2019 - 10:24:40 | A | 1159 Ko] - ACTA DE FIJACIÓN DE ACUERDO REPARATORIO. JESUS TOLEDO APAZA.docx
[22/04/2019 - 12:22:16 | A | 54 Ko] - ~$SPOSICIÓN DE APERTURA DE INVESTIGACIÓN PRELIMINAR.docx ROSARIO.docx
[23/04/2019 - 13:04:46 | A | 53 Ko] - 503-2019-587.docx
[02/05/2019 - 13:22:12 | A | 53 Ko] - FACEBOOK FALSEDAD GENERICA.docx
[13/05/2019 - 11:15:00 | A | 1160 Ko] - ACTA  DE  APLICACIÓN  DEL  PRINCIPIO DE OPORTUNIDAD  503-2019-2768OAF.docx
[17/05/2019 - 18:40:40 | A | 20 Ko] - clausura TENENCIA ILEGAL DE ARMAS.docx
[21/05/2019 - 20:05:16 | A | 21 Ko] - clausura tenencia 2.docx
[23/05/2019 - 21:01:02 | A | 14 Ko] - via igualmente.docx
[17/06/2019 - 21:58:06 | A | 13 Ko] - TRANSCRIPCIÓN.docx
[19/09/2013 - 02:20:20 | A | 84 Ko] - ESTAFITA  LINDA.doc
[02/01/2014 - 20:13:54 | A | 88 Ko] - APERTURA ROBO .doc
[23/11/2017 - 21:00:16 | A | 55 Ko] - 503-2016-2107 FORMALIZACION.doc
[04/12/2017 - 18:13:30 | A | 55 Ko] - private.doc
[07/12/2017 - 12:04:08 | A | 77 Ko] - 3289-2017 archivo por falta de persistencia Y no identificacion.doc
[08/01/2018 - 18:03:18 | A | 80 Ko] - 503-2017-7061 FALSIFICACION DE DOCUMENTOS, PRUEBA FALSA, FRAUDE PROCESAL, Y FALSEDAD EN JUICIO (archivo).doc
[12/02/2018 - 18:04:28 | A | 68 Ko] - OFICIO NRO. 318-2018-MP-3FPPC-AR-DMZ.doc
[12/02/2018 - 18:04:42 | A | 68 Ko] - OFICIO NRO. 319-2018-MP-3FPPC-AR-DMZ.doc
[12/04/2018 - 09:36:20 | A | 57 Ko] - OFICIO DEFENSOR DE OFICIO CASO 4915-2012.doc
[19/04/2018 - 12:36:24 | A | 26 Ko] - Escrito CNM 2018.doc
[07/05/2018 - 11:56:22 | A | 71 Ko] - 503-2014-5579 ARCHIVO DESOBEDIENCIA EXCUSA ABSOLUTORIA Y P.OPORTUNIDAD..doc
[19/06/2018 - 11:47:10 | A | 85 Ko] - 503-2018-3860 FRAUDE PROCESAL FALSEDAD GENERICA (abstencion, juez extrapenal debe comunicar hechos delictivos).doc
[01/10/2018 - 15:58:42 | A | 79 Ko] - hurto agravado- corrales anaya 2.doc
[01/10/2018 - 18:22:48 | A | 79 Ko] - hurto agravado- corrales anaya 3.doc
[29/03/2019 - 11:47:32 | A | 83 Ko] - MODELO 503-2013-2277(Intento de suicidio).doc
[08/05/2019 - 16:57:24 | A | 107 Ko] - 503-2017-6956  confirmacion de incautacion VEHÍCULOs.doc
[28/09/2009 - 20:26:12 | A | 0 Ko] - Recuperar carpetas.bat
[29/03/2019 - 11:50:42 | SHD] - FOUND.000
[20/02/2018 - 15:49:48 | D] - DRA. DOLLY PERSONAL
[12/09/2017 - 10:49:58 | D] - CARMEN DOLMOS
[09/10/2017 - 16:41:02 | D] - 05-2017
[24/10/2017 - 10:04:40 | D] - christy
[18/01/2018 - 13:53:40 | D] - informes
[19/01/2018 - 07:08:42 | D] - DAMASOL
[07/02/2018 - 15:51:08 | D] - BRAYAND
[08/02/2018 - 11:35:44 | D] - Miguel
[28/02/2018 - 17:29:34 | D] - marco
[08/03/2018 - 11:11:26 | D] - mercy
[02/04/2018 - 09:51:12 | D] - DRA DOLLY
[18/04/2018 - 18:19:48 | D] - fotos
[24/04/2018 - 09:37:40 | D] - FABIOLA
[08/05/2018 - 19:00:38 | D] - PRISION PREVENTIVA FUNDAMENTADA
[18/05/2018 - 06:14:12 | D] - videos turry
[18/05/2018 - 11:22:28 | D] - ABBY
[03/07/2018 - 11:00:54 | D] - ERAYDA
[06/07/2018 - 10:15:42 | D] - Alda
[26/09/2018 - 15:53:28 | D] - YENNY
[09/10/2018 - 13:17:14 | D] - 178803
[09/10/2018 - 13:18:14 | D] - 179900
[09/10/2018 - 17:53:12 | D] - Nueva carpeta
[12/10/2018 - 12:35:44 | D] - LIZ
[28/10/2018 - 12:43:10 | D] - 28-10-2018
[15/11/2018 - 18:43:36 | D] - Magaly T
[16/11/2018 - 11:33:58 | D] - Ana
[21/11/2018 - 10:43:58 | D] - Evelyn
[28/11/2018 - 17:36:12 | D] - YENNY MURILLO 20
[27/12/2018 - 11:05:20 | D] - Documentos recuperados
[07/01/2019 - 09:53:58 | D] - CARLOS
[11/01/2019 - 10:05:54 | D] - ANTONELLA
[31/01/2019 - 09:46:34 | D] - 000
[27/02/2019 - 13:13:14 | D] - luz castillo doc
[05/03/2019 - 13:18:12 | D] - ACUERDO REPARATORIO
[05/03/2019 - 13:18:36 | D] - ACUERDO
[22/03/2019 - 11:56:48 | D] - ESTUDIO
[22/03/2019 - 18:46:40 | D] - AMAG
[29/03/2019 - 13:04:22 | D] - ALLI
[29/03/2019 - 13:04:38 | D] - ALISSON
[29/03/2019 - 13:04:56 | D] - Nueva carpeta (2)
[04/04/2019 - 14:35:12 | D] - JENIFER XD
[24/04/2019 - 14:14:34 | D] - PAOLO SIZA
[06/06/2019 - 19:48:20 | D] - Nueva carpeta (3)
[06/06/2019 - 19:49:04 | D] - DIPLOMADO
[11/06/2019 - 19:43:24 | D] - ETICA
[17/06/2019 - 21:25:34 | D] - 43
[20/06/2019 - 16:48:22 | D] - 2016054640401137
[26/06/2019 - 17:13:40 | D] - 26-06
[03/07/2019 - 16:21:32 | D] - material diplomado
[09/07/2019 - 11:28:30 | D] - Material curso 5

------------ | I:\ - Disco extraíble (FAT) |

[10/07/2019 - 23:06:08 | A | 2257 Ko] - diapositivas defraudacion parte 2 yenny.pptx
[11/07/2019 - 07:45:50 | A | 6389 Ko] - DELITOS ADUANEROS  FINAL (1).pptx
[11/07/2019 - 08:06:04 | N | 0 Ko] - ~$DELITOS ADUANEROS  FINAL (1).pptx
[05/07/2019 - 17:26:32 | A | 1847 Ko] - delitos aduaneros diapositivas.pdf
[10/07/2019 - 20:34:18 | A | 9 Ko] - ficha_socioeconomica_unsa YENNY.pdf
[07/08/2018 - 13:31:02 | A | 75 Ko] - 3679-2018 archivo aceite de canabis - copia.docx
[31/10/2018 - 10:37:06 | A | 96 Ko] - 1506014503-2018-10225 Archivo LESIONES LEVES.docx
[01/02/2019 - 12:18:10 | A | 67 Ko] - 12169-2018 Archivo Lesiones y Apertura Robo Agravado Tentativa.docx
[22/04/2019 - 14:26:14 | A | 53 Ko] - archivo PELIGRO COMUN por incendio..docx
[23/04/2019 - 13:17:40 | A | 57 Ko] - APERTURA 503-2019-2861 HURTO.docx 123................. - copia.docx
[20/05/2019 - 15:10:16 | A | 99 Ko] - 2455-2017 archivo lesiones leves robo agravado.docx
[24/05/2019 - 16:43:34 | A | 59 Ko] - APERTURA HURTO AGRAVADO CASO 12329-2018.docx
[31/05/2019 - 16:47:48 | A | 12 Ko] - Doc1.docx
[31/05/2019 - 17:38:20 | A | 61 Ko] - ARCHIVO PELIGRO COMUN.docx
[31/05/2019 - 18:02:02 | A | 63 Ko] - ARCHIVO TENENCIA DE ARMASss.docx
[05/06/2019 - 16:33:20 | A | 28 Ko] - DECLARACION DE MAURICE Y RUTH.docx
[11/06/2019 - 17:47:40 | A | 91 Ko] - 5907-2017 archivo PELIGRO COMUN.docx
[12/06/2019 - 22:00:44 | A | 63 Ko] - ARCHIVO PELIGRO COMUN ZARATE (Autoguardado) 123 - copia.docx
[18/06/2019 - 15:42:10 | A | 63 Ko] - APERTURA PELIGRO COMUN ZARATE.docx
[19/06/2019 - 15:57:50 | A | 64 Ko] - APERTURA PELIGRO COMUN ZARATE 12345.docx
[21/06/2019 - 18:12:32 | A | 61 Ko] - APERTURA 503-2019-2861 HURTO.docx 123..................docx
[24/06/2019 - 18:52:00 | A | 67 Ko] - ARCHIVO PEÑALOZA FINAL 24 DE JUNIO.docx
[26/06/2019 - 16:10:56 | A | 66 Ko] - FINAL ARCHIVO VERONICA PEÑALOZA - copia.docx
[26/06/2019 - 16:10:56 | A | 66 Ko] - FINAL ARCHIVO VERONICA PEÑALOZA.docx
[26/06/2019 - 16:17:52 | A | 65 Ko] - FINAL ARCHIVO VERONICA PEÑALOZA 26 junio.docx
[28/06/2019 - 16:54:06 | A | 75 Ko] - 3679-2018 archivo aceite de canabis.docx
[28/06/2019 - 19:22:58 | A | 72 Ko] - ARCHIVO PELIGRO COMUN ZARATE (Autoguardado) 123 - copia (2).docx
[01/07/2019 - 16:50:20 | A | 68 Ko] - 1 de junio.docx
[03/07/2019 - 15:43:50 | A | 68 Ko] - ARCHIVO PELIGRO COMUN ZARATE (Autoguardado) 123.docx
[03/07/2019 - 18:06:22 | A | 69 Ko] - archivo 3 de julio del 2019.docx
[05/07/2019 - 17:21:30 | A | 42 Ko] - LEY DE DELITOS ADUANEROS.docx
[08/07/2019 - 15:52:22 | A | 74 Ko] - archivo 3 de julio del 2019 final final final.docx
[09/07/2019 - 17:01:42 | A | 61 Ko] - APERTURA PELIGRO COMUN ZARATE 12345 - copia.docx
[09/07/2019 - 17:21:02 | A | 62 Ko] - APERTURA 503-2019-4264.docx
[10/07/2019 - 23:05:48 | A | 21 Ko] - DEFRAUDACIÓN DE RENTAS DE ADUANA yenny.docx
[16/07/2019 - 16:27:22 | A | 71 Ko] - archico con destino final lesiones (LO GOLPEARON POR CELOS ).docx
[03/09/2018 - 16:48:18 | A | 272 Ko] - 1506014503-2017-2583 Archivo lesiones leves.doc
[12/11/2018 - 11:00:36 | A | 274 Ko] - 1506014503-2017-4695 Archivo LESIONES.doc
[18/06/2019 - 15:50:40 | A | 27 Ko] - 231598412-Acta-de-Inspeccion-Judicial.doc
[25/06/2019 - 16:35:36 | A | 79 Ko] - hurto agravado- corrales 44444444.doc
[25/06/2019 - 17:36:08 | A | 102 Ko] - ARCHVO CAMBIAZO 12345.doc
[03/06/2019 - 15:27:04 | D] - 203700 (audio 3)
[06/06/2019 - 15:16:04 | D] - YENNY ULTIMO
[04/07/2019 - 12:46:32 | D] - AUDIOS DE DERECHOS HUMANOS (VALDIVIA)
[04/07/2019 - 15:56:50 | D] - cadena de custodia
[04/07/2019 - 18:38:00 | D] - videos
[11/07/2019 - 13:55:38 | D] - archivos de lesiones

Elemento(s) infectado(s) : 10
Elementos analizados : 88666 en 00h 01m 14s

# UsbFix-Report-01.txt [47175B]

------------ | E.O.F  |

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-07-2019 01
Ran by Dolly (administrator) on MASTERVAIO (Sony Corporation VPCYB35AL) (16-07-2019 18:07:58)
Running from C:\Users\Dolly\Desktop
Loaded Profiles: Dolly (Available Profiles: Dolly)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files\Bluetooth Suite\AdminService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1873192 2011-01-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [BtTray] => C:\Program Files\Bluetooth Suite\BtTray.exe [851584 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-07-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\RunOnce: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [123520 2014-09-18] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files\CyberLink\YouCam\CLCredProv\x86\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files\CyberLink\YouCam\CLCredProv\x86\CLCredProv.dll [2011-09-09] (CyberLink -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B44FD86-D8BE-4551-A858-F2B0BF732BB7} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {0E6FE292-9936-494C-9925-C7A8CDEDC6D4} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1722880 2019-06-25] () [File not signed]
Task: {2163EBA2-87B1-4D0D-AB6F-569A5AA36894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-07-09] (Google Inc -> Google Inc.)
Task: {294B02A3-0105-4B69-AEAA-9D1BEE7A2A97} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {85454358-F211-4B74-80D1-8375C55166DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-07-09] (Google Inc -> Google Inc.)
Task: {B93C6B93-AE94-494A-8803-EF38A499530D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3228552 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {BBB0B46D-9B5B-44F6-BA76-D735D86CC1B5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1913648 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {C01ED511-B991-4CE8-8825-E78D98089B7A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [192704 2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{DF7D4A36-592C-4B74-804D-C443FA2C7DE3}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com.pe/"
CHR Profile: C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default [2019-07-16]
CHR Extension: (Presentaciones) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-24]
CHR Extension: (Documentos) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-24]
CHR Extension: (Google Drive) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-15]
CHR Extension: (YouTube) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-05]
CHR Extension: (Búsqueda de Google) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-09]
CHR Extension: (Hojas de cálculo) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-05]
CHR Extension: (Gmail) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5551168 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [272000 2014-09-18] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [365048 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-03-01] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7800832 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [245760 2011-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34696 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [174472 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225816 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171216 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56504 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [214944 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40904 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [140080 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101192 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73008 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783232 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403952 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167576 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312968 2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
R3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [77952 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [100880 2011-06-20] (ATI Technologies, Inc -> Advanced Micro Devices)
R3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [292992 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
R3 btath_avdt; C:\Windows\System32\drivers\btath_avdt.sys [96896 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [25728 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
R3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [156288 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [64640 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
R3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [117888 2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [50688 2009-07-13] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [173512 2019-07-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [190624 2019-07-16] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64296 2019-07-16] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [241760 2019-07-16] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [86768 2019-07-16] (Malwarebytes Corporation -> Malwarebytes)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [9344 2007-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-16 18:07 - 2019-07-16 18:10 - 000018850 _____ C:\Users\Dolly\Desktop\FRST.txt
2019-07-16 18:03 - 2019-07-16 18:03 - 000047235 _____ C:\Users\Dolly\Desktop\UsbFix_Report.txt
2019-07-16 18:01 - 2019-07-16 18:01 - 000001846 _____ C:\Users\Dolly\Desktop\UsbFix Anti-Malware.lnk
2019-07-16 18:00 - 2019-07-16 18:00 - 004763232 _____ (SOSVirus) C:\Users\Dolly\Desktop\UsbFix_2019_11.016.exe
2019-07-16 16:10 - 2019-07-16 16:10 - 000064296 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-07-16 16:09 - 2019-07-16 16:09 - 000241760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-16 16:09 - 2019-07-16 16:09 - 000190624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-07-16 16:09 - 2019-07-16 16:09 - 000086768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-07-16 16:08 - 2019-07-16 16:08 - 000000000 ___RD C:\Users\Dolly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2019-07-15 17:39 - 2019-07-15 17:39 - 000011180 _____ C:\Users\Dolly\Desktop\Fixlog.txt
2019-07-15 17:38 - 2019-07-15 17:38 - 000000000 ____D C:\Users\Dolly\Desktop\FRST-OlderVersion
2019-07-15 17:35 - 2019-07-15 17:36 - 000797760 _____ C:\Users\Dolly\Desktop\delfix.exe
2019-07-14 14:10 - 2019-02-20 22:59 - 001310520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-14 14:10 - 2019-02-20 22:59 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-07-14 14:10 - 2019-02-20 22:59 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-14 14:10 - 2019-02-20 22:59 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-07-14 14:10 - 2019-02-20 22:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-07-14 14:10 - 2019-02-20 22:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-14 14:10 - 2019-02-20 22:58 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-07-14 14:10 - 2019-02-20 22:58 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-07-14 14:10 - 2019-02-20 22:56 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:38 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-07-14 14:10 - 2019-02-20 22:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-14 14:10 - 2019-02-20 22:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-07-14 14:10 - 2019-02-20 22:38 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-07-14 14:10 - 2019-02-20 22:38 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-07-14 14:10 - 2019-02-20 22:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-07-14 14:10 - 2019-02-20 22:36 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-07-14 14:10 - 2019-02-20 22:36 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-07-14 14:10 - 2019-02-20 22:36 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-07-14 14:10 - 2019-02-20 22:34 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-07-14 14:10 - 2019-02-20 22:34 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-07-14 14:10 - 2019-02-20 22:34 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-07-14 14:10 - 2019-02-20 22:34 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-07-14 14:10 - 2019-02-20 22:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-07-14 14:10 - 2019-02-20 22:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-07-14 14:10 - 2019-02-10 11:43 - 000078560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-07-14 14:10 - 2019-02-10 11:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-07-14 14:10 - 2019-02-10 11:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-07-14 14:10 - 2019-02-10 11:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-07-14 14:10 - 2019-02-10 11:37 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-14 14:10 - 2019-02-10 11:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-07-14 14:10 - 2019-02-10 11:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-07-14 14:10 - 2019-02-10 11:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-07-14 14:10 - 2019-02-10 11:28 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-07-14 14:10 - 2019-02-10 11:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-07-14 14:10 - 2019-02-10 11:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-07-14 14:10 - 2019-02-10 11:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-07-14 14:10 - 2019-02-10 11:19 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-07-14 14:10 - 2019-02-10 11:19 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-07-14 14:10 - 2019-02-10 11:19 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-07-14 14:10 - 2018-11-17 21:59 - 000410080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-07-14 14:10 - 2018-11-17 21:43 - 000374872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-07-14 14:10 - 2018-11-17 21:43 - 000249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-07-14 14:09 - 2019-02-20 22:56 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-07-14 14:09 - 2019-02-20 22:56 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-07-14 14:09 - 2019-02-20 22:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-07-14 14:09 - 2018-11-17 21:44 - 000535616 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-07-14 14:09 - 2018-11-17 21:44 - 000470704 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-07-14 14:08 - 2015-04-17 21:56 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-07-14 13:57 - 2015-07-14 21:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2019-07-14 13:55 - 2015-12-08 16:54 - 002285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-07-14 13:55 - 2015-12-08 16:54 - 001620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2019-07-14 13:55 - 2015-12-08 16:54 - 001568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2019-07-14 13:55 - 2015-12-08 16:54 - 001325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2019-07-14 13:55 - 2015-12-08 16:54 - 001202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2019-07-14 13:55 - 2015-12-08 16:54 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2019-07-14 13:55 - 2015-12-08 16:54 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2019-07-14 13:55 - 2015-12-08 16:54 - 000740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2019-07-14 13:55 - 2015-12-08 16:54 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2019-07-14 13:55 - 2015-12-08 16:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2019-07-14 13:55 - 2015-12-08 16:54 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2019-07-14 13:55 - 2015-12-08 16:54 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2019-07-14 13:55 - 2015-12-08 16:54 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2019-07-14 13:55 - 2015-12-08 16:53 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2019-07-14 13:55 - 2015-12-08 16:53 - 000829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2019-07-14 13:55 - 2015-12-08 16:53 - 000728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2019-07-14 13:55 - 2015-12-08 16:53 - 000609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2019-07-14 13:55 - 2015-12-08 16:53 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2019-07-14 13:55 - 2015-12-08 16:53 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2019-07-14 13:55 - 2015-12-08 16:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2019-07-14 13:55 - 2015-12-08 16:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2019-07-14 13:55 - 2015-12-08 16:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2019-07-14 13:55 - 2015-12-08 16:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2019-07-14 13:55 - 2015-12-08 16:53 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2019-07-14 13:55 - 2015-12-08 16:53 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2019-07-14 13:55 - 2015-12-08 16:53 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2019-07-14 13:55 - 2015-12-08 16:53 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2019-07-14 13:55 - 2015-12-08 16:53 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2019-07-14 13:55 - 2015-12-08 16:53 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2019-07-14 13:55 - 2015-12-08 16:43 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2019-07-14 13:55 - 2015-12-08 16:11 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2019-07-14 13:55 - 2015-12-08 16:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2019-07-14 13:30 - 2019-07-14 13:31 - 000027286 _____ C:\Users\Dolly\Downloads\Addition.txt
2019-07-14 13:27 - 2019-07-16 18:07 - 000000000 ____D C:\FRST
2019-07-14 13:27 - 2019-07-14 13:31 - 000036087 _____ C:\Users\Dolly\Downloads\FRST.txt
2019-07-14 13:26 - 2019-07-15 17:38 - 001446912 _____ (Farbar) C:\Users\Dolly\Desktop\FRST.exe
2019-07-14 13:16 - 2016-05-11 10:19 - 000351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-07-14 13:16 - 2016-05-11 10:19 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2019-07-14 13:16 - 2016-05-11 10:19 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2019-07-14 13:16 - 2016-05-11 10:01 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2019-07-14 13:16 - 2016-05-11 09:52 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-07-14 13:16 - 2015-06-01 18:47 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2019-07-14 13:15 - 2015-04-24 12:56 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2019-07-14 13:15 - 2015-02-03 21:54 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2019-07-14 13:15 - 2014-12-05 22:50 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2019-07-12 17:10 - 2019-07-12 17:10 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\AVAST Software
2019-07-12 17:09 - 2019-07-12 17:09 - 000002012 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-07-12 17:09 - 2019-07-12 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-07-12 16:41 - 2019-07-11 17:24 - 000312200 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-12 16:07 - 2019-07-12 16:07 - 000002089 _____ C:\Users\Dolly\Desktop\reporte malware.txt
2019-07-11 18:08 - 2019-07-15 17:30 - 000234244 _____ C:\Windows\ntbtlog.txt
2019-07-11 18:03 - 2019-07-11 18:07 - 000000000 ____D C:\AdwCleaner
2019-07-11 18:01 - 2019-07-11 18:02 - 000020322 _____ C:\Users\Dolly\Desktop\ZHPCleaner.txt
2019-07-11 17:58 - 2019-07-11 17:58 - 000020333 _____ C:\Users\Dolly\Desktop\ZHPCleaner (R).txt
2019-07-11 17:56 - 2019-07-11 17:56 - 000021827 _____ C:\Users\Dolly\Desktop\ZHPCleaner (S).txt
2019-07-11 17:28 - 2019-07-11 17:28 - 000000801 _____ C:\Users\Dolly\Desktop\ZHPCleaner.lnk
2019-07-11 17:24 - 2019-07-11 17:24 - 000783232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000403952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000312968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000214944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000174472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000171216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000167576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000140080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000101192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000073008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000056504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000040904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000034696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-07-11 17:24 - 2019-07-11 17:24 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-07-11 17:22 - 2019-07-11 17:22 - 000000000 ____D C:\Program Files\AVAST Software
2019-07-11 17:21 - 2019-07-11 17:24 - 000000000 ____D C:\ProgramData\AVAST Software
2019-07-11 17:21 - 2019-07-11 17:21 - 000000978 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-11 17:21 - 2019-07-11 17:21 - 000000300 ____H C:\Windows\Tasks\CCleaner Update.job
2019-07-11 17:20 - 2019-07-15 17:30 - 000173512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-07-11 17:20 - 2019-07-11 17:20 - 000002033 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-11 17:20 - 2019-07-11 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-11 17:19 - 2019-07-11 17:19 - 020638704 _____ (Piriform Software Ltd) C:\Users\Dolly\Downloads\ccsetup558.exe
2019-07-11 17:19 - 2019-07-11 17:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-11 17:19 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-07-11 17:18 - 2019-07-11 17:18 - 007025360 _____ (Malwarebytes) C:\Users\Dolly\Downloads\adwcleaner_7.3.exe
2019-07-11 17:18 - 2019-07-11 17:18 - 003140992 _____ (Nicolas Coolman) C:\Users\Dolly\Downloads\ZHPCleaner.exe
2019-07-11 17:17 - 2019-07-11 17:18 - 064525528 _____ (Malwarebytes ) C:\Users\Dolly\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11502.exe
2019-07-11 17:08 - 2019-07-11 17:08 - 000007606 _____ C:\Users\Dolly\AppData\Local\Resmon.ResmonCfg
2019-07-03 21:04 - 2014-05-14 11:23 - 001973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-07-03 21:04 - 2014-05-14 11:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-07-03 21:04 - 2014-05-14 11:23 - 000054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-07-03 21:04 - 2014-05-14 11:23 - 000045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-07-03 21:04 - 2014-05-14 11:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-07-03 21:04 - 2014-05-14 11:17 - 002425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-07-03 21:04 - 2014-05-14 11:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-07-03 21:03 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-07-03 21:03 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-07-02 00:05 - 2019-07-02 00:05 - 000000000 ____D C:\Users\Dolly\Tracing
2019-07-01 23:44 - 2019-07-01 23:44 - 000000000 ____D C:\Windows\es
2019-07-01 23:44 - 2014-03-31 21:36 - 000049856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2019-07-01 23:43 - 2019-07-01 23:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2019-07-01 23:43 - 2019-07-01 23:43 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2019-07-01 23:43 - 2019-07-01 23:43 - 000001413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2019-07-01 23:43 - 2019-07-01 23:43 - 000001329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2019-07-01 23:43 - 2019-07-01 23:43 - 000001260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2019-07-01 23:41 - 2019-07-01 23:44 - 000000000 ____D C:\Program Files\Windows Live
2019-07-01 23:41 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-07-01 23:41 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-07-01 23:41 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-07-01 23:41 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-07-01 23:39 - 2019-07-01 23:39 - 000002220 _____ C:\Users\Dolly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-07-01 23:39 - 2019-07-01 23:39 - 000002103 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-07-01 23:39 - 2019-07-01 23:39 - 000000000 ___RD C:\Users\Dolly\OneDrive
2019-07-01 23:39 - 2019-07-01 23:39 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2019-07-01 23:38 - 2019-07-01 23:38 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-07-01 23:37 - 2019-07-02 00:05 - 000000000 ____D C:\Users\Dolly\AppData\Local\Windows Live
2019-07-01 23:37 - 2019-07-01 23:37 - 000000000 ____D C:\Program Files\Common Files\Windows Live
2019-07-01 23:17 - 2019-07-01 23:19 - 139189424 _____ (Microsoft Corporation) C:\Users\Dolly\Downloads\Windows Essentials 2012.exe
2019-07-01 21:34 - 2019-07-11 17:29 - 000000000 ____D C:\Users\Dolly\Desktop\123
2019-07-01 21:34 - 2019-07-01 21:34 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\Publish Providers
2019-07-01 21:27 - 2019-07-02 17:39 - 000000000 ____D C:\Users\Dolly\AppData\Local\Sony
2019-07-01 21:27 - 2019-07-02 17:39 - 000000000 ____D C:\Program Files\Sony
2019-07-01 21:27 - 2019-07-01 21:27 - 000000000 ____D C:\ProgramData\Sony
2019-07-01 21:25 - 2019-07-01 21:58 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\Sony
2019-07-01 21:22 - 2019-07-01 21:24 - 208755954 _____ C:\Users\Dolly\Downloads\Sony Vegas Pro v11.0 Build 700 Final x86.rar
2019-06-26 17:58 - 2019-07-11 17:25 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\MPC-HC
2019-06-26 17:57 - 2019-06-26 17:57 - 000000000 ____D C:\Windows\system32\directx
2019-06-26 17:57 - 2019-06-26 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-06-26 17:57 - 2019-06-26 17:57 - 000000000 ____D C:\Program Files\K-Lite Codec Pack
2019-06-26 17:57 - 2018-01-28 04:00 - 000694784 _____ C:\Windows\system32\xvidcore.dll
2019-06-26 17:57 - 2018-01-28 04:00 - 000284672 _____ C:\Windows\system32\xvidvfw.dll
2019-06-26 17:57 - 2017-07-30 05:50 - 003850240 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll
2019-06-26 17:57 - 2015-10-24 11:00 - 000112128 _____ C:\Windows\system32\ff_vfw.dll
2019-06-26 17:57 - 2015-02-25 11:27 - 000473088 _____ (hxxp://www.mp3dev.org/) C:\Windows\system32\lameACM.acm
2019-06-26 17:57 - 2012-07-21 05:54 - 000122880 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2019-06-26 17:57 - 2012-05-21 16:48 - 000000415 _____ C:\Windows\system32\lame_acm.xml
2019-06-26 17:57 - 2011-12-07 12:32 - 000216064 _____ ( ) C:\Windows\system32\lagarith.dll
2019-06-26 17:57 - 2004-05-18 13:16 - 000039936 _____ (Disappearing Inc.) C:\Windows\system32\huffyuv.dll
2019-06-26 17:53 - 2019-06-26 17:54 - 059789295 _____ (KLCP ) C:\Users\Dolly\Downloads\K-Lite_Codec_Pack_1500_Mega.exe
2019-06-26 17:50 - 2019-06-26 19:00 - 000000000 ____D C:\Users\Dolly\Desktop\CASO EL PINTOR
2019-06-19 18:11 - 2019-06-19 18:11 - 001931730 _____ C:\Users\Dolly\Downloads\48591642-Litigacion-Penal-y-Juicio-Oral.pdf
2019-06-19 18:11 - 2019-06-19 18:11 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\Google

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-16 18:03 - 2011-04-11 20:30 - 000747230 _____ C:\Windows\system32\perfh00A.dat
2019-07-16 18:03 - 2011-04-11 20:30 - 000158670 _____ C:\Windows\system32\perfc00A.dat
2019-07-16 18:03 - 2010-11-20 16:01 - 001675926 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-16 18:03 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\inf
2019-07-16 18:01 - 2019-04-24 20:06 - 000000000 ____D C:\Program Files\UsbFix
2019-07-16 17:40 - 2009-07-13 23:34 - 000025936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-16 17:40 - 2009-07-13 23:34 - 000025936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-16 16:07 - 2009-07-13 23:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-15 18:33 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\system32\Dism
2019-07-15 17:36 - 2019-05-02 14:35 - 000000259 _____ C:\DelFix.txt
2019-07-11 17:58 - 2019-04-23 15:47 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\ZHP
2019-07-11 17:21 - 2015-07-09 22:48 - 000000000 ____D C:\Program Files\CCleaner
2019-07-09 12:15 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\rescache
2019-07-02 00:05 - 2015-07-09 19:52 - 000000000 ____D C:\Users\Dolly
2019-07-01 23:43 - 2015-07-09 22:09 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2019-07-01 23:41 - 2009-07-13 21:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-01 21:58 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\LiveKernelReports
2019-07-01 16:26 - 2019-05-06 09:11 - 000000000 ____D C:\Users\Dolly\AppData\Local\ElevatedDiagnostics
2019-06-28 15:53 - 2009-07-13 23:53 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-06-26 20:57 - 2019-03-12 16:01 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\AIMP
2019-06-26 18:43 - 2015-07-09 22:50 - 000000000 ____D C:\Users\Dolly\AppData\Roaming\vlc
2019-06-21 16:41 - 2015-07-09 20:45 - 000002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories ================

2019-07-11 17:08 - 2019-07-11 17:08 - 000007606 _____ () C:\Users\Dolly\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-03 10:12
==================== End of FRST.txt ============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-07-2019 01
Ran by Dolly (16-07-2019 18:11:00)
Running from C:\Users\Dolly\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2015-07-10 00:52:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1986104296-3163790973-3246301206-500 - Administrator - Disabled)
Dolly (S-1-5-21-1986104296-3163790973-3246301206-1000 - Administrator - Enabled) => C:\Users\Dolly
HomeGroupUser$ (S-1-5-21-1986104296-3163790973-3246301206-1002 - Limited - Enabled)
Invitado (S-1-5-21-1986104296-3163790973-3246301206-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Reader XI  MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AIMP (HKLM\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Apple Application Support (32 bits) (HKLM\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{ABDE67C4-5876-4CDB-82A9-0CBACECC1C4A}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{9F8E6025-423A-2A9F-3951-71E9BE2A85E7}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BS FAG version 3.0 (HKLM\...\{1859C22D-2DA3-4A45-8659-D5124FB9FF88}_is1) (Version: 3.0 - Broto Suseno)
calibre (HKLM\...\{ED468F84-6B55-4FFD-A0C2-3C2064696A88}) (Version: 3.40.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
CyberLink YouCam 5 (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Galería de fotos (HKLM\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
IrfanView 4.51 (32-bit) (HKLM\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{869A9D9A-54D2-43E6-BB88-201902C9210E}) (Version: 12.9.3.3 - Apple Inc.)
Java 8 Update 211 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 15.0.0 (32-bit) (HKLM\...\KLiteCodecPack_is1) (Version: 15.0.0 - KLCP)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x86) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Qualcomm Atheros 61x4 Bluetooth Suite (HKLM\...\{6B576143-BBF3-4F47-AC1E-6D37835D39E5}) (Version: 4.0.0.400 - Qualcomm Atheros Communications)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
Ultra MPEG-4 Converter 5.2.0603 (HKLM\...\Ultra MPEG-4 Converter_is1) (Version:  - Aone Software)
UsbFix Anti-Malware Premium (HKLM\...\Usbfix) (Version: 11.0.1.6 - SOSVirus (SOSVirus.Net))
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WMPKeys (HKLM\...\{5D4B3647-9842-4875-B081-EF8D98C02865}) (Version: 1.2.0.0 - lazymf and kbept)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{9B61F641-7794-4322-BF6A-E45EFD6C8D7C}\InprocServer32 -> C:\Program Files\WMPKeys\wmpkeys.dll (lazymf and kbept) [File not signed]
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1986104296-3163790973-3246301206-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Dolly\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2019-03-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files\Bluetooth Suite\BtvAppExt.dll [2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files\Bluetooth Suite\ShellContextExt.dll [2014-09-18] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2019-03-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2011-05-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2009-01-20 13:51 - 2009-01-20 13:51 - 000007168 _____ ( ) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
2011-03-14 14:21 - 2011-03-14 14:21 - 000016384 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000243712 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-05-24 23:17 - 2011-05-24 23:17 - 000065024 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-05-24 23:17 - 2011-05-24 23:17 - 000095232 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000042496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000034816 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000022016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000025088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000345600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000048128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 000774144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000159744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000033792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 001259520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000131072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000966656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 002045440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 001200640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000421888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000266240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2010-08-23 16:11 - 2010-08-23 16:11 - 000299008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2011-05-24 23:47 - 2011-05-24 23:47 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000095744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2011-04-21 16:40 - 2011-04-21 16:40 - 000080896 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000524288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
2011-05-24 23:48 - 2011-05-24 23:48 - 000043520 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 002452992 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Dashboard.dll
2011-05-24 23:51 - 2011-05-24 23:51 - 000240128 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000389120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000057344 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2007-08-09 16:58 - 2007-08-09 16:58 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
2009-06-17 05:27 - 2009-06-17 05:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2009-04-22 12:13 - 2009-04-22 12:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2008-12-30 11:04 - 2008-12-30 11:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2009-12-08 06:49 - 2009-12-08 06:49 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2010-10-07 13:07 - 2010-10-07 13:07 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2010-11-05 14:18 - 2010-11-05 14:18 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000192512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.es_Localization.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000259584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2011-05-24 23:49 - 2011-05-24 23:49 - 000168960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2011-05-24 23:17 - 2011-05-24 23:17 - 000294400 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2011-05-24 23:51 - 2011-05-24 23:51 - 000027648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000290816 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2011-05-24 23:47 - 2011-05-24 23:47 - 000167936 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2015-07-09 22:50 - 2012-06-09 19:20 - 000167936 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2011-05-24 23:17 - 2011-05-24 23:17 - 000036864 _____ (AMD) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.Implementation.dll
2010-09-28 15:33 - 2010-09-28 15:33 - 000299008 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2010-03-04 00:27 - 2010-03-04 00:27 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2009-04-22 12:13 - 2009-04-22 12:13 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000338560 _____ (Qualcomm Atheros -> ) [File not signed] C:\Program Files\Bluetooth Suite\ContactsApi.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000076416 _____ (Qualcomm Atheros -> ) [File not signed] C:\Program Files\Bluetooth Suite\Modules\Map\MAP.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000123520 _____ (Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files\Bluetooth Suite\BtvStack.exe
2014-09-18 21:21 - 2014-09-18 21:21 - 000851584 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\BtTray.exe
2014-09-18 21:21 - 2014-09-18 21:21 - 000099456 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\BtvAppExt.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000223360 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\BtvSdkDll.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000061568 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\CombineAgent.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000027776 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\CommApi.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000170112 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\FolderViewImpl.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000073856 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\GattI.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000109696 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\gatts.DLL
2014-09-18 21:21 - 2014-09-18 21:21 - 000074880 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Handsfree.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000028800 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\ipc.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000054400 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\ModuleManager.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000196736 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\Audio\audio.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000145536 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000158336 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\BIP\BIP.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000019584 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\DID\DId.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000038528 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\FAX\Fax.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000343680 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000089728 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000088704 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\goep\goep.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000030336 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000129664 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\HealthDevice\HDP.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000080000 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000269440 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\LE\LE.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000157824 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\OppOperation\ObjPush.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000061056 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000061056 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\pbap\pbap.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000056448 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000087168 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\sap\sap.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000074880 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000050304 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\spp\spp.dll
2014-09-18 21:23 - 2014-09-18 21:23 - 000062592 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\Modules\Sync\Sync.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000674944 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\OutLookLib.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000238720 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\ShellContextExt.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000125568 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\skypeagent.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000023680 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\TCPConnection.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000086656 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files\Bluetooth Suite\utils.dll
2014-09-18 21:21 - 2014-09-18 21:21 - 000272000 _____ (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files\Bluetooth Suite\adminservice.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2019-07-15 17:39 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Calibre2\;C:\Program Files\Windows Live\Shared
HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dolly\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: YouCam Service => "C:\Program Files\CyberLink\YouCam\YouCamService.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{BC69C5C3-69C8-43B2-8C53-F723658D29CA}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{DA7048C1-003F-4DF2-B97C-1A64C8126F56}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

26-06-2019 16:22:54 Punto de control programado
01-07-2019 23:37:54 Windows Live Essentials
01-07-2019 23:39:53 Se ha instalado DirectX
01-07-2019 23:40:29 Se ha instalado DirectX
01-07-2019 23:40:58 Se ha instalado DirectX
01-07-2019 23:42:02 WLSetup
02-07-2019 17:34:44 Revo Uninstaller's restore point - Vegas Pro 11.0
02-07-2019 17:35:12 Removed Vegas Pro 11.0
03-07-2019 21:02:29 Windows Update
14-07-2019 13:11:22 Windows Update
14-07-2019 13:55:36 Windows Update
14-07-2019 14:10:59 Windows Update
15-07-2019 17:24:55 Windows Update
15-07-2019 17:51:08 Windows Update

==================== Faulty Device Manager Devices =============

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/15/2019 05:35:57 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (07/15/2019 05:33:48 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (07/15/2019 05:29:29 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.

Error: (07/15/2019 05:29:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x8007043C

Error: (07/14/2019 01:46:41 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; descripción = Configured Microsoft Office Professional Plus 2010; error = 0x8007043c).

Error: (07/14/2019 01:46:37 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; descripción = Configured Microsoft Office Professional Plus 2010; error = 0x8007043c).

Error: (07/14/2019 01:46:04 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; descripción = Configured Microsoft Office Professional Plus 2010; error = 0x8007043c).

Error: (07/14/2019 01:46:00 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; descripción = Configured Microsoft Office Professional Plus 2010; error = 0x8007043c).


System errors:
=============
Error: (07/16/2019 06:03:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (07/16/2019 06:03:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (07/16/2019 05:58:16 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk4\DR5.

Error: (07/16/2019 05:58:15 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk4\DR5.

Error: (07/16/2019 05:58:15 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk4\DR5.

Error: (07/16/2019 05:58:14 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk4\DR5.

Error: (07/16/2019 04:08:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (07/15/2019 09:18:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} no se registró con DCOM dentro del tiempo de espera requerido.


==================== Memory info =========================== 

BIOS: Insyde Corp. R0190Z7 09/09/2011
Motherboard: Sony Corporation VAIO
Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 89%
Total physical RAM: 1642.9 MB
Available physical RAM: 179.96 MB
Total Virtual: 3285.8 MB
Available Virtual: 920.8 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:112.99 GB) (Free:56.36 GB) NTFS
Drive d: (Datos) (Fixed) (Total:352.67 GB) (Free:337.24 GB) NTFS
Drive h: (Lexar) (Removable) (Total:7.45 GB) (Free:0.51 GB) FAT32

\\?\Volume{f745c7c4-269b-11e5-ac6a-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: BB27E94F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=352.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)

==================== End of Addition.txt ============================

Comento que ha habido una mejoria tremenda en el rendimiento de la PC desde el último escaneo. Gracias por todo y espero la siguiente respuesta!

Hola:

Buenísimo que este mejor!

Mientras analizó los reportes recuerda vacunar el equipo y las unidades con USBFix tal los pasos que te deje en mi anterior post.

Comenta por aquí cuando los tengas vacunados así continuamos.

Salu2

Hola @Brayand_Chacaltana

Te dejo el Fix:

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\RunOnce: [] => [X]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2019-06-26 17:57 - 2012-07-21 05:54 - 000122880 _____ (fccHandler) C:\Windows\system32\ac3acm.acm

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

Dejo el reporte solicitado! Muchas gracias por toda la ayuda :smiley:

Fix result of Farbar Recovery Scan Tool (x86) Version: 15-07-2019 01
Ran by Dolly (18-07-2019 16:22:51) Run:2
Running from C:\Users\Dolly\Desktop
Loaded Profiles: Dolly (Available Profiles: Dolly)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\RunOnce: [] => [X]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2019-06-26 17:57 - 2012-07-21 05:54 - 000122880 _____ (fccHandler) C:\Windows\system32\ac3acm.acm

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\msacm.ac3acm" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\msacm.lameacm" => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
C:\Windows\system32\ac3acm.acm => moved successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::ac7f:b75e:9b82:baf4%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.43.101
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.43.1

Adaptador de t£nel isatap.{44BD1599-7841-41E0-B9FB-15B0C59ED7B9}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{957B07AB-75BD-4614-A32E-18758E355809}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{DF7D4A36-592C-4B74-804D-C443FA2C7DE3}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-1986104296-3163790973-3246301206-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12197388 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2161952 B
Edge => 0 B
Chrome => 8364137 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 888 B
Dolly => 351789 B

RecycleBin => 0 B
EmptyTemp: => 30 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:24:15 ====

Hola @Brayand_Chacaltana

Para eliminar las herramientas utilizadas:

Descargas/Ejecutas >> Delfix, desde tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


Para otros problemas, ya sabes donde encontrarnos. :wink:

Tema Solucionado

Salu2.