Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 19-05-2021 Ejecutado por Brandon (administrador) sobre DESKTOP-PC4KFAU (Dell Inc. Inspiron 15-3567) (21-05-2021 16:43:05) Ejecutado desde C:\Users\Brandon\Desktop Perfiles cargados: Brandon Platform: Windows 10 Home Single Language Versión 20H2 19042.804 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2> (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Google LLC -> Google LLC) C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe <18> (Google LLC -> Google LLC) C:\Users\Brandon\AppData\Local\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Users\Brandon\AppData\Local\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel(R) Corporation -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Brandon\AppData\Local\Microsoft\OneDrive\21.093.0509.0001\FileCoAuth.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Brandon\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2102.8653.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM-x32\...\Run: [Genshin Impact_Launcher] => [X] HKU\S-1-5-21-3337122944-776954238-4183529962-1001\...\Run: [Google Update] => C:\Users\Brandon\AppData\Local\Google\Update\1.3.36.82\GoogleUpdateCore.exe [217432 2021-04-20] (Google LLC -> Google LLC) HKU\S-1-5-21-3337122944-776954238-4183529962-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33033184 2021-05-19] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3337122944-776954238-4183529962-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Brandon\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-02-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3337122944-776954238-4183529962-1001\...\MountPoints2: {088b133d-7d33-11eb-9c72-283a4d37834c} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3337122944-776954238-4183529962-1001\...\MountPoints2: {088b13b9-7d33-11eb-9c72-283a4d37834c} - "E:\HiSuiteDownLoader.exe" ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {0666F12A-B4B7-4C43-9742-0345EEDD5F06} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0C592168-6E32-4E28-8E04-EB74496B22B7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23185824 2021-05-20] (Microsoft Corporation -> Microsoft Corporation) Task: {1062B03C-70C0-4384-B361-A6B8B4A7D02C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5293496 2021-05-20] (Microsoft Corporation -> Microsoft Corporation) Task: {18CF547B-FC73-4665-B589-A5C853469FD8} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe Task: {1D426E7F-CB84-4B33-BFC7-59EC67B61B07} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1058336 2021-04-21] (Dell Inc -> Dell Inc.) Task: {3A9C8DFA-E36B-4211-9D07-9FDCECB19B6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {534FB633-6C9A-4B16-B1E7-69BE1CE9A611} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {687162A2-C824-4F12-A9E4-7375088F7638} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5293496 2021-05-20] (Microsoft Corporation -> Microsoft Corporation) Task: {76BFE892-4D7A-44A9-A1AB-2C33E866A116} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-05-20] (Microsoft Corporation -> Microsoft Corporation) Task: {81469E86-2278-4DE2-9289-4032781B869D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {871AFB66-0243-4D59-B1A1-431ACE90FCD1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3337122944-776954238-4183529962-1001UA => C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-12-18] (Google LLC -> Google LLC) Task: {8F9E1EF4-2B0F-4CB0-87C6-A30673E7668E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3337122944-776954238-4183529962-1001Core => C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-12-18] (Google LLC -> Google LLC) Task: {C4CC5EF5-6B09-438D-B801-2D049B37A43E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-05-20] (Microsoft Corporation -> Microsoft Corporation) Task: {E1B04944-582D-4FA6-B880-815931BF8042} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23185824 2021-05-20] (Microsoft Corporation -> Microsoft Corporation) Task: {FBD38E04-1E1A-4BAB-B02C-5B2EDA6C3269} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\Parameters: [DhcpNameServer] 190.113.97.11 190.113.97.3 Tcpip\..\Interfaces\{210a5223-7c46-43b7-ab51-edc802371c90}: [DhcpNameServer] 190.113.97.11 190.113.97.3 Tcpip\..\Interfaces\{fd0275ec-0ab6-4f74-ade0-d06f26c1e0cf}: [DhcpNameServer] 190.113.97.11 190.113.97.3 Edge: ======= Edge Profile: C:\Users\Brandon\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-21] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-11] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default [2021-05-21] CHR Notifications: Default -> hxxps://forospyware.com; hxxps://tii.ai; hxxps://www.facebook.com; hxxps://www10.todhamilton.pro; hxxps://www17.christianivory.pro; hxxps://www2.christianivory.pro; hxxps://www56.todhamilton.pro; hxxps://www62.christianivory.pro; hxxps://www65.todhamilton.pro; hxxps://www85.christianivory.pro; hxxps://www92.christianivory.pro CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png CHR Extension: (Presentaciones) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-18] CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-05-21] CHR Extension: (Documentos) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-18] CHR Extension: (Google Drive) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-18] CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-18] CHR Extension: (Hojas de cálculo) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-18] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-05-17] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-05-21] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-18] CHR Extension: (Chrome Media Router) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24] CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-11] CHR Extension: (Presentaciones) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-11] CHR Extension: (Documentos) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-11] CHR Extension: (Google Drive) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-11] CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-11] CHR Extension: (Hojas de cálculo) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-11] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-03-11] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-11] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-11] CHR Extension: (Gmail) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-11] CHR Extension: (Chrome Media Router) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11] CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-11] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9036704 2021-05-20] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [422128 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3975712 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [623136 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1009264 2021-03-30] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-04-01] (Dell Inc -> Dell INC.) S2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-06] (Dell Inc -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-21] (Malwarebytes Inc -> Malwarebytes) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2021-01-21] (McAfee, LLC -> McAfee, LLC) R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks) R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-04-21] (Dell Inc -> Dell Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [27896 2021-05-20] (WDKTestCert Amit_K_Tiwari,132158070448517957 -> ) R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation) R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corporation -> Wistron Corp.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-21] (Malwarebytes Inc -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-21] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-21] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-21] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-21] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-21] (Malwarebytes Inc -> Malwarebytes) R3 MpKslcb321eea; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32C4909E-47DC-4ACB-AB3D-A17D73097AFC}\MpKslDrv.sys [107744 2021-05-21] (Microsoft Windows -> Microsoft Corporation) R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 UniFairy; C:\WINDOWS\system32\UniFairy.sys [828144 2021-02-02] (Tencent Technology(Shenzhen) Company Limited -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-14] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-14] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) (Lista blanca) ========= (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-05-21 16:16 - 2021-05-21 16:16 - 000000000 ____D C:\Users\Brandon\AppData\LocalLow\IGDump 2021-05-21 15:42 - 2021-05-21 15:42 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-05-21 15:41 - 2021-05-21 15:41 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-05-21 15:41 - 2021-05-21 15:41 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-05-21 15:08 - 2021-05-21 15:08 - 000000000 ____D C:\Users\Brandon\AppData\Local\CrashDumps 2021-05-21 14:59 - 2021-05-21 15:00 - 000001382 _____ C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-05-21 14:59 - 2021-05-21 14:59 - 011697056 _____ (ESET) C:\Users\Brandon\Downloads\esetonlinescanner.exe 2021-05-21 14:59 - 2021-05-21 14:59 - 000000000 ____D C:\Users\Brandon\AppData\Local\ESET 2021-05-21 14:36 - 2021-05-21 14:36 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-05-21 14:36 - 2021-05-21 14:36 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-05-21 14:36 - 2021-05-21 14:36 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-05-21 14:36 - 2021-05-21 14:36 - 000000000 ____D C:\Users\Brandon\AppData\Local\mbam 2021-05-21 14:36 - 2021-05-21 14:35 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-05-21 14:36 - 2021-05-21 14:35 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-05-21 14:35 - 2021-05-21 14:35 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-05-21 14:34 - 2021-05-21 14:34 - 000000000 ____D C:\Program Files\Malwarebytes 2021-05-21 14:32 - 2021-05-21 14:32 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Brandon\Downloads\rkill64.exe 2021-05-21 14:31 - 2021-05-21 14:31 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Brandon\Downloads\rkill.exe 2021-05-21 14:16 - 2021-05-21 14:22 - 000048978 _____ C:\Users\Brandon\Desktop\Addition.txt 2021-05-21 14:10 - 2021-05-21 16:47 - 000022638 _____ C:\Users\Brandon\Desktop\FRST.txt 2021-05-21 14:07 - 2021-05-21 14:07 - 000797760 _____ C:\Users\Brandon\Downloads\delfix.exe 2021-05-21 13:22 - 2021-05-21 13:27 - 000048980 _____ C:\Users\Brandon\Downloads\Addition.txt 2021-05-21 13:19 - 2021-05-21 13:27 - 000033004 _____ C:\Users\Brandon\Downloads\FRST.txt 2021-05-21 13:16 - 2021-05-21 16:45 - 000000000 ____D C:\FRST 2021-05-21 13:15 - 2021-05-21 13:15 - 002299904 _____ (Farbar) C:\Users\Brandon\Desktop\FRST64.exe 2021-05-21 13:13 - 2021-05-21 13:13 - 002012160 _____ (Farbar) C:\Users\Brandon\Downloads\FRST (1).exe 2021-05-21 12:51 - 2021-05-21 12:51 - 002299904 _____ (Farbar) C:\Users\Brandon\Downloads\Sin confirmar 537380.crdownload 2021-05-21 12:51 - 2021-05-21 12:51 - 002012160 _____ (Farbar) C:\Users\Brandon\Downloads\Sin confirmar 920390.crdownload 2021-05-21 12:49 - 2021-05-21 12:49 - 002299904 _____ (Farbar) C:\Users\Brandon\Downloads\Sin confirmar 660317.crdownload 2021-05-21 12:49 - 2021-05-21 12:49 - 002299904 _____ (Farbar) C:\Users\Brandon\Downloads\Sin confirmar 110228.crdownload 2021-05-21 12:49 - 2021-05-21 12:49 - 002012160 _____ (Farbar) C:\Users\Brandon\Downloads\FRST.exe 2021-05-21 12:48 - 2021-05-21 12:48 - 002299904 _____ (Farbar) C:\Users\Brandon\Downloads\Sin confirmar 886982.crdownload 2021-05-21 12:48 - 2021-05-21 12:48 - 002299904 _____ (Farbar) C:\Users\Brandon\Downloads\Sin confirmar 616496.crdownload 2021-05-21 09:49 - 2021-05-21 16:19 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware 2021-05-21 09:49 - 2021-05-21 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware 2021-05-21 09:49 - 2021-05-21 09:49 - 000000000 ____D C:\ProgramData\GridinSoft 2021-05-21 09:38 - 2021-05-21 09:38 - 000000000 _____ C:\Users\Brandon\Desktop\hacer.txt 2021-05-20 20:48 - 2021-05-20 20:49 - 000027896 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys 2021-05-20 14:31 - 2021-04-30 23:07 - 005356736 _____ C:\Users\Brandon\Desktop\GenshinImpact.exe 2021-05-20 14:23 - 2021-05-20 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2021-05-18 20:17 - 2021-05-18 20:17 - 000871078 _____ C:\Users\Brandon\Downloads\video0-177.mp4 2021-05-14 15:04 - 2021-05-14 15:04 - 000186732 _____ C:\Users\Brandon\Downloads\Modelo de negocios Canvas.pdf 2021-05-14 15:04 - 2021-05-14 15:04 - 000059904 _____ C:\Users\Brandon\Downloads\Nuevo Microsoft Publisher Document.pub 2021-05-14 14:57 - 2021-05-14 14:57 - 000159229 _____ C:\Users\Brandon\Downloads\Trabajo Escrito.pdf 2021-05-11 09:46 - 2021-05-11 09:46 - 001292051 _____ C:\Users\Brandon\Downloads\Contabilidad I TAE 2019 (MZC-APG) PRTG.pdf 2021-05-10 15:40 - 2021-05-10 15:40 - 000189328 _____ C:\Users\Brandon\Downloads\Business Model Canvas.pptx 2021-05-06 16:00 - 2021-05-06 16:00 - 000739940 _____ C:\Users\Brandon\Downloads\acelerado-CS35.pdf 2021-05-06 15:19 - 2021-05-06 15:21 - 000001046 _____ C:\Users\Brandon\Desktop\relleno bleach.txt 2021-05-02 22:49 - 2021-05-02 22:49 - 000000000 ____D C:\Users\Brandon\AppData\Roaming\Goldberg SteamEmu Saves 2021-05-02 22:49 - 2021-05-02 22:49 - 000000000 ____D C:\Users\Brandon\AppData\LocalLow\Garage_Heathen 2021-05-02 19:01 - 2021-05-02 19:01 - 000000000 ____D C:\Users\Brandon\AppData\Local\Lewd_Leaf_Land___Maple_Tea_Ecstasy 2021-05-02 17:47 - 2021-05-02 17:48 - 000000000 ____D C:\Users\Brandon\Downloads\solucion error imoto 2021-05-02 17:40 - 2020-09-13 16:09 - 000000000 ____D C:\Users\Brandon\Downloads\Data 2021-05-02 17:33 - 2021-05-02 17:33 - 000000000 ____D C:\Users\Brandon\AppData\LocalLow\HotPink and Annue 2021-05-02 17:21 - 2021-01-21 11:40 - 000000788 _____ C:\Users\Brandon\Downloads\guia tamagochi.txt 2021-05-02 17:11 - 2021-05-02 17:11 - 000045175 _____ C:\Users\Brandon\Downloads\solucion error imoto.rar 2021-05-02 17:11 - 2021-05-02 17:11 - 000000539 _____ C:\Users\Brandon\Downloads\guia tamagochi.rar 2021-05-02 17:03 - 2021-05-02 09:48 - 000000081 _____ C:\Users\Brandon\Downloads\sT-Gotchi.txt 2021-05-02 17:02 - 2021-05-02 17:02 - 000872872 _____ C:\Users\Brandon\Downloads\Save.rar 2021-05-02 09:54 - 2021-05-02 09:55 - 000151549 _____ C:\Users\Brandon\Downloads\5aaec5d965888.jpeg 2021-05-01 16:17 - 2021-05-01 16:23 - 000000000 ____D C:\Users\Brandon\AppData\LocalLow\by redamz 2021-04-29 15:19 - 2021-04-23 10:27 - 000001066 _____ C:\Users\Brandon\Desktop\Genshin Impact.lnk 2021-04-29 15:11 - 2021-04-29 15:11 - 000702382 _____ C:\Users\Brandon\Downloads\MA.clase.pdf 2021-04-27 22:09 - 2021-04-27 22:09 - 000000000 ____D C:\Users\Brandon\AppData\Local\KADOKAWA 2021-04-26 23:20 - 2021-04-26 23:20 - 000000000 ____D C:\BABEL 2021-04-26 22:16 - 2021-04-26 22:19 - 147021851 _____ C:\Users\Brandon\Downloads\TheOrdealtobetheHero.rar 2021-04-23 16:01 - 2021-04-23 16:39 - 733142331 _____ C:\Users\Brandon\Downloads\GenshinImpact_1.4.0.zip 2021-04-23 10:26 - 2021-05-20 15:51 - 000000000 ____D C:\Program Files\Genshin Impact 2021-04-22 22:47 - 2021-04-22 22:47 - 006760085 _____ C:\Users\Brandon\Downloads\HFlashPlayer-windows-0.1.1.zip 2021-04-22 18:40 - 2021-04-22 18:41 - 001335917 _____ C:\Users\Brandon\Downloads\Finacial tips.m4a 2021-04-22 16:08 - 2021-04-22 16:08 - 000010286 _____ C:\Users\Brandon\Downloads\584298b4a6515b1e0ad75adb (1).png.crdownload 2021-04-22 16:07 - 2021-04-22 16:07 - 000010286 _____ C:\Users\Brandon\Downloads\584298b4a6515b1e0ad75adb.png.crdownload ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2021-05-21 16:25 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-21 16:24 - 2021-04-18 08:31 - 000000000 ____D C:\Users\Brandon\Desktop\Juegos 2021-05-21 15:48 - 2020-12-18 16:13 - 000000000 ___RD C:\Users\Brandon\OneDrive 2021-05-21 15:45 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF 2021-05-21 15:42 - 2020-12-18 16:01 - 000000000 __SHD C:\Users\Brandon\IntelGraphicsProfiles 2021-05-21 15:40 - 2021-03-03 15:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-05-21 15:40 - 2021-01-27 10:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-05-21 15:40 - 2021-01-27 10:27 - 000008192 ___SH C:\DumpStack.log.tmp 2021-05-21 15:40 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-05-21 15:39 - 2021-01-27 10:35 - 000000000 ____D C:\Users\Brandon 2021-05-21 15:39 - 2019-12-07 03:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-05-21 14:56 - 2021-03-02 21:10 - 000000000 ___HD C:\WINDOWS\rss 2021-05-21 14:36 - 2019-12-07 03:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-05-21 12:56 - 2021-01-27 10:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-05-20 20:40 - 2021-01-27 11:23 - 000000000 ____D C:\WINDOWS\Minidump 2021-05-20 20:35 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-05-20 20:34 - 2019-03-19 07:46 - 001847837 ____N C:\WINDOWS\Minidump\052021-45531-01.dmp 2021-05-20 17:48 - 2018-11-21 12:21 - 000000000 ____D C:\ProgramData\Dell 2021-05-20 16:31 - 2018-11-21 12:07 - 000000000 ____D C:\ProgramData\Package Cache 2021-05-20 14:51 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-20 14:51 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-05-20 14:50 - 2018-11-21 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2021-05-20 14:23 - 2021-03-03 18:32 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk 2021-05-20 14:23 - 2021-03-03 18:32 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2021-05-20 14:23 - 2021-03-03 18:32 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2021-05-20 14:23 - 2021-03-03 18:32 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk 2021-05-20 14:23 - 2021-03-03 18:32 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2021-05-20 14:23 - 2021-03-03 18:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2021-05-20 14:23 - 2021-03-03 18:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-05-20 14:23 - 2021-03-03 18:32 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2021-05-20 14:23 - 2021-03-03 18:32 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2021-05-20 14:23 - 2021-03-03 18:01 - 000000000 ____D C:\Program Files\Microsoft Office 2021-05-20 12:48 - 2021-04-06 21:03 - 000000000 ____D C:\Users\Brandon\Desktop\Por hacer 2021-05-20 11:03 - 2021-01-27 10:59 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3337122944-776954238-4183529962-1001 2021-05-20 11:03 - 2021-01-27 10:35 - 000002421 _____ C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-05-19 16:42 - 2020-12-18 16:01 - 000000000 ____D C:\Users\Brandon\AppData\Local\Packages 2021-05-19 16:40 - 2021-04-06 21:03 - 000000000 ____D C:\Users\Brandon\Desktop\Hecho 2021-05-14 08:53 - 2018-11-21 11:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-05-13 00:35 - 2020-12-19 18:49 - 000000000 ____D C:\Users\Brandon\AppData\Local\D3DSCache 2021-05-12 20:09 - 2020-12-18 16:55 - 000002508 _____ C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-05-08 09:07 - 2020-12-22 09:04 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-06 17:10 - 2018-11-21 12:04 - 000000000 ____D C:\ProgramData\PCDr 2021-05-06 17:06 - 2021-01-27 10:59 - 000003916 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate 2021-05-02 23:15 - 2019-03-19 07:46 - 001847079 ____N C:\WINDOWS\Minidump\050221-50531-01.dmp 2021-05-02 22:36 - 2019-03-19 07:46 - 001901023 ____N C:\WINDOWS\Minidump\050221-49015-01.dmp 2021-04-27 22:08 - 2021-04-17 19:44 - 000000000 ____D C:\Users\Brandon\AppData\Local\User Data 2021-04-25 18:44 - 2021-02-11 17:51 - 000003486 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f4cbd221cabb 2021-04-25 18:44 - 2021-01-27 10:59 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-23 19:00 - 2020-12-19 00:53 - 000000000 ____D C:\Users\Brandon\AppData\LocalLow\miHoYo ==================== FLock ============================== 2021-05-20 16:31 C:\Recovery ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ========================