• Registrarse
  • Iniciar sesión


  • Resultados 1 al 6 de 6

    INFORMES CHROMIUM, no se desinstala. Falla enlace OTL

    ...

    1. #1
      Usuario Avatar de timoratus
      Registrado
      may 2008
      Ubicación
      España
      Mensajes
      93

      INFORMES CHROMIUM, no se desinstala. Falla enlace OTL

      Hola

      siguiendo la guia para eliminar CHROMIUM que veo en:

      http://www.forospyware.com/t527154.html

      Veo que no existe el programa OTL, el resto sí.

      Voy pegando los informes, primero de adware cleaner, y luego edito y pego el resto, tras reiniciar.

      Ayer pareció que lo desinstalé, pero aún quedan restos (instaló sólo hoy el avast, que ya está quitado, y el chromium sigue cargándose en la barra de tareas abajo (no la de sistema a la derecha) o instalando extensiones en chrome. Sin embargo en el administrador de tareas ya no aparece.

      INFORMES:

      ADWARE CLEANER
      MALWAREBYTES

      JRT JUNKWARE REMOVAL TOOL


      INFORME ADWARE CLEANER

      # AdwCleaner 7.0.8.0 - Logfile created on Tue Feb 27 17:24:44 2018
      # Updated on 2018/08/02 by Malwarebytes
      # Database: 02-26-2018.2
      # Running on Windows 7 Ultimate (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      No malicious folders found.

      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      PUP.Optional.Conduit, [Key] - HKLM\SOFTWARE\Conduit
      PUP.Optional.Conduit, [Key] - HKU\S-1-5-21-3743479695-2347639661-51819367-1000\Software\Conduit
      PUP.Optional.Conduit, [Key] - HKCU\Software\Conduit
      PUP.Optional.ByteFence, [Key] - HKU\.DEFAULT\Software\ByteFence
      PUP.Optional.ByteFence, [Key] - HKU\S-1-5-18\Software\ByteFence
      PUP.Optional.ByteFence, [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
      PUP.Optional.ByteFence, [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
      PUP.Optional.ByteFence, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
      PUP.Optional.ProductSetup.A, [Key] - HKU\S-1-5-21-3743479695-2347639661-51819367-1000\Software\PRODUCTSETUP
      PUP.Optional.ProductSetup.A, [Key] - HKCU\Software\PRODUCTSETUP


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************



      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########




      MALWAREBYTES


      Malwarebytes
      www.malwarebytes.com

      -Log Details-
      Scan Date: 2/27/18
      Scan Time: 6:28 PM
      Log File: ac4cc18e-1be3-11e8-b9c5-1867b054bfea.json
      Administrator: Yes

      -Software Information-
      Version: 3.2.2.2029
      Components Version: 1.0.212
      Update Package Version: 1.0.4130
      License: Free

      -System Information-
      OS: Windows 7 Service Pack 1
      CPU: x64
      File System: NTFS
      User: Samsung-PC\Samsung

      -Scan Summary-
      Scan Type: Threat Scan
      Result: Completed
      Objects Scanned: 230120
      Threats Detected: 0
      (No malicious items detected)
      Threats Quarantined: 0
      (No malicious items detected)
      Time Elapsed: 2 min, 44 sec

      -Scan Options-
      Memory: Enabled
      Startup: Enabled
      Filesystem: Enabled
      Archives: Enabled
      Rootkits: Disabled
      Heuristics: Enabled
      PUP: Detect
      PUM: Detect

      -Scan Details-
      Process: 0
      (No malicious items detected)

      Module: 0
      (No malicious items detected)

      Registry Key: 0
      (No malicious items detected)

      Registry Value: 0
      (No malicious items detected)

      Registry Data: 0
      (No malicious items detected)

      Data Stream: 0
      (No malicious items detected)

      Folder: 0
      (No malicious items detected)

      File: 0
      (No malicious items detected)

      Physical Sector: 0
      (No malicious items detected)


      (end)



      JUNKWARE REMOVAL TOOL


      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 7 Ultimate x64
      Ran by Samsung (Administrator) on 27/02/2018 at 18:31:56,73
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 0




      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 27/02/2018 at 18:35:40,81
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


      l CCLEANER

      No lo encuentro, pero vamos, borré TODO lo que había, en el borrado normal, y en el del registro.

      OTL BY OLDTIMER

      no conozco esta herramienta, finalmente me la bajé de otro sitio, y funciona. Estoy siguiendo los pasos que dice en el hilo que puse arriba, uno por uno, incluido el script.

      OTL logfile created on: 27/02/2018 18:50:59 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Samsung\Desktop
      64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.11.9600.18860)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,87 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 51,07% Memory free
      7,74 Gb Paging File | 5,50 Gb Available in Paging File | 70,97% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 123,43 Gb Total Space | 79,11 Gb Free Space | 64,10% Space Free | Partition Type: NTFS
      Drive D: | 341,80 Gb Total Space | 341,06 Gb Free Space | 99,79% Space Free | Partition Type: NTFS

      Computer Name: SAMSUNG-PC | User Name: Samsung | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Samsung\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
      PRC - C:\Archivos de programa\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
      PRC - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasyLauncher.exe (Samsung Electronics CO., LTD.)
      PRC - C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasySettingsCmdServer.exe ()
      PRC - C:\Program Files (x86)\Samsung\Easy Settings\sSettings.exe (Samsung Electronics CO., LTD.)
      PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
      PRC - C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.)
      PRC - C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
      PRC - C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files (x86)\Samsung\Easy Settings\EasySettingsBase.dll ()
      MOD - C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\WinCRT.dll ()
      MOD - C:\Program Files (x86)\Samsung\Easy Settings\EasyMovieEnhancer.dll ()
      MOD - C:\Program Files (x86)\Samsung\Easy Settings\EasySettingsCmdClient.dll ()
      MOD - C:\Program Files (x86)\Samsung\Easy Settings\EasySettingsAPI.dll ()
      MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
      SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
      SRV - (SWUpdateService) -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (Samsung Electronics Co., Ltd.)
      SRV - (Easy Launcher) -- C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasyLauncher.exe (Samsung Electronics CO., LTD.)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
      SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
      SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
      SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
      SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
      SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
      SRV - (Intel(R) -- C:\Archivos de programa\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys (Malwarebytes)
      DRV:64bit: - (MBAMFarflt) -- C:\Windows\SysNative\drivers\farflt.sys (Malwarebytes)
      DRV:64bit: - (MBAMProtection) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
      DRV:64bit: - (MBAMChameleon) -- C:\Windows\SysNative\drivers\MbamChameleon.sys (Malwarebytes)
      DRV:64bit: - (ESProtectionDriver) -- C:\Windows\SysNative\drivers\mbae64.sys ()
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
      DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
      DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
      DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
      DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
      DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
      DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
      DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
      DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
      DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-3743479695-2347639661-51819367-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      IE - HKU\S-1-5-21-3743479695-2347639661-51819367-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/es-es/?ocid=iehp
      IE - HKU\S-1-5-21-3743479695-2347639661-51819367-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ES
      IE - HKU\S-1-5-21-3743479695-2347639661-51819367-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 61 1F 08 A8 58 4B D3 01 [binary data]
      IE - HKU\S-1-5-21-3743479695-2347639661-51819367-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKU\S-1-5-21-3743479695-2347639661-51819367-1000\..\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
      IE - HKU\S-1-5-21-3743479695-2347639661-51819367-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.countryCode: "ES"
      FF - prefs.js..browser.search.defaultenginename: "Yahoo! Powered"
      FF - prefs.js..browser.search.region: "ES"
      FF - prefs.js..browser.search.selectedEngine: "Yahoo! Powered"
      FF - prefs.js..keyword.URL: true
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)

      64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 58.0.2\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
      64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 58.0.2\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 58.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 58.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

      [2017/12/17 21:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\Extensions
      [2017/12/17 21:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\SystemExtensionsDev
      [2017/12/17 21:42:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\Firefox\Profiles\ivl79axw.default\browser-extension-data
      [2018/02/27 18:28:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\Firefox\Profiles\ivl79axw.default\browser-extension-data\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
      [2018/02/27 18:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\Firefox\Profiles\ivl79axw.default\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
      [2018/02/20 19:15:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\Firefox\Profiles\ivl79axw.default\browser-extension-data\[email protected]
      [2017/12/17 21:38:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\Firefox\Profiles\ivl79axw.default\browser-extension-data\[email protected]
      [2018/02/27 18:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\Firefox\Profiles\ivl79axw.default\extensions
      [2018/02/20 18:59:50 | 000,980,381 | ---- | M] () (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\firefox\profiles\ivl79axw.default\extensions\[email protected]
      [2018/02/20 18:59:50 | 000,556,634 | ---- | M] () (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\firefox\profiles\ivl79axw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
      [2017/12/17 21:40:46 | 001,044,671 | ---- | M] () (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\firefox\profiles\ivl79axw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2018/01/10 22:01:18 | 000,005,324 | ---- | M] () (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\firefox\profiles\ivl79axw.default\features\{dc3498d1-8f52-4051-bf59-177c10459d98}\[email protected]
      [2018/01/10 22:01:17 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\firefox\profiles\ivl79axw.default\features\{dc3498d1-8f52-4051-bf59-177c10459d98}\disable-media-wmf-nv12[email protected]

      ========== Chrome ==========

      CHR - Extension: No name found = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
      CHR - Extension: No name found = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
      CHR - Extension: No name found = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
      CHR - Extension: No name found = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
      CHR - Extension: No name found = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.13.5_0\
      CHR - Extension: No name found = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
      CHR - Extension: No name found = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
      CHR - Extension: No name found = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
      CHR - Extension: No name found = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
      CHR - Extension: No name found = C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6317.1002.0.5_0\

      O1 HOSTS File: ([2018/02/25 20:16:58 | 000,002,103 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
      O1 - Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
      O1 - Hosts: 0.0.0.0 media.opencandy.com
      O1 - Hosts: 0.0.0.0 cdn.opencandy.com
      O1 - Hosts: 0.0.0.0 tracking.opencandy.com
      O1 - Hosts: 0.0.0.0 api.opencandy.com
      O1 - Hosts: 0.0.0.0 api.recommendedsw.com
      O1 - Hosts: 0.0.0.0 rp.yefeneri2.com
      O1 - Hosts: 0.0.0.0 os.yefeneri2.com
      O1 - Hosts: 0.0.0.0 os2.yefeneri2.com
      O1 - Hosts: 0.0.0.0 installer.betterinstaller.com
      O1 - Hosts: 0.0.0.0 installer.filebulldog.com
      O1 - Hosts: 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
      O1 - Hosts: 0.0.0.0 inno.bisrv.com
      O1 - Hosts: 0.0.0.0 nsis.bisrv.com
      O1 - Hosts: 0.0.0.0 cdn.file2desktop.com
      O1 - Hosts: 0.0.0.0 cdn.goateastcach.us
      O1 - Hosts: 0.0.0.0 cdn.guttastatdk.us
      O1 - Hosts: 0.0.0.0 cdn.inskinmedia.com
      O1 - Hosts: 0.0.0.0 cdn.insta.oibundles2.com
      O1 - Hosts: 0.0.0.0 cdn.insta.playbryte.com
      O1 - Hosts: 0.0.0.0 cdn.llogetfastcach.us
      O1 - Hosts: 0.0.0.0 cdn.montiera.com
      O1 - Hosts: 0.0.0.0 cdn.msdwnld.com
      O1 - Hosts: 0.0.0.0 cdn.mypcbackup.com
      O1 - Hosts: 14 more lines...
      O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
      O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\athbttray.exe (Atheros Commnucations)
      O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\btvstack.exe (Atheros Communications)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
      O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
      O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-21-3743479695-2347639661-51819367-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
      O4 - HKU\S-1-5-21-3743479695-2347639661-51819367-1000..\Run: [Chromium] c:\users\samsung\appdata\local\chromium\application\chrome.exe (The Chromium Authors)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.81.16.164 62.81.16.213
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1135E587-EA3A-44F6-8E0B-005D991745F2}: DhcpNameServer = 62.81.16.164 62.81.16.213
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

      MsConfig:64bit - State: "services" - Reg Error: Key error.
      MsConfig:64bit - State: "startup" - Reg Error: Key error.
      MsConfig:64bit - State: "bootini" - Reg Error: Key error.

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2018/02/27 18:46:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Samsung\Desktop\OTL.exe
      [2018/02/27 18:38:32 | 000,000,000 | R--D | C] -- C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
      [2018/02/27 18:21:13 | 000,000,000 | ---D | C] -- C:\AdwCleaner
      [2018/02/27 18:18:10 | 008,222,496 | ---- | C] (Malwarebytes) -- C:\Users\Samsung\Desktop\AdwCleaner.exe
      [2018/02/25 21:25:10 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\CEF
      [2018/02/25 21:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVAST Software
      [2018/02/25 21:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
      [2018/02/25 21:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      [2018/02/25 21:15:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2018/02/25 21:14:23 | 011,217,568 | ---- | C] (Piriform Ltd) -- C:\Users\Samsung\Desktop\ccsetup540.exe
      [2018/02/25 20:05:14 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\chromium
      [2018/02/25 20:04:53 | 000,000,000 | ---D | C] -- C:\ProgramData\PolarisOffice
      [2018/02/25 20:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Polaris Office
      [2018/02/25 15:58:32 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Roaming\BSplayer
      [2018/02/25 15:58:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)BSPlayer
      [2018/02/25 00:36:51 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Roaming\BSplayer Pro
      [2018/02/25 00:07:36 | 000,000,000 | ---D | C] -- C:\Users\Samsung\Desktop\LORENZO DE MURCIA
      [2018/02/14 19:04:29 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
      [2018/02/14 19:04:29 | 000,000,000 | ---D | C] -- C:\Windows\Migration
      [2018/02/14 19:04:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser

      ========== Files - Modified Within 30 Days ==========

      [2018/02/27 18:46:48 | 000,005,564 | ---- | M] () -- C:\Users\Samsung\Desktop\cc_20180227_184632.reg
      [2018/02/27 18:46:28 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2018/02/27 18:46:28 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2018/02/27 18:46:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Samsung\Desktop\OTL.exe
      [2018/02/27 18:39:09 | 000,252,232 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
      [2018/02/27 18:38:10 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
      [2018/02/27 18:38:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2018/02/27 18:37:56 | 3118,481,408 | -HS- | M] () -- C:\hiberfil.sys
      [2018/02/27 18:20:05 | 001,555,646 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2018/02/27 18:20:05 | 000,703,840 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2018/02/27 18:20:05 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2018/02/27 18:20:05 | 000,137,806 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2018/02/27 18:20:05 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2018/02/27 18:18:13 | 008,222,496 | ---- | M] (Malwarebytes) -- C:\Users\Samsung\Desktop\AdwCleaner.exe
      [2018/02/27 18:04:00 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}.job
      [2018/02/25 21:15:15 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2018/02/25 21:14:42 | 011,217,568 | ---- | M] (Piriform Ltd) -- C:\Users\Samsung\Desktop\ccsetup540.exe
      [2018/02/18 20:33:41 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

      ========== Files Created - No Company Name ==========

      [2018/02/27 18:46:38 | 000,005,564 | ---- | C] () -- C:\Users\Samsung\Desktop\cc_20180227_184632.reg
      [2018/02/25 21:15:15 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2018/02/25 20:05:31 | 000,002,269 | ---- | C] () -- C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
      [2018/02/25 20:04:16 | 000,000,276 | ---- | C] () -- C:\Windows\tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}.job
      [2018/02/25 20:03:39 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
      [2017/10/23 11:23:37 | 000,013,055 | ---- | C] () -- C:\Windows\BRRBCOM.INI
      [2017/10/23 11:22:09 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
      [2017/10/23 11:22:09 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
      [2017/10/22 22:03:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
      [2017/10/22 20:52:30 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
      [2017/10/22 20:46:46 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
      [2017/10/22 20:39:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
      [2017/10/22 20:39:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
      [2017/10/22 20:39:22 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
      [2017/10/22 20:39:21 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
      [2017/10/22 20:39:21 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
      [2017/10/22 19:07:42 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

      ========== ZeroAccess Check ==========

      [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2017/08/15 16:29:44 | 014,182,400 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2017/08/15 1654 | 012,880,896 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2018/02/25 18:02:06 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\BSplayer
      [2018/02/25 00:36:51 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\BSplayer Pro
      [2017/10/23 11:27:19 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\ControlCenter4
      [2017/10/22 22:03:49 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\Synaptics
      [2017/10/22 18:23:14 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\TeamViewer
      [2018/02/25 21:17:40 | 000,000,000 | ---D | M] -- C:\Users\Samsung\AppData\Roaming\uTorrent

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2018/02/27 18:37:56 | 3118,481,408 | -HS- | M] () -- C:\hiberfil.sys
      [2018/02/27 18:37:58 | 4157,976,576 | -HS- | M] () -- C:\pagefile.sys
      [2017/10/22 21:35:12 | 000,002,666 | ---- | M] () -- C:\RHDSetup.log
      [2017/10/22 22:09:22 | 000,000,184 | ---- | M] () -- C:\setup.log

      < End of report >






      El único problema que ya parece haber con chromium es que aparece en la barra de tareas abajo, justo el ultimo icono que se carga (la central, no la derecha). Lo puedes quitar, pero vamos, NO quiero que se cargue.

    2. #2
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.886

      Re: INFORMES CHROMIUM, no se desinstala. Falla enlace OTL

      Hola


      Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

      Descarga a Tu Escritorio Farbar Recovery Scan Tool considerando la versión adecuada para tu equipo.

      ¿Cómo saber si mi Windows es de 32 o 64 bits?


      Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

      En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

      Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.


      En Tu próxima respuesta, copias y pegas el reporte Frst.txt de FRST


      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    3. #3
      Usuario Avatar de timoratus
      Registrado
      may 2008
      Ubicación
      España
      Mensajes
      93

      Re: INFORMES CHROMIUM, no se desinstala. Falla enlace OTL

      Sigue saliendo el desgraciado... justo al lado del ultimo icono de firefox, plas, aparece. Lo borras y ya, pero seguro que está por ahi...


      Pego los informes. Y de paso me voy manualmente a buscar en el registro las entradas chromium y las elimino, a ver si así... he eliminado 10 o 12 que venian en carpetas "open with... " no se qué. Vamos que se abren con windows o en la barra, etc, indicaciones para que lo haga, supongo. Al eliminar el último he seguido buscando con f3, y se está tirando la vida, pero no acaba de encontrar nada más.

      UNO:

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.02.2018
      Ran by Samsung (administrator) on SAMSUNG-PC (27-02-2018 18:59:38)
      Running from C:\Users\Samsung\Desktop
      Loaded Profiles: Samsung (Available Profiles: Samsung)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AMD) C:\Windows\System32\atiesrxx.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
      (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasyLauncher.exe
      (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
      () C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasySettingsCmdServer.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
      (Samsung Electronics Co., Ltd.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
      (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (Intel Corporation) C:\Windows\System32\igfxext.exe
      (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
      (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Easy Settings\sSettings.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
      (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
      (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      (Intel Corporation) C:\Windows\System32\hkcmd.exe
      (Intel Corporation) C:\Windows\System32\igfxpers.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (OldTimer Tools) C:\Users\Samsung\Desktop\OTL.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
      HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023104 2012-10-15] (Atheros Communications)
      HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-10-15] (Atheros Commnucations)
      HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917688 2012-10-16] (Synaptics Incorporated)
      HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
      HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
      Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
      HKU\S-1-5-21-3743479695-2347639661-51819367-1000\...\Run: [Chromium] => c:\users\samsung\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors)
      HKU\S-1-5-21-3743479695-2347639661-51819367-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 62.81.16.164 62.81.16.213
      Tcpip\..\Interfaces\{1135E587-EA3A-44F6-8E0B-005D991745F2}: [DhcpNameServer] 62.81.16.164 62.81.16.213

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
      HKU\S-1-5-21-3743479695-2347639661-51819367-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
      SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-21-3743479695-2347639661-51819367-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-10-15] (Atheros Commnucations)
      StartMenuInternet: IEXPLORE.EXE - iexplore.exe

      FireFox:
      ========
      FF DefaultProfile: ivl79axw.default
      FF ProfilePath: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\ivl79axw.default [2018-02-27]
      FF Extension: (Enhancer for YouTube™) - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\ivl79axw.default\Extensions\[email protected] [2018-02-20]
      FF Extension: (Video DownloadHelper) - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\ivl79axw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-02-20]
      FF Extension: (Adblock Plus) - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\ivl79axw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-17]
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-06] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-06] (Intel Corporation)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)

      Chrome:
      =======
      CHR Session Restore: Default -> is enabled.
      CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default [2018-02-27]
      CHR Extension: (Presentaciones) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
      CHR Extension: (Documentos) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
      CHR Extension: (Google Drive) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-22]
      CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-22]
      CHR Extension: (Adblock Plus) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-28]
      CHR Extension: (Hojas de cálculo) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-22]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-22]
      CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-22]
      CHR Extension: (Chrome Media Router) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-17]

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-15] (Atheros Commnucations) [File not signed]
      R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
      R2 Easy Launcher; C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasyLauncher.exe [1593664 2015-05-27] (Samsung Electronics CO., LTD.)
      R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-07-06] ()
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-07-06] (Intel Corporation)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
      R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3296672 2017-06-09] (Samsung Electronics Co., Ltd.)
      R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-28] (Microsoft Corporation)
      R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-10-15] (Atheros) [File not signed]

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-04] ()
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-22] (Malwarebytes)
      S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-05] (Malwarebytes)
      S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-11-05] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2018-02-27] (Malwarebytes)
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-02-27 18:59 - 2018-02-27 19:00 - 000012473 _____ C:\Users\Samsung\Desktop\FRST.txt
      2018-02-27 18:58 - 2018-02-27 18:59 - 000000000 ____D C:\FRST
      2018-02-27 18:57 - 2018-02-27 18:57 - 000065360 _____ C:\Users\Samsung\Desktop\OTL.Txt
      2018-02-27 18:57 - 2018-02-27 18:57 - 000045790 _____ C:\Users\Samsung\Desktop\Extras.Txt
      2018-02-27 18:56 - 2018-02-27 18:57 - 002403328 _____ (Farbar) C:\Users\Samsung\Desktop\FRST64.exe
      2018-02-27 18:46 - 2018-02-27 18:46 - 000602112 _____ (OldTimer Tools) C:\Users\Samsung\Desktop\OTL.exe
      2018-02-27 18:46 - 2018-02-27 18:46 - 000005564 _____ C:\Users\Samsung\Desktop\cc_20180227_184632.reg
      2018-02-27 18:38 - 2018-02-27 18:38 - 000000000 ___RD C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
      2018-02-27 18:23 - 2018-02-27 18:35 - 000000552 _____ C:\Users\Samsung\Desktop\JRT.txt
      2018-02-27 18:21 - 2018-02-27 18:26 - 000000000 ____D C:\AdwCleaner
      2018-02-27 18:18 - 2018-02-27 18:18 - 008222496 _____ (Malwarebytes) C:\Users\Samsung\Desktop\AdwCleaner.exe
      2018-02-27 18:18 - 2018-02-27 18:18 - 001790024 _____ (Malwarebytes) C:\Users\Samsung\Desktop\JRT.exe
      2018-02-25 21:25 - 2018-02-25 21:25 - 000000000 ____D C:\Users\Samsung\AppData\Local\CEF
      2018-02-25 21:17 - 2018-02-25 21:17 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
      2018-02-25 21:15 - 2018-02-27 18:13 - 000000000 ____D C:\ProgramData\AVAST Software
      2018-02-25 21:15 - 2018-02-25 21:15 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
      2018-02-25 21:15 - 2018-02-25 21:15 - 000002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
      2018-02-25 21:15 - 2018-02-25 21:15 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2018-02-25 21:15 - 2018-02-25 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2018-02-25 21:15 - 2018-02-25 21:15 - 000000000 ____D C:\Program Files\CCleaner
      2018-02-25 21:14 - 2018-02-25 21:14 - 011217568 _____ (Piriform Ltd) C:\Users\Samsung\Desktop\ccsetup540.exe
      2018-02-25 20:05 - 2018-02-25 20:05 - 000002269 _____ C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
      2018-02-25 20:05 - 2018-02-25 20:05 - 000000000 ____D C:\Users\Samsung\AppData\Local\chromium
      2018-02-25 20:04 - 2018-02-27 18:04 - 000000276 _____ C:\Windows\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}.job
      2018-02-25 20:04 - 2018-02-25 20:04 - 000003224 _____ C:\Windows\System32\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}
      2018-02-25 20:04 - 2018-02-25 20:04 - 000000000 ____D C:\ProgramData\PolarisOffice
      2018-02-25 20:03 - 2018-02-25 20:03 - 000001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
      2018-02-25 20:03 - 2018-02-25 20:03 - 000000000 ____D C:\Program Files (x86)\Polaris Office
      2018-02-25 15:58 - 2018-02-25 18:02 - 000000000 ____D C:\Users\Samsung\AppData\Roaming\BSplayer
      2018-02-25 15:58 - 2018-02-25 16:03 - 000000000 ____D C:\Program Files (x86)BSPlayer
      2018-02-25 00:36 - 2018-02-25 00:36 - 010563368 _____ C:\Users\Samsung\Downloads\bsplayer272.setup (1).exe
      2018-02-25 00:36 - 2018-02-25 00:36 - 000000000 ____D C:\Users\Samsung\AppData\Roaming\BSplayer Pro
      2018-02-25 00:07 - 2018-02-25 00:13 - 000000000 ____D C:\Users\Samsung\Desktop\LORENZO DE MURCIA
      2018-02-24 22:47 - 2018-02-24 22:47 - 000000000 ____D C:\Users\Samsung\AppData\LocalLow\uTorrent
      2018-02-24 21:58 - 2018-02-24 22:14 - 000000000 ____D C:\Users\Samsung\Downloads\Vikings.S05E10.720p.HDTV.x264-KILLERS[rarbg]
      2018-02-23 20:26 - 2018-02-23 20:27 - 000013809 _____ C:\Users\Samsung\Downloads\flvto.zip
      2018-02-20 20:21 - 2018-02-20 20:21 - 000119716 _____ C:\Users\Samsung\Downloads\Fichero.pdf
      2018-02-20 19:19 - 2018-02-20 19:21 - 137355605 _____ C:\Users\Samsung\Downloads\Top 10 Things to Do in Dublin.mp4
      2018-02-20 19:16 - 2018-02-20 19:17 - 077150983 _____ C:\Users\Samsung\Downloads\Top 10 Things To Do In Dublin Ireland.mp4
      2018-02-20 19:12 - 2018-02-20 19:13 - 065809152 _____ C:\Users\Samsung\Downloads\Working Dogs National Geographic.mp4
      2018-02-20 19:09 - 2018-02-20 19:09 - 033838256 _____ C:\Users\Samsung\Downloads\Top 15 Cutest Baby Animals.mp4
      2018-02-20 19:04 - 2018-02-20 19:04 - 036961742 _____ C:\Users\Samsung\Downloads\10 Top Working Dogs.mp4
      2018-02-20 18:58 - 2018-02-20 18:59 - 039780701 _____ C:\Users\Samsung\Downloads\Year of the Dog A Mickey Mouse Cartoon Disney Shorts.mp4
      2018-02-14 19:04 - 2018-02-14 19:04 - 000000000 ___SD C:\Windows\system32\CompatTel
      2018-02-14 19:04 - 2018-02-14 19:04 - 000000000 ____D C:\Windows\system32\appraiser
      2018-02-13 20:25 - 2018-01-22 00:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
      2018-02-13 20:25 - 2018-01-22 00:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2018-02-13 20:25 - 2018-01-19 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
      2018-02-13 20:25 - 2018-01-19 15:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2018-02-13 20:25 - 2018-01-19 15:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2018-02-13 20:25 - 2018-01-19 15:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2018-02-13 20:25 - 2018-01-19 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
      2018-02-13 20:25 - 2018-01-19 15:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2018-02-13 20:25 - 2018-01-19 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2018-02-13 20:25 - 2018-01-19 15:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      2018-02-13 19:54 - 2018-02-13 19:59 - 000000022 _____ C:\Users\Samsung\Downloads\Gmail (7).zip

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-02-27 18:46 - 2009-07-14 05:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-02-27 18:46 - 2009-07-14 05:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-02-27 18:39 - 2017-10-22 23:26 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2018-02-27 18:39 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
      2018-02-27 18:38 - 2017-10-22 21:48 - 000000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
      2018-02-27 18:38 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-02-27 18:37 - 2017-12-17 21:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2018-02-27 18:37 - 2017-12-17 21:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2018-02-27 18:27 - 2017-12-17 21:37 - 000000000 ____D C:\Users\Samsung\AppData\LocalLow\Mozilla
      2018-02-27 18:20 - 2011-04-12 10:10 - 000703840 _____ C:\Windows\system32\perfh00A.dat
      2018-02-27 18:20 - 2011-04-12 10:10 - 000137806 _____ C:\Windows\system32\perfc00A.dat
      2018-02-27 18:20 - 2009-07-14 06:13 - 001555646 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-02-25 21:17 - 2017-10-22 23:27 - 000000000 ____D C:\Users\Samsung\AppData\Local\CrashDumps
      2018-02-25 21:17 - 2017-10-22 22:40 - 000000000 ____D C:\Users\Samsung\AppData\Roaming\uTorrent
      2018-02-25 21:17 - 2017-10-22 18:47 - 000000000 ____D C:\Windows\Panther
      2018-02-25 21:17 - 2017-10-22 18:22 - 000000000 ____D C:\Program Files (x86)\TeamViewer
      2018-02-25 20:53 - 2017-10-23 10:28 - 000000000 ____D C:\Windows\pss
      2018-02-24 21:19 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat
      2018-02-18 20:33 - 2017-10-22 21:48 - 000000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
      2018-02-06 20:27 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries

      Files to move or delete:
      ====================
      C:\Windows\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}.job


      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2018-02-18 20:34

      ==================== End of FRST.txt ============================



      DOS:

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.02.2018
      Ran by Samsung (27-02-2018 19:00:24)
      Running from C:\Users\Samsung\Desktop
      Windows 7 Ultimate Service Pack 1 (X64) (2017-10-22 16:57:07)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-3743479695-2347639661-51819367-500 - Administrator - Disabled)
      HomeGroupUser$ (S-1-5-21-3743479695-2347639661-51819367-1002 - Limited - Enabled)
      Invitado (S-1-5-21-3743479695-2347639661-51819367-501 - Limited - Disabled)
      Samsung (S-1-5-21-3743479695-2347639661-51819367-1000 - Administrator - Enabled) => C:\Users\Samsung

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      µTorrent (HKU\S-1-5-21-3743479695-2347639661-51819367-1000\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
      7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
      ACDSee 32 (HKLM-x32\...\ACDSee 32) (Version: - )
      AMD Catalyst Install Manager (HKLM\...\{EB489B69-D458-ABF3-0F5B-EC17F35B0DB1}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
      Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.165 - Atheros)
      Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
      Brother MFL-Pro Suite DCP-J4110DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
      BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
      CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
      Easy Settings (HKLM-x32\...\{C73757DE-33F1-45D1-864A-C8BFEBC37366}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
      Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.12.1498 - Intel Corporation)
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
      Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.2.1003 - Intel Corporation)
      Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
      Malwarebytes versión 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
      Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
      Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Mozilla Firefox 58.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 58.0.2 (x64 es-ES)) (Version: 58.0.2 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
      OEM Application Profile (HKLM-x32\...\{18599B4F-A533-7A4A-7A56-EEE5C77B0EEE}) (Version: 1.00.0000 - Nombre de su organización)
      PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Nombre de su organización) Hidden
      PX Profile Update (HKLM-x32\...\{0A94FF63-EF7C-B179-D365-ADEBD0805CB4}) (Version: 1.00.1. - AMD) Hidden
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.62.907.2012 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7218 - Realtek Semiconductor Corp.)
      S Agent (HKLM\...\{061881E0-653B-41CA-839E-2BA6569B5FEE}) (Version: 1.1.69 - Samsung Electronics Co., Ltd.) Hidden
      Samsung Update (HKLM-x32\...\{0CAAEAAE-5401-4FFA-88BC-EB6F89947DC4}) (Version: 2.2.51 - Samsung Electronics Co., Ltd.)
      Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated)
      TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.88438 - TeamViewer)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [ 0FileIconSyncOn] -> {62E15A97-5651-41E4-95C4-706D30C86A4B} => -> No File
      ShellIconOverlayIdentifiers: [ 1FileIconSyncAlert] -> {BF741CA6-27BF-4B49-A3A3-1C39415582D8} => -> No File
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
      ContextMenuHandlers1-x32: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-10-15] (Atheros Commnucations)
      ContextMenuHandlers1-x32: [POContextMenuHandler64] -> {FFB89EEA-EFCF-4156-BC81-CA72A260FB62} => C:\Program Files (x86)\Polaris Office\Office8\Binary\SyncOverlay\X64\POContextMenuHandler64.dll [2018-02-12] ()
      ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-10-15] (Atheros Commnucations)
      ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
      ContextMenuHandlers4-x32: [POContextMenuHandler64] -> {FFB89EEA-EFCF-4156-BC81-CA72A260FB62} => C:\Program Files (x86)\Polaris Office\Office8\Binary\SyncOverlay\X64\POContextMenuHandler64.dll [2018-02-12] ()
      ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-03-07] (Advanced Micro Devices, Inc.)
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-01-16] (Intel Corporation)
      ContextMenuHandlers5: [POContextMenuHandler64] -> {FFB89EEA-EFCF-4156-BC81-CA72A260FB62} => C:\Program Files (x86)\Polaris Office\Office8\Binary\SyncOverlay\X64\POContextMenuHandler64.dll [2018-02-12] ()
      ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {0527956B-4E39-49DC-8FF2-90FD75839D6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-22] (Google Inc.)
      Task: {28D967E7-CBC2-49F6-8329-9B500EA273FA} - System32\Tasks\{8CFD63D1-2101-4C8C-9915-E447DA66EF98} => C:\Windows\system32\pcalua.exe -a "C:\Users\Samsung\Downloads\COSAS SAMSUNG\ATHEROS WLAN WIFI SAMSUNG\setup.exe" -d "C:\Users\Samsung\Downloads\COSAS SAMSUNG\ATHEROS WLAN WIFI SAMSUNG"
      Task: {2AC20241-D1D7-41F7-BB92-FF5E52A1CF41} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
      Task: {3899D186-9286-4A87-A3A6-780B280C241B} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\SCCSpeedBoot.exe [2015-05-27] (Samsung Electronics Co., Ltd.)
      Task: {45C227AE-9370-4F40-8975-73755EAE685B} - System32\Tasks\EasySettings => C:\Program Files (x86)\Samsung\Easy Settings\sSettings.exe [2015-05-27] (Samsung Electronics CO., LTD.)
      Task: {54DF9714-CEB6-4DF2-8CE9-BF91E8CFC825} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
      Task: {5CAAC9ED-1B9D-43D6-88E1-17C3D23A7F9B} - System32\Tasks\EasySettings_config => C:\Program Files (x86)\Samsung\Easy Settings\sSettings.exe [2015-05-27] (Samsung Electronics CO., LTD.)
      Task: {62A253BA-76F2-4560-B378-76F02605E92D} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-08-18] (Samsung Electronics CO., LTD.)
      Task: {72F21409-D1F7-48BA-835B-4110BD699213} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2017-04-26] (Samsung Electronics Co., Ltd.)
      Task: {7987182A-1440-4D32-8A1D-E880B66F9DA4} - System32\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE} => C:\Users\Samsung\AppData\Roaming\Tadih\dicohole.exe
      Task: {BB3112FB-18D3-468A-BF07-BA868F1C04D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-22] (Google Inc.)
      Task: {BF584117-0A23-4075-8E60-DB853B1761B1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
      Task: {CB27A15F-7CF4-43DC-A945-934F56BD022F} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2015-05-27] (Samsung Electronics)
      Task: {F00F205B-5CC4-42A2-B6E4-DA9FF5665667} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
      Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
      Task: C:\Windows\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}.job => C:\Users\Samsung\AppData\Roaming\Tadih\dicohole.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2018-02-12 03:43 - 2018-02-12 03:43 - 000042944 _____ () C:\Program Files (x86)\Polaris Office\Office8\Binary\SyncOverlay\X64\POContextMenuHandler64.dll
      2015-05-27 10:06 - 2015-05-27 10:06 - 000084800 _____ () C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasySettingsCmdServer.exe
      2017-10-23 11:22 - 2005-04-22 05:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll
      2017-10-22 23:26 - 2017-10-04 12:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-10-22 21:47 - 2012-07-06 16:23 - 000128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      2012-11-06 23:08 - 2012-11-06 23:08 - 000094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
      2018-01-05 21:17 - 2018-01-03 10:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
      2018-01-05 21:17 - 2018-01-03 10:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
      2015-05-27 10:06 - 2015-05-27 10:06 - 000027968 _____ () C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasySettingsCmdWrapper.dll
      2015-05-27 10:06 - 2015-05-27 10:06 - 001270080 _____ () C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasySettingsCmd.dll
      2015-05-27 10:06 - 2015-05-27 10:06 - 000111936 _____ () C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasySettingsBase.dll
      2015-05-27 10:06 - 2015-05-27 10:06 - 000056440 _____ () C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\HookDllPS2.dll
      2015-05-27 10:05 - 2015-05-27 10:05 - 000025920 _____ () C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\EasySettingsAPI.dll
      2015-05-27 10:06 - 2015-05-27 10:06 - 000211064 _____ () C:\Program Files (x86)\Samsung\Easy Settings\CmdServer\WinCRT.dll
      2017-10-23 11:21 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
      2015-05-27 10:05 - 2015-05-27 10:05 - 000025920 _____ () C:\Program Files (x86)\Samsung\Easy Settings\EasySettingsAPI.dll
      2015-05-27 10:06 - 2015-05-27 10:06 - 000111936 _____ () C:\Program Files (x86)\Samsung\Easy Settings\EasySettingsBase.dll
      2015-05-27 10:06 - 2015-05-27 10:06 - 000059712 _____ () C:\Program Files (x86)\Samsung\Easy Settings\EasyMovieEnhancer.dll
      2015-05-27 10:06 - 2015-05-27 10:06 - 000102720 _____ () C:\Program Files (x86)\Samsung\Easy Settings\EasySettingsCmdClient.dll
      2017-10-22 21:47 - 2012-07-06 16:24 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-14 03:34 - 2018-02-25 20:16 - 000002103 _____ C:\Windows\system32\Drivers\etc\hosts

      0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
      0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
      0.0.0.0 media.opencandy.com
      0.0.0.0 cdn.opencandy.com
      0.0.0.0 tracking.opencandy.com
      0.0.0.0 api.opencandy.com
      0.0.0.0 api.recommendedsw.com
      0.0.0.0 rp.yefeneri2.com
      0.0.0.0 os.yefeneri2.com
      0.0.0.0 os2.yefeneri2.com
      0.0.0.0 installer.betterinstaller.com
      0.0.0.0 installer.filebulldog.com
      0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
      0.0.0.0 inno.bisrv.com
      0.0.0.0 nsis.bisrv.com
      0.0.0.0 cdn.file2desktop.com
      0.0.0.0 cdn.goateastcach.us
      0.0.0.0 cdn.guttastatdk.us
      0.0.0.0 cdn.inskinmedia.com
      0.0.0.0 cdn.insta.oibundles2.com
      0.0.0.0 cdn.insta.playbryte.com
      0.0.0.0 cdn.llogetfastcach.us
      0.0.0.0 cdn.montiera.com
      0.0.0.0 cdn.msdwnld.com
      0.0.0.0 cdn.mypcbackup.com
      0.0.0.0 cdn.ppdownload.com
      0.0.0.0 cdn.riceateastcach.us
      0.0.0.0 cdn.shyapotato.us
      0.0.0.0 cdn.solimba.com
      0.0.0.0 cdn.tuto4pc.com

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-3743479695-2347639661-51819367-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 62.81.16.164 - 62.81.16.213
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==


      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{F0BF561B-1F9A-4EB3-B23F-5D51778ACD75}] => (Allow) C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{5EEDE15B-31D2-4576-A118-D1F91692E243}] => (Allow) C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{A12496D8-5C80-41A5-9826-08B41D3F02DE}] => (Allow) LPort=54925
      FirewallRules: [{7771D999-81B0-4FC3-A367-4C367787CDE6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
      FirewallRules: [{E3BCE8EA-7EBB-42C8-9BDC-D0A401EF94E0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
      FirewallRules: [{07EBAEBC-E71D-46D9-A9B5-C8988D1E298B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      FirewallRules: [{F7202B94-A024-408E-ACD6-01002D129B8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      FirewallRules: [{1FA88535-64A7-47A0-A716-66220ECD75F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{80CC20EC-AE8B-4D71-9CE3-DA461009D032}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{59BE9400-8A11-4504-9766-8A3DD2D6C8DC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{256B56FC-5CB1-4430-BFF6-B1C969844CBD}] => (Allow) C:\Users\Samsung\AppData\Local\Chromium\Application\chrome.exe

      ==================== Restore Points =========================

      05-01-2018 21:19:31 Windows Update
      09-01-2018 17:32:55 Windows Update
      12-01-2018 20:27:56 Windows Update
      16-01-2018 17:35:54 Windows Update
      23-01-2018 17:45:00 Windows Update
      30-01-2018 19:00:32 Windows Update
      06-02-2018 20:28:58 Windows Update
      10-02-2018 18:47:12 Windows Update
      13-02-2018 2154 Windows Update
      18-02-2018 20:46:23 Windows Update
      23-02-2018 18:51:03 Windows Update
      27-02-2018 18:18:56 JRT Pre-Junkware Removal
      27-02-2018 18:31:58 JRT Pre-Junkware Removal
      27-02-2018 18:52:41 OTL Restore Point - 27/02/2018 18:52:38

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (02/27/2018 06:39:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

      Error: (02/27/2018 06:15:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

      Error: (02/27/2018 0609 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

      Error: (02/27/2018 05:31:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

      Error: (02/25/2018 09:17:41 PM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
      No se encontró el ensamblado dependiente Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (02/25/2018 09:17:39 PM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
      No se encontró el ensamblado dependiente Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (02/25/2018 09:05:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

      Error: (02/25/2018 08:55:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
      Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


      System errors:
      =============
      Error: (02/27/2018 06:26:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (02/27/2018 06:26:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (02/27/2018 06:26:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) ME Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (02/27/2018 06:26:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio BrYNSvc se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (02/27/2018 06:26:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Instalador de módulos de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

      Error: (02/27/2018 06:26:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) Management and Security Application User Notification Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (02/27/2018 06:26:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

      Error: (02/27/2018 06:26:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


      ==================== Memory info ===========================

      Processor: Intel(R) Pentium(R) CPU 997 @ 1.60GHz
      Percentage of memory in use: 62%
      Total physical RAM: 3965.36 MB
      Available physical RAM: 1473.66 MB
      Total Virtual: 7928.89 MB
      Available Virtual: 5162.45 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:123.43 GB) (Free:78.81 GB) NTFS
      Drive d: () (Fixed) (Total:341.8 GB) (Free:341.06 GB) NTFS

      \\?\Volume{c660b3b0-b748-11e7-9bc4-806e6f6e6963}\ () (Fixed) (Total:0.54 GB) (Free:0.49 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 542DD7AA)
      Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=123.4 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    4. #4
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.886

      Re: INFORMES CHROMIUM, no se desinstala. Falla enlace OTL

      Hola




      Abri un nuevo archivo Notepad y copia y pega este contenido:


      Start
      CreateRestorePoint:
      CloseProcesses
      HKU\S-1-5-21-3743479695-2347639661-51819367-1000\...\Run: [Chromium] => c:\users\samsung\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors)
      c:\users\samsung\appdata\local\chromium
      C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
      2018-02-25 20:05 - 2018-02-25 20:05 - 000000000 ____D C:\Users\Samsung\AppData\Local\chromium
      2018-02-25 20:04 - 2018-02-27 18:04 - 000000276 _____ C:\Windows\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}.job
      2018-02-25 20:04 - 2018-02-25 20:04 - 000003224 _____ C:\Windows\System32\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end




      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.


      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.






      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    5. #5
      Usuario Avatar de timoratus
      Registrado
      may 2008
      Ubicación
      España
      Mensajes
      93

      Re: INFORMES CHROMIUM, no se desinstala. Falla enlace OTL

      Muchas gracias, no había pasado la herramienta correctamente entonces.

      Ya no sale el icono de Chromium en la barra inferior. EL informe es este, suponemos que está arreglado, confírmamelo tú a ver. Me gustaría borrar todo rastro de él del registro, pero manualmente no me atrevo a seguir haciéndolo por si me cargo algo, aunque ponga "chromium" que esté "pegado" a algo importante del sistema.

      informe:


      Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
      Ran by Samsung (04-03-2018 21:08:04) Run:1
      Running from C:\Users\Samsung\Desktop
      Loaded Profiles: Samsung (Available Profiles: Samsung)
      Boot Mode: Normal
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses
      HKU\S-1-5-21-3743479695-2347639661-51819367-1000\...\Run: [Chromium] => c:\users\samsung\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors)
      c:\users\samsung\appdata\local\chromium
      C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
      2018-02-25 20:05 - 2018-02-25 20:05 - 000000000 ____D C:\Users\Samsung\AppData\Local\chromium
      2018-02-25 20:04 - 2018-02-27 18:04 - 000000276 _____ C:\Windows\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}.job
      2018-02-25 20:04 - 2018-02-25 20:04 - 000003224 _____ C:\Windows\System32\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      *****************

      Restore point was successfully created.
      CloseProcesses => Error: No automatic fix found for this entry.
      "HKU\S-1-5-21-3743479695-2347639661-51819367-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Chromium" => removed successfully
      c:\users\samsung\appdata\local\chromium => moved successfully
      C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk => moved successfully
      "C:\Users\Samsung\AppData\Local\chromium" => not found
      C:\Windows\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE}.job => moved successfully
      C:\Windows\System32\Tasks\{303EA7BD-D345-4037-1EDE-45ED29F225BE} => moved successfully

      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows

      No se puede realizar ninguna operaci¢n en Conexi¢n de red inal*mbrica 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.

      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 2:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de Ethernet Conexi¢n de red Bluetooth:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de Ethernet Conexi¢n de *rea local:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::a89d:7b36:fc60:8aea%11
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.12
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.0.1

      Adaptador de t£nel isatap.{1135E587-EA3A-44F6-8E0B-005D991745F2}:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.5.7601 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      0 out of 0 jobs canceled.

      ========= End of CMD: =========


      ========= RemoveProxy: =========

      "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
      "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
      "HKU\S-1-5-21-3743479695-2347639661-51819367-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
      "HKU\S-1-5-21-3743479695-2347639661-51819367-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


      ========= End of RemoveProxy: =========

      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      =========== EmptyTemp: ==========

      BITS transfer queue => 8388608 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5506183 B
      Java, Flash, Steam htmlcache => 0 B
      Windows/system/drivers => 2329693 B
      Edge => 0 B
      Chrome => 369538159 B
      Firefox => 217855786 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Users => 0 B
      Default => 0 B
      Public => 0 B
      ProgramData => 0 B
      systemprofile => 16802 B
      systemprofile32 => 65960 B
      LocalService => 0 B
      NetworkService => 0 B
      Samsung => 74651301 B

      RecycleBin => 604358535 B
      EmptyTemp: => 1.2 GB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 21:08:42 ====

    6. #6
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.886

      Re: INFORMES CHROMIUM, no se desinstala. Falla enlace OTL

      Hola


      Descargá la herramienta Delfix a Tu escritorio.


      Ejecutala, Tildá la casilla Remove disinfection tools y presioná Run

      Al terminar Se abrirá un reporte llamado DelFix.txt, verifica que se hayan eliminado las herramientas usadas para desinfectar el Pc.



      Nos comentas como sigue ...



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.