• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 12 de 12

    Eliminar Virus que convierte las carpetas en acceso directo en Los USB (Solucionado)

    Resumen del tema: Eliminar Virus que convierte las carpetas en acceso directo en Los USB (Solucionado) - Estos son los resultados All processes killed ========== OTL ========== Service VGPU stopped successfully! Service VGPU deleted successfully! File System32\drivers\rdvgkmd.sys File not found not found. Service tsusbhub stopped successfully! Service tsusbhub deleted successfully! File system32\drivers\tsusbhub.sys ...

      
    1. #11
      Usuario Avatar de sesemar3
      Registrado
      jun 2010
      Ubicación
      Guatemala
      Mensajes
      9

      Re: Como eliminar Virus que convierte las carpetas en acceso directo en Los USB

      Estos son los resultados

      All processes killed
      ========== OTL ==========
      Service VGPU stopped successfully!
      Service VGPU deleted successfully!
      File System32\drivers\rdvgkmd.sys File not found not found.
      Service tsusbhub stopped successfully!
      Service tsusbhub deleted successfully!
      File system32\drivers\tsusbhub.sys File not found not found.
      Service Synth3dVsc stopped successfully!
      Service Synth3dVsc deleted successfully!
      File System32\drivers\synth3dvsc.sys File not found not found.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search bar| /E : value set successfully!
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
      Registry key HKEY_USERS\S-1-5-21-3883438042-2869261293-2202881328-1000\Software\Microsoft\Internet Explorer\SearchScopes\{90F96575-874A-454A-B254-0AFC08A2A93A}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90F96575-874A-454A-B254-0AFC08A2A93A}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2\ deleted successfully.
      C:\Windows\system32\npDeployJava1.dll moved successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
      C:\Users\GLENDYJOSE\AppData\Roaming\mozilla\Firefox\Profiles\q96fzg3z.default\extensions\[email protected]\defaults folder moved successfully.
      C:\Users\GLENDYJOSE\AppData\Roaming\mozilla\Firefox\Profiles\q96fzg3z.default\extensions\[email protected] folder moved successfully.
      C:\Program Files\Mozilla Firefox\searchplugins\eBay-es.xml moved successfully.
      C:\Program Files\Mozilla Firefox\searchplugins\twitter.xml moved successfully.
      Use Chrome's Settings page to remove the default_search_provider items.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
      C:\Program Files\Java\jre7\bin\jp2ssv.dll moved successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
      Registry value HKEY_USERS\S-1-5-21-3883438042-2869261293-2202881328-1000\Software\Microsoft\Windows\CurrentVersion\Run\\5bd6 deleted successfully.
      Registry value HKEY_USERS\S-1-5-21-3883438042-2869261293-2202881328-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Facebook\Update\FacebookUpdate.exe moved successfully.
      Registry value HKEY_USERS\S-1-5-21-3883438042-2869261293-2202881328-1000\Software\Microsoft\Windows\CurrentVersion\Run\\neekul deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{09fbbfd9-a034-11e1-b13f-003067136a32}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09fbbfd9-a034-11e1-b13f-003067136a32}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{09fbbfd9-a034-11e1-b13f-003067136a32}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09fbbfd9-a034-11e1-b13f-003067136a32}\ not found.
      File E:\AutoRun.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d3a35b3-0e60-11e1-9d9b-003067136a32}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d3a35b3-0e60-11e1-9d9b-003067136a32}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d3a35b3-0e60-11e1-9d9b-003067136a32}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d3a35b3-0e60-11e1-9d9b-003067136a32}\ not found.
      File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c20fdabc-a42f-11e1-8f81-003067136a32}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c20fdabc-a42f-11e1-8f81-003067136a32}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c20fdabc-a42f-11e1-8f81-003067136a32}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c20fdabc-a42f-11e1-8f81-003067136a32}\ not found.
      File E:\AutoRun.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f26a4314-83e5-11e1-8d33-003067136a32}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f26a4314-83e5-11e1-8d33-003067136a32}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f26a4314-83e5-11e1-8d33-003067136a32}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f26a4314-83e5-11e1-8d33-003067136a32}\ not found.
      File E:\AutoRun.exe not found.
      C:\Users\GLENDYJOSE\Documents\~WRL0004.tmp deleted successfully.
      C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3883438042-2869261293-2202881328-1000UA.job moved successfully.
      C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3883438042-2869261293-2202881328-1000Core.job moved successfully.
      C:\Windows\Tasks\ccleaner1.job moved successfully.
      C:\Windows\Tasks\Delete.job moved successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\GLENDYJOSE\Downloads\cmd.bat deleted successfully.
      C:\Users\GLENDYJOSE\Downloads\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      C:\Users\GLENDYJOSE\Downloads\cmd.bat deleted successfully.
      C:\Users\GLENDYJOSE\Downloads\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: All Users

      User: Default

      User: Default User

      User: Domingo
      ->Flash cache emptied: 12802 bytes

      User: GLENDYJOSE
      ->Flash cache emptied: 2878 bytes

      User: Invitado
      ->Flash cache emptied: 492 bytes

      User: Public

      Total Flash Files Cleaned = 0.00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Domingo
      ->Temp folder emptied: 6522619 bytes
      ->Temporary Internet Files folder emptied: 1320085607 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 6462809 bytes
      ->Google Chrome cache emptied: 6099312 bytes
      ->Flash cache emptied: 0 bytes

      User: GLENDYJOSE
      ->Temp folder emptied: 2670088 bytes
      ->Temporary Internet Files folder emptied: 132930069 bytes
      ->Java cache emptied: 861517 bytes
      ->FireFox cache emptied: 60228914 bytes
      ->Google Chrome cache emptied: 19308966 bytes
      ->Flash cache emptied: 0 bytes

      User: Invitado
      ->Temp folder emptied: 2238153 bytes
      ->Temporary Internet Files folder emptied: 960918 bytes
      ->Google Chrome cache emptied: 819568 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 218349 bytes
      RecycleBin emptied: 431839 bytes

      Total Files Cleaned = 1,488.00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 06262013_192051

      Files\Folders moved on Reboot...
      File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
      File\Folder C:\Users\GLENDYJOSE\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\YRFHX5SD\p.3ae1mc4rm4e9l.ver.14.app.3cp9lcoq32dpn.ver.81.app.3edr56pij4phm.ver.3.app.3ie33cpgj6dhi.ver.46.app.3ie3464o3ed33.ver.9.app.62dpic5h3epj1.ver.3.app.6cdj26sq3cdb6.ver[1].8 not found!
      File\Folder C:\Users\GLENDYJOSE\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\I3K80IUZ\vt=w;!c=9629136;k2=3;k2=34;k2=36;k2=182;k2=211;k2=613;k2=1095;k2=1097;kvlg=es;as3=1;pos=pre;tile=1;kmyd=watch-channel-brand-div;ciu_szs=300x60,300x250;ord=133804786[1].asx not found!
      File\Folder C:\Users\GLENDYJOSE\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\97IR2NJS\p.3ae1mc4rm4e9l.ver.14.app.3cp9lcoq32dpn.ver.81.app.3edr56pij4phm.ver.3.app.3ie33cpgj6dhi.ver.46.app.3ie3464o3ed33.ver.9.app.62dpic5h3epj1.ver.3.app.6cdj26sq3cdb6.ver[1].8 not found!
      File\Folder C:\Users\GLENDYJOSE\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5XN25547\.min,sdk.min,iframeDinamicParent,menu,imgxd,hash,imgxdMclicsVQ,searchSDK,dejavu,pmsArrays,pms,autosuggest,header,welcomemsg,jjsonp,jqueryui,fbscroll,bookmarks,jquery[1].js not found!
      File\Folder C:\Users\GLENDYJOSE\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5XN25547\22;ytdevice=1;ytexp=904000,916625;ytps=default;ytvt=w;!c=9629136;k2=13;kvlg=es;as3=1;pos=pre;tile=1;kmyd=watch-channel-brand-div;ciu_szs=300x60,300x250;ord=84369598[1].asx not found!
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAANTTM0\aiCA6TLVE0.htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OOR33SJM\st[1] moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OOR33SJM\st[2] moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GUHQXMXK\friends[1].htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EOWKFI2J\engine[1].htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EOWKFI2J\st[1] moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9J1EP30A\ai[1].htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9J1EP30A\ai[2].htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8SVOL9G5\plusone_gadget[1].htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8SVOL9G5\push[1].htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8SVOL9G5\push[2].htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3ZI2X4V7\12[1].htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3ZI2X4V7\ai[5].htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3ZI2X4V7\facebook_com[1].htm moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3ZI2X4V7\st[1] moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.
      C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{EA1B951B-6C42-45F9-B910-19376FF6F692}.tmp moved successfully.
      File\Folder C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{27618BE1-762B-4099-8D86-A9F9E4BEBFAA}.tmp not found!
      File\Folder C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{2ACB9B27-26B1-41A0-9509-12BBB859A9BC}.tmp not found!
      File\Folder C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{950864C3-232F-418B-B987-F87AC079F48A}.tmp not found!
      File\Folder C:\Users\GLENDYJOSE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{D59926F5-CCCA-458D-ADDE-4A3FE84208FC}.tmp not found!
      C:\Windows\temp\GoogleToolbarInstaller2.log moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

      la version de java es:

      java standar editionversion 7 actualizacion 25 (compilacion 1.7.0_25-b17)

      y muchas gracias por la ayuda!!!

    2. #12
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      14.761

      Re: Como eliminar Virus que convierte las carpetas en acceso directo en Los USB

      Perfecto, nos alegra ver que esta el tema arreglado.

      Solo queda que hagas lo siguiente :

      Ejecuta de nuevo OTL.exe y presionas el Botón Limpiar.

      Esto Eliminará del sistema a OTL.exe y sus archivos creados y eliminados.

      Te pedirá reiniciar el ordenador, debes pulsar SI, con AdwCleaner y USBFIX, haces lo mismo pulsando en “Desinstalar”.

      Y ahora ya damos el tema por SOLUCIONADO.
      Si necesitas reabrir el tema, pulsa en el () que veras en la parte inferior de cualquier mensaje del tema y solicítalo, un Moderad@r atenderá tu consulta.
      Te recomendamos mantenerte informado en InfoSpyware Blog y seguirnos en nuestras vías de difusión E-Mail - Facebook - Twitter
      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 2 de 2 PrimeroPrimero 12