• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 14

    Avast me genera un mensaje cada minuto, no puedo eliminar el virus

    Ante todo un gran Saludo. Escribo por este foro pidiendo respetuosamente su ayuda para tratar de resolver un problema que tiene mi computadora luego de usar mi usb en mi sitio de trabajo. El mensaje ...

    1. #1
      Usuario Avatar de Aisox
      Registrado
      may 2015
      Ubicación
      Mexico
      Mensajes
      12

      Avast me genera un mensaje cada minuto, no puedo eliminar el virus

      Ante todo un gran Saludo. Escribo por este foro pidiendo respetuosamente su ayuda para tratar de resolver un problema que tiene mi computadora luego de usar mi usb en mi sitio de trabajo. El mensaje que me genera avast en una ventanilla inferior derecha cada 5 minutos dice lo siguiente:

      El escudo Web de Avast ha bloqueado una pagina we o archivo dañino.
      Objeto: htpp://disorderstatus.ru/order.php
      Infección: URL:Mal
      Proceso:C:\Windows\SysWOW64\msiexec.exe

      Ya le pase el antivirus como 4 veces, elimine algunos virus que encontró, le pase el AdWCleaner, le pase el Malwarebytes Anty-Malware, y en todos ellos elimine algunos archivos que marcaba como virus o sospechosos, incluso pase otro llamado tdsskiller por recomendacion que vi en los foros , sin obtener resultado. Sigue apareciendo el mensaje cada minuto, aparentemente no hace nada mas , pero temo podria ponerse peor.
      Agradecido de antemano por cualquier ayuda me puedan brindar

    2. #2
      Usuario Avatar de ws_maxter
      Registrado
      may 2015
      Ubicación
      peru
      Mensajes
      1

      re: Avast me genera un mensaje cada minuto, no puedo eliminar el virus

      Hola Aisox

      A mi me pasa lo mismo, no se como eliminar la amenaza pero almenos logré que vast deje de sacar el mensaje, cuando pase Malwarebytes revise el log y me salia un archivo de internet explorer (lo cual es raro por que yo uso mozila) pero lo que hice fue desactivar el IE y ya no me sale el mensaje, al parecer algo se ha instalado en el IE y llama a aesa página a cada momento y el Avast lo detecta y bloquea, si el IE está desactivado ya no puede llamar a la página, voy a ver como me va estos dias igual supongo que sigo infectado solo que esta contenido.

      saludos.

    3. #3
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.877

      re: Avast me genera un mensaje cada minuto, no puedo eliminar el virus

      Hola




      Descargá y ejecutá USBFix tal cual lo indica Su Manual.


      NOTA:

      1.- No olvides conectar tus memorias extraibles cuando te lo solicite

      2.- Usá el Boton Limpiar para eliminar las infecciones que detecte.

      3.- Si no te permite usarlo en Modo Seguro, lo haces en Modo Normal.


      Volves con el reporte generado y Nos comentas como sigue todo ahora.



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    4. #4
      Usuario Avatar de Diana Sunee
      Registrado
      may 2015
      Mensajes
      1

      re: Avast me genera un mensaje cada minuto, no puedo eliminar el virus

      A mi me pasaba lo mismo, ejecute USBFix y el mensaje dejo de aparecer.
      Se eliminaron como 4 elementos.
      Muchas gracias

    5. #5
      Usuario Avatar de Aisox
      Registrado
      may 2015
      Ubicación
      Mexico
      Mensajes
      12

      re: Avast me genera un mensaje cada minuto, no puedo eliminar el virus

      Amigos:
      Segui los pasos que me sugirió el amigo Leo solari, este fue el reporte de Usb Fix cuando le di al boton buscar:
      ############################## | UsbFix V 7.938 | [Buscar]

      Usuario: Augusto Siergert (Administrador) # AUGUSTOSIERGERT
      Actualizado el 15/05/2015 por El Desaparecido - SosVirus
      Comenzó a 11:11:13 | 16/05/2015

      Sitio web : http://www.es.usbfix.net/
      Changelog : Mise à jours • UsbFix
      Asistencia : http://www.sos-virus.net/
      Détection en directo : Virus USB Archivos - Como Eliminar ?
      Contacto : Contáctanos

      ################## | System information |

      MB: Wistron (3612)
      CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
      GC: Mobile Intel(R) 4 Series Express Chipset Family
      RAM -> [Total : 3003 Mo | Free : 1742 Mo]
      Bios: Hewlett-Packard
      Boot: Normal boot

      OS: Microsoft™ Windows 7 Ultimate (6.1.7601 64-Bit) Service Pack 1
      WB: Internet Explorer : 9.00.8112.16421
      WB: Google Chrome : 42.0.2311.152
      WB: Mozilla Firefox : 33.1.1

      ################## | Security Information |

      AV: avast! Antivirus [(!) Desactivado |Actualizado]
      AS: Windows Defender [Activado |Actualizado]
      AS: avast! Antivirus [(!) Desactivado |Actualizado]
      FW: avast! Antivirus [(!) Desactivado]
      AS: Malwarebytes Anti-Malware : 2.1.6.1022
      FW: Windows Firewall [Activado]
      SC: Security Center [Activado]
      WU: Windows Update [Activado]

      ################## | Disk Information |

      C:\ (%SystemDrive%) -> Disco fijo # 286 Gb (136 Gb libre(s) - 47%) [] # NTFS
      D:\ -> Disco fijo # 12 Gb (2 Gb libre(s) - 17%) [RECOVERY] # NTFS
      F:\ -> Disco extraíble # 15 Gb (15 Gb libre(s) - 100%) [KINGSTON] # FAT32

      ################## | Autorun |


      ################## | Startup |

      F2 - HKLM\..\Winlogon : [Shell] explorer.exe
      F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
      F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
      F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
      F3 - HKCU\..\Windows : [Load] C:\ProgramData\msporydig.exe
      04 - HKCU\..\Run : [Facebook Update] "C:\Users\Augusto Siergert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
      04 - HKCU\..\Run : [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /c
      04 - HKCU\..\Run : [Hoolapp Android] "C:\Users\AUGUST~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
      04 - HKCU\..\Run : [ChicaPasswordManager] "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
      04 - HKCU\..\Run : [uTorrent] "C:\Users\Augusto Siergert\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
      04 - HKCU\..\Run : [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
      04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
      04 - HKLM\..\Run : [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      04 - HKLM\..\Run : [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
      04 - HKLM\..\Run : [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
      04 - HKLM\..\Run : [Baidu Antivirus] "C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\5.4.3.124234.0\BavTray.exe" -auto
      04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      04 - HKLM\..\Run : [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
      04 - HKLM\..\Run : [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
      04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
      04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
      04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
      04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
      04 - [x64] HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
      04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [Facebook Update] "C:\Users\Augusto Siergert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /c
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [Hoolapp Android] "C:\Users\AUGUST~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [ChicaPasswordManager] "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [uTorrent] "C:\Users\Augusto Siergert\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
      04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
      04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
      04GS - Dropbox.lnk : C:\Users\Augusto Siergert\AppData\Roaming\Dropbox\bin\Dropbox.exe
      04GS - RealPlayer Cloud Service UI.lnk : C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe

      ################## | Búsqueda genérica |

      Encontrado! C:\ProgramData\msporydig.exe
      Encontrado! C:\Users\All Users\msporydig.exe

      ################## | Registro |

      Encontrado! HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows|load (C:\ProgramData\msporydig.exe)

      ################## | UsbFix - Información |

      Info : ¿Cómo eliminar el virus de acceso directo en el disco flash ? (Video)
      Info : ¿Como eliminar el virus de acceso directo USB?
      Détection en directo : Virus USB Archivos - Como Eliminar ?

      ################## | Attrib - Restore |


      ################## | E.O.F | http://www.sosvirus.net/ | http://www.es.usbfix.net/ |

    6. #6
      Usuario Avatar de Aisox
      Registrado
      may 2015
      Ubicación
      Mexico
      Mensajes
      12

      re: Avast me genera un mensaje cada minuto, no puedo eliminar el virus

      Y este fue el reporte que me genero UsbFix cuando presione Limpiar:
      ############################## | UsbFix V 7.938 | [Limpiar]

      Usuario: Augusto Siergert (Administrador) # AUGUSTOSIERGERT
      Actualizado el 15/05/2015 por El Desaparecido - SosVirus
      Comenzó a 11:22:38 | 16/05/2015

      Sitio web : http://www.es.usbfix.net/
      Changelog : Mise à jours • UsbFix
      Asistencia : http://www.sos-virus.net/
      Détection en directo : Virus USB Archivos - Como Eliminar ?
      Contacto : Contáctanos

      ################## | System information |

      MB: Wistron (3612)
      CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
      GC: Mobile Intel(R) 4 Series Express Chipset Family
      RAM -> [Total : 3003 Mo | Free : 1832 Mo]
      Bios: Hewlett-Packard
      Boot: Normal boot

      OS: Microsoft™ Windows 7 Ultimate (6.1.7601 64-Bit) Service Pack 1
      WB: Internet Explorer : 9.00.8112.16421
      WB: Google Chrome : 42.0.2311.152
      WB: Mozilla Firefox : 33.1.1

      ################## | Security Information |

      AV: avast! Antivirus [(!) Desactivado |Actualizado]
      AS: Windows Defender [Activado |Actualizado]
      AS: avast! Antivirus [(!) Desactivado |Actualizado]
      FW: avast! Antivirus [(!) Desactivado]
      AS: Malwarebytes Anti-Malware : 2.1.6.1022
      FW: Windows Firewall [Activado]
      SC: Security Center [Activado]
      WU: Windows Update [Activado]

      ################## | Disk Information |

      C:\ (%SystemDrive%) -> Disco fijo # 286 Gb (136 Gb libre(s) - 47%) [] # NTFS
      D:\ -> Disco fijo # 12 Gb (2 Gb libre(s) - 17%) [RECOVERY] # NTFS
      F:\ -> Disco extraíble # 15 Gb (15 Gb libre(s) - 100%) [KINGSTON] # FAT32

      ################## | Autorun |


      ################## | Búsqueda genérica |


      (!) Archivos temporales suprimido. (0.0625638961791992 MB)

      ################## | Registro |


      ################## | Startup |

      F2 - HKLM\..\Winlogon : [Shell] explorer.exe
      F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
      F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
      F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
      04 - HKCU\..\Run : [Facebook Update] "C:\Users\Augusto Siergert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
      04 - HKCU\..\Run : [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /c
      04 - HKCU\..\Run : [Hoolapp Android] "C:\Users\AUGUST~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
      04 - HKCU\..\Run : [ChicaPasswordManager] "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
      04 - HKCU\..\Run : [uTorrent] "C:\Users\Augusto Siergert\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
      04 - HKCU\..\Run : [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
      04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
      04 - HKLM\..\Run : [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      04 - HKLM\..\Run : [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
      04 - HKLM\..\Run : [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
      04 - HKLM\..\Run : [Baidu Antivirus] "C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\5.4.3.124234.0\BavTray.exe" -auto
      04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      04 - HKLM\..\Run : [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
      04 - HKLM\..\Run : [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
      04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
      04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
      04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
      04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
      04 - [x64] HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
      04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [Facebook Update] "C:\Users\Augusto Siergert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /c
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [Hoolapp Android] "C:\Users\AUGUST~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [ChicaPasswordManager] "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [uTorrent] "C:\Users\Augusto Siergert\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
      04 - HKU\S-1-5-21-211548806-1709259256-4278993842-1000\..\Run : [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
      04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
      04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
      04GS - Dropbox.lnk : C:\Users\Augusto Siergert\AppData\Roaming\Dropbox\bin\Dropbox.exe
      04GS - RealPlayer Cloud Service UI.lnk : C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe

      ################## | UsbFix - Información |

      Info : ¿Cómo eliminar el virus de acceso directo en el disco flash ? (Video)
      Info : ¿Como eliminar el virus de acceso directo USB?
      Détection en directo : Virus USB Archivos - Como Eliminar ?

      ################## | Attrib - Restore |


      ################## | C:\ %SystemDrive% - Disco fijo (NTFS) |

      [13/05/2015 - 20:46:12 | A | 404 Ko] - C:\TDSSKiller.3.0.0.44_13.05.2015_20.43.22_log.txt
      [13/05/2015 - 20:51:10 | A | 207 Ko] - C:\TDSSKiller.3.0.0.44_13.05.2015_20.48.17_log.txt
      [13/05/2015 - 20:58:43 | A | 705 Ko] - C:\TDSSKiller.3.0.0.44_13.05.2015_20.54.16_log.txt
      [16/05/2015 - 10:52:50 | ASH | 2306448 Ko] - C:\hiberfil.sys
      [16/05/2015 - 10:52:56 | ASH | 3075268 Ko] - C:\pagefile.sys
      [14/05/2015 - 23:05:06 | D] - C:\Config.Msi
      [12/02/2014 - 00:50:19 | A | 0 Ko] - C:\AVScanner.ini
      [15/01/2014 - 19:42:40 | A | 594 Ko] - C:\SecurityScanner.dll
      [05/08/2012 - 12:16:30 | SHD] - C:\$Recycle.Bin
      [24/01/2014 - 01:19:21 | A | 0 Ko] - C:\autoexec.bat
      [30/08/2014 - 10:39:08 | SHD] - C:\found.000
      [13/07/2009 - 22:20:08 | D] - C:\PerfLogs
      [14/07/2009 - 00:08:56 | SHD] - C:\Documents and Settings
      [05/08/2012 - 12:14:44 | SHD] - C:\Archivos de programa
      [05/08/2012 - 12:14:45 | SHD] - C:\Recovery
      [05/08/2012 - 12:16:22 | RD] - C:\Users
      [05/08/2012 - 12:22:27 | RHD] - C:\MSOCache
      [05/08/2012 - 12:23:30 | D] - C:\IDE
      [07/08/2012 - 08:09:25 | D] - C:\Intel
      [07/08/2012 - 09:17:13 | D] - C:\driver
      [11/08/2012 - 11:18:20 | D] - C:\PFiles
      [12/08/2012 - 10:02:18 | D] - C:\9a1dc0619687ec88abf47a
      [26/02/2013 - 23:21:21 | D] - C:\SWSETUP
      [25/01/2014 - 22:15:06 | D] - C:\e6699aead0a19f91f34a12c0094d69
      [09/04/2014 - 2318 | D] - C:\Spacekace
      [03/12/2014 - 12:49:16 | D] - C:\MappedFiles
      [11/03/2015 - 00:23:59 | D] - C:\PLM_Software
      [12/05/2015 - 22:00:31 | D] - C:\Program Files
      [13/05/2015 - 20:51:03 | D] - C:\TDSSKiller_Quarantine
      [14/05/2015 - 06:42:59 | D] - C:\AdwCleaner
      [14/05/2015 - 23:00:36 | RD] - C:\Program Files (x86)
      [14/05/2015 - 2302 | D] - C:\Windows
      [16/05/2015 - 11:06:28 | D] - C:\UsbFix
      [16/05/2015 - 11:20:55 | HD] - C:\ProgramData

      ################## | D:\ - Disco fijo (NTFS) |

      [10/11/2011 - 07:47:30 | A | 0 Ko] - D:\HPSF_Rep.txt
      [29/10/2009 - 17:45:20 | D] - D:\system.sav
      [29/10/2009 - 19:05:57 | N | 0 Ko] - D:\hpdrcu.prc
      [29/08/2009 - 15:09:22 | N | 0 Ko] - D:\RPCONFIG.LOG
      [29/08/2009 - 15:09:35 | N | 11 Ko] - D:\DeployRp.log
      [29/10/2009 - 17:45:20 | N | 0 Ko] - D:\language.ini
      [29/10/2009 - 17:45:20 | N | 0 Ko] - D:\BT_HP.FLG
      [29/08/2009 - 14:57:21 | N | 0 Ko] - D:\CSP.DAT
      [29/10/2009 - 17:45:09 | N | 0 Ko] - D:\HP_WSD.dat
      [05/08/2012 - 12:16:30 | SHD] - D:\$RECYCLE.BIN
      [14/07/2009 - 13:39:00 | ASH | 375 Ko] - D:\bootmgr
      [29/10/2009 - 17:45:20 | SHD] - D:\boot
      [29/10/2009 - 17:45:20 | D] - D:\hp
      [29/10/2009 - 17:45:20 | SHD] - D:\preload
      [29/10/2009 - 17:45:20 | SD] - D:\Recovery

      ################## | F:\ - Disco extraíble (FAT32) |

    7. #7
      Usuario Avatar de Aisox
      Registrado
      may 2015
      Ubicación
      Mexico
      Mensajes
      12

      re: Avast me genera un mensaje cada minuto, no puedo eliminar el virus

      Sin embargo la limpieza cuando iba por el 98% se paró y el sistema me generaba el siguiente mensaje de error que no permitió limpiar al 100%:
      Autolt Error
      Line 42184 (File “ C:\UsbFix\UsbFix.exe”):
      Error: Subscript used on non – accessible variable.
      Sin embargo segui todos los pasos, espero que desaparezca el problema, agradecido.
      Cualquier eventualidad les avisa

    8. #8
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.877

      re: Avast me genera un mensaje cada minuto, no puedo eliminar el virus

      Hola


      Hay algunas cosas que se deben eliminar ...


      Descargá Revouninstaller y Lo instalas.


      Iniciá el ordenador en Modo Seguro


      Ejecutá Revounnistaller y desinstala completamente Baidu Antivirus.


      Reiniciá el ordenador en Modo Normal.



      Descargá OTL By OldTimer





      >>> Ejecutá OTL
      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo asta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Pegá el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:


        msconfig
        netsvcs
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.




      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    9. #9
      Usuario Avatar de Aisox
      Registrado
      may 2015
      Ubicación
      Mexico
      Mensajes
      12

      re: Avast me genera un mensaje cada minuto, no puedo eliminar el virus

      Saludos Amigos, Disculpen por tardar tanto en responder, he estado muy ocupado. Agradezco de antemano ya que gracias a su ayuda la compu esta mucho mejor, solo un poco lenta. Realicé lo que me dijeron y aqui esta el reporte de OLT:
      OTL logfile created on: 28/05/2015 10:02:07 p.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Augusto Siergert\Downloads
      64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy

      2.93 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 44.57% Memory free
      5.86 Gb Paging File | 4.13 Gb Available in Paging File | 70.39% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 286.12 Gb Total Space | 141.38 Gb Free Space | 49.41% Space Free | Partition Type: NTFS
      Drive D: | 11.87 Gb Total Space | 1.97 Gb Free Space | 16.58% Space Free | Partition Type: NTFS

      Computer Name: AUGUSTOSIERGERT | User Name: Augusto Siergert | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Augusto Siergert\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
      PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
      PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
      PRC - C:\Users\Augusto Siergert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.)
      PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe ()
      PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe ()
      PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
      PRC - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
      PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
      PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)


      ========== Modules (No Company Name) ==========

      MOD - c:\users\august~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_sho_g.dll ()
      MOD - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll ()
      MOD - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll ()
      MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
      MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
      MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
      MOD - C:\Users\Augusto Siergert\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll ()
      MOD - C:\Users\Augusto Siergert\AppData\Roaming\Dropbox\bin\libGLESv2.dll ()
      MOD - C:\Users\Augusto Siergert\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll ()
      MOD - C:\Users\Augusto Siergert\AppData\Roaming\Dropbox\bin\libEGL.dll ()
      MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll ()
      MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe ()
      MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
      SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
      SRV - (RealPlayer Cloud Service) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (RealPlayerUpdateSvc) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe ()
      SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
      SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
      SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
      DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
      DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (Avast Software s.r.o.)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (Avast Software s.r.o.)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (Avast Software s.r.o.)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (Avast Software s.r.o.)
      DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
      DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (Avast Software s.r.o.)
      DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
      DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
      DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
      DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://mx.yahoo.com?fr=hp-avast&type=avastbcl
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://mx.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Videos, Outlook, Noticias, TV, Futbol y más en Prodigy MSN
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-MX
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 44 D9 4E 26 A1 14 CE 01 [binary data]
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.countryCode: "MX"
      FF - prefs.js..browser.search.region: "MX"
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.2
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.15: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
      FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Augusto Siergert\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/05/14 2302 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{338950EA-82DB-44C1-930D-0C28E023C9F0}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2015/04/23 21:50:00 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015/04/23 21:50:00 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2013/06/17 20:40:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Extensions
      [2015/05/12 22:03:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles\extensions
      [2015/05/12 22:07:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
      [2015/05/12 22:03:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles\extensions\searchplugins
      [2015/05/22 20:22:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles\2plz62tw.default\extensions
      [2013/11/03 22:12:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles2plz62tw.default\extensions
      [2013/11/03 22:12:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles2plz62tw.default\extensions\staged
      [2013/05/28 11:09:42 | 000,197,611 | ---- | M] () (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected]
      [2012/07/31 06:59:18 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected]
      [2013/02/11 05:58:00 | 000,214,122 | ---- | M] () (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected]
      [2014/09/14 19:36:21 | 000,009,425 | ---- | M] () -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\firefox\profiles\2plz62tw.default\searchplugins\yahoo-avast.xml
      [2015/05/28 20:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
      [2015/05/23 19:50:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      [2015/05/10 23:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\extensions
      [2015/05/10 23:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\extensions\[email protected]
      [2015/05/10 23:42:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions
      [2015/05/10 23:44:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      ========== Chrome ==========

      CHR - Extension: No name found = C:\Users\Augusto Siergert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\
      CHR - Extension: No name found = C:\Users\Augusto Siergert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
      CHR - Extension: No name found = C:\Users\Augusto Siergert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\

      O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
      O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
      O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
      O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
      O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
      O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
      O4 - HKLM..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe ()
      O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
      O4 - HKCU..\Run: [ChicaPasswordManager] "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned File not found
      O4 - HKCU..\Run: [Facebook Update] C:\Users\Augusto Siergert\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKCU..\Run: [uTorrent] C:\Users\Augusto Siergert\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
      O4 - Startup: C:\Users\Augusto Siergert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Augusto Siergert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} Automatically Find HP Updates | HP Support (GMNRev Class)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.185.15.114
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{018C842C-EEEA-4395-B6A1-7A83C1FBD07D}: DhcpNameServer = 187.185.15.114
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 107.6.133.8,23.23.180.210
      O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
      O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
      O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2014/01/24 01:19:21 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2015/05/16 11:25:52 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
      O33 - MountPoints2\{231a8ef1-00d3-11e4-b96c-001f16e70cfb}\Shell - "" = AutoRun
      O33 - MountPoints2\{231a8ef1-00d3-11e4-b96c-001f16e70cfb}\Shell\AutoRun\command - "" = F:\SISetup.exe
      O33 - MountPoints2\{3aa68d23-0a93-11e2-9a79-001f16e70cfb}\Shell - "" = AutoRun
      O33 - MountPoints2\{3aa68d23-0a93-11e2-9a79-001f16e70cfb}\Shell\AutoRun\command - "" = F:\setup.exe -a
      O33 - MountPoints2\{cb141794-9ea9-11e3-b065-001f16e70cfb}\Shell - "" = AutoRun
      O33 - MountPoints2\{cb141794-9ea9-11e3-b065-001f16e70cfb}\Shell\AutoRun\command - "" = G:\SISetup.exe
      O33 - MountPoints2\{d7c38277-b5b1-11e3-b162-001f16e70cfb}\Shell - "" = AutoRun
      O33 - MountPoints2\{d7c38277-b5b1-11e3-b162-001f16e70cfb}\Shell\AutoRun\command - "" = G:\SISetup.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2015/05/28 21:14:13 | 000,000,000 | ---D | C] -- C:\Users\Augusto Siergert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
      [2015/05/26 21:57:45 | 000,000,000 | ---D | C] -- C:\Users\Augusto Siergert\Desktop\candidiasis esofagica
      [2015/05/25 20:18:10 | 000,000,000 | ---D | C] -- C:\Users\Augusto Siergert\AppData\Roaming\dvdcss
      [2015/05/20 09:33:04 | 000,000,000 | ---D | C] -- C:\Users\Augusto Siergert\Desktop\Omalizumab
      [2015/05/14 2303 | 000,364,472 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
      [2015/05/14 23:09:44 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
      [2015/05/13 20:51:03 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
      [2015/05/12 23:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2015/05/12 21:55:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
      [6 C:\Users\Augusto Siergert\Desktop\*.tmp files -> C:\Users\Augusto Siergert\Desktop\*.tmp -> ]
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Users\Augusto Siergert\Documents\*.tmp files -> C:\Users\Augusto Siergert\Documents\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2015/05/28 21:43:49 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2015/05/28 21:43:49 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2015/05/28 21:31:12 | 000,000,306 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
      [2015/05/28 21:30:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2015/05/28 21:29:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2015/05/28 21:29:09 | 2361,802,752 | -HS- | M] () -- C:\hiberfil.sys
      [2015/05/28 21:14:21 | 000,001,264 | ---- | M] () -- C:\Users\Augusto Siergert\Desktop\Revo Uninstaller.lnk
      [2015/05/28 20:19:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2015/05/27 13:37:36 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-211548806-1709259256-4278993842-1000UA.job
      [2015/05/27 10:53:36 | 000,000,474 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Augusto Siergert.job
      [2015/05/26 22:34:02 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-211548806-1709259256-4278993842-1000Core.job
      [2015/05/26 19:31:25 | 000,000,306 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
      [2015/05/25 22:34:03 | 001,669,262 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2015/05/25 22:34:03 | 000,745,130 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2015/05/25 22:34:03 | 000,651,792 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2015/05/25 22:34:03 | 000,157,598 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2015/05/25 22:34:03 | 000,120,724 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2015/05/25 19:41:54 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2015/05/22 14:12:07 | 001,058,282 | ---- | M] () -- C:\Users\Augusto Siergert\Desktop\Protocolos de actuación en Hipertensión pulmonar (2010).pdf
      [2015/05/18 20:34:40 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
      [2015/05/14 23:09:59 | 000,272,248 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
      [2015/05/14 23:09:59 | 000,137,288 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswStm.sys
      [2015/05/14 23:09:58 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSP.sys
      [2015/05/14 23:09:58 | 000,364,472 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
      [2015/05/14 23:09:58 | 000,093,528 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswRdr2.sys
      [2015/05/14 23:09:58 | 000,089,944 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
      [2015/05/14 23:09:58 | 000,065,736 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
      [2015/05/14 23:09:58 | 000,029,168 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
      [2015/05/14 23:09:44 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
      [2015/05/14 23:09:25 | 001,047,320 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSnx.sys
      [2015/05/14 23:00:20 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2015/05/12 21:32:21 | 000,000,020 | ---- | M] () -- C:\ProgramData\bc.ini
      [2015/05/12 21:31:55 | 000,000,394 | ---- | M] () -- C:\Windows\wininit.ini
      [2015/05/09 11:34:17 | 000,001,175 | ---- | M] () -- C:\Users\Augusto Siergert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
      [2015/05/04 20:22:06 | 000,000,000 | -H-- | M] () -- C:\Users\Augusto Siergert\Documents\Default.rdp
      [6 C:\Users\Augusto Siergert\Desktop\*.tmp files -> C:\Users\Augusto Siergert\Desktop\*.tmp -> ]
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Users\Augusto Siergert\Documents\*.tmp files -> C:\Users\Augusto Siergert\Documents\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2015/05/28 21:14:21 | 000,001,264 | ---- | C] () -- C:\Users\Augusto Siergert\Desktop\Revo Uninstaller.lnk
      [2015/05/22 14:12:16 | 001,058,282 | ---- | C] () -- C:\Users\Augusto Siergert\Desktop\Protocolos de actuación en Hipertensión pulmonar (2010).pdf
      [2015/05/12 21:32:21 | 000,000,020 | ---- | C] () -- C:\ProgramData\bc.ini
      [2015/05/09 11:34:17 | 000,001,175 | ---- | C] () -- C:\Users\Augusto Siergert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
      [2015/05/04 20:22:06 | 000,000,000 | -H-- | C] () -- C:\Users\Augusto Siergert\Documents\Default.rdp
      [2015/03/10 02:33:18 | 000,000,394 | ---- | C] () -- C:\Windows\wininit.ini
      [2014/12/02 15:49:13 | 000,003,584 | ---- | C] () -- C:\Users\Augusto Siergert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2013/09/13 00:28:36 | 000,000,286 | ---- | C] () -- C:\Users\Augusto Siergert\AppData\Roaming\WB.CFG
      [2012/10/19 09:28:38 | 000,000,032 | ---- | C] () -- C:\Users\Augusto Siergert\AppData\Roaming\cbl32.dll

      ========== ZeroAccess Check ==========

      [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2014/01/21 00:52:22 | 000,000,000 | ---D | M] -- C:\Users\Augusto Siergert\AppData\Roaming\AVAST Software
      [2015/03/10 07:47:59 | 000,000,000 | ---D | M] -- C:\Users\Augusto Siergert\AppData\Roaming\Azureus
      [2015/05/28 21:35:34 | 000,000,000 | ---D | M] -- C:\Users\Augusto Siergert\AppData\Roaming\Dropbox
      [2014/04/09 23:14:16 | 000,000,000 | ---D | M] -- C:\Users\Augusto Siergert\AppData\Roaming\IsolatedStorage
      [2014/12/23 15:50:06 | 000,000,000 | ---D | M] -- C:\Users\Augusto Siergert\AppData\Roaming\NetDomino
      [2015/03/11 00:52:42 | 000,000,000 | ---D | M] -- C:\Users\Augusto Siergert\AppData\Roaming\PLM.PLM
      [2015/03/11 00:15:48 | 000,000,000 | ---D | M] -- C:\Users\Augusto Siergert\AppData\Roaming\PLMPT3VENTAS
      [2015/05/28 21:35:49 | 000,000,000 | ---D | M] -- C:\Users\Augusto Siergert\AppData\Roaming\uTorrent

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2014/01/24 01:19:21 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
      [2014/02/12 00:50:19 | 000,000,426 | ---- | M] () -- C:\AVScanner.ini
      [2015/05/28 21:29:09 | 2361,802,752 | -HS- | M] () -- C:\hiberfil.sys
      [2015/05/28 21:29:15 | 3149,074,432 | -HS- | M] () -- C:\pagefile.sys
      [2014/01/15 19:42:40 | 000,608,032 | ---- | M] (McAfee, Inc.) -- C:\SecurityScanner.dll
      [2015/05/13 20:46:12 | 000,413,838 | ---- | M] () -- C:\TDSSKiller.3.0.0.44_13.05.2015_20.43.22_log.txt
      [2015/05/13 20:51:10 | 000,211,460 | ---- | M] () -- C:\TDSSKiller.3.0.0.44_13.05.2015_20.48.17_log.txt
      [2015/05/13 20:58:43 | 000,721,592 | ---- | M] () -- C:\TDSSKiller.3.0.0.44_13.05.2015_20.54.16_log.txt

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:373E1720
      @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D1B5B4F1

      < End of report >

    10. #10
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.877

      re: Avast me genera un mensaje cada minuto, no puedo eliminar el virus

      Hola de Nuevo




      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación


      :Otl
      PRC - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe ()
      PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe ()
      PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
      MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll ()
      MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe ()
      MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll ()
      SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
      DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
      [2013/06/17 20:40:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Extensions
      [2015/05/12 22:03:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles\extensions
      [2015/05/12 22:07:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
      [2015/05/12 22:03:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles\extensions\searchplugins
      [2015/05/22 20:22:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles\2plz62tw.default\extensions
      [2013/11/03 22:12:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles2plz62tw.default\extensions
      [2013/11/03 22:12:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\Firefox\Profiles2plz62tw.default\extensions\staged
      [2013/05/28 11:09:42 | 000,197,611 | ---- | M] () (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected]
      [2012/07/31 06:59:18 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected]
      [2013/02/11 05:58:00 | 000,214,122 | ---- | M] () (No name found) -- C:\Users\Augusto Siergert\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected]
      [2015/05/28 20:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
      [2015/05/23 19:50:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      [2015/05/10 23:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\extensions
      [2015/05/10 23:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\extensions\[email protected]
      [2015/05/10 23:42:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions
      [2015/05/10 23:44:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      CHR - Extension: No name found = C:\Users\Augusto Siergert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\
      CHR - Extension: No name found = C:\Users\Augusto Siergert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
      CHR - Extension: No name found = C:\Users\Augusto Siergert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
      O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O4 - HKLM..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe ()
      O4 - HKCU..\Run: [ChicaPasswordManager] "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned File not found
      O4 - HKCU..\Run: [Facebook Update] C:\Users\Augusto Siergert\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKCU..\Run: [uTorrent] C:\Users\Augusto Siergert\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
      O33 - MountPoints2\{231a8ef1-00d3-11e4-b96c-001f16e70cfb}\Shell - "" = AutoRun
      O33 - MountPoints2\{231a8ef1-00d3-11e4-b96c-001f16e70cfb}\Shell\AutoRun\command - "" = F:\SISetup.exe
      O33 - MountPoints2\{3aa68d23-0a93-11e2-9a79-001f16e70cfb}\Shell - "" = AutoRun
      O33 - MountPoints2\{3aa68d23-0a93-11e2-9a79-001f16e70cfb}\Shell\AutoRun\command - "" = F:\setup.exe -a
      O33 - MountPoints2\{cb141794-9ea9-11e3-b065-001f16e70cfb}\Shell - "" = AutoRun
      O33 - MountPoints2\{cb141794-9ea9-11e3-b065-001f16e70cfb}\Shell\AutoRun\command - "" = G:\SISetup.exe
      O33 - MountPoints2\{d7c38277-b5b1-11e3-b162-001f16e70cfb}\Shell - "" = AutoRun
      O33 - MountPoints2\{d7c38277-b5b1-11e3-b162-001f16e70cfb}\Shell\AutoRun\command - "" = G:\SISetup.exe
      @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:373E1720
      @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D1B5B4F1
      :Files
      C:\Program Files (x86)\RealNetworks\RealDownloader
      ipconfig /flushdns /c
      ipconfig /renew /c
      :Commands
      [PURITY]
      [EMPTYTEMP]
      [EMPTYFLASH]
      [RESETHOSTS]

      Presioná el Boton Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.





      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    Página 1 de 2 12 ÚltimoÚltimo