• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 11

    Virus Windows 10

    ...

    1. #1
      Usuario Avatar de cloudx5
      Registrado
      dic 2017
      Ubicación
      Rep. Dom.
      Mensajes
      6

      Virus Windows 10

      Buenas,

      Hace un tiempo conseguí eliminar (o eso creo) un virus de mi computadora que hacía que a parte de muy lenta, me mostrara anuncios indeseados.

      Sin embargo, sigue estando algo lenta, pensé que era hasta normal y no lo tomé en cuenta hasta que Chrome me salta con una alerta de un malware en esta carpeta file:///C:/program%20files%20(x86)/doghtcerqesh/, lo cual viendo en internet era un virus.

      Me quiero asegurar de eliminar todo el virus posible de mi computadora para que corra de manera óptima y deje de topar el 100% de uso de disco.

      ¿Alguien podría ayudarme?

      Gracias.

    2. #2
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.354

      Re: Virus Windows 10

      Hola cloudx5


      Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

      1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

      • Realiza un Análisis Completo, actualizando si te lo pide.
      • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
      • En el apartado del manual "Historial" >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.



      2) Descargar Junkware Removal Tool

      • Desactiva temporalmente el Antivirus
      • Ejecuta JRT.exe, (en Windows 7 u 8 ejecutar como "Administrador")
      • Presiona cualquier tecla para continuar y espera pacientemente a que termine su proceso.
      • Al finalizar, un registro (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próximo mensaje de respuesta



      3) Descarga >> AdwCleaner | InfoSpyware en el escritorio.

      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Cierra también todos los programas que tengas abiertos.
      • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botónLimpiar.
      • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistemaAceptas.
      • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
      • El informe también se puede encontrar en "C:\AdwCleaner\AdwCleaner[C1].txt"



      4) Descarga CCleaner

      • Instala Ccleaner
      • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador
      • clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad
      • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.


      Pega los reportes de Malwarebytes, AdwCleaner y JRT y comentas como va el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de cloudx5
      Registrado
      dic 2017
      Ubicación
      Rep. Dom.
      Mensajes
      6

      Re: Virus Windows 10

      No puedo abrir MalwareBytes, dice "Esta aplicación ha sido bloqueada para protegerte." Sin embargo, ya lo tengo instalado.

      ¿Envío solo los reportes de los otros programas?

    4. #4
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.354

      Re: Virus Windows 10

      Hola

      Cita Originalmente publicado por cloudx5 Ver Mensaje
      ¿Envío solo los reportes de los otros programas?
      Si, pon los demás reportes y comenta como sigue el problema inicial.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de cloudx5
      Registrado
      dic 2017
      Ubicación
      Rep. Dom.
      Mensajes
      6

      Re: Virus Windows 10

      Me acabo de dar cuenta de que me da el mismo mensaje al abrir los otros programas, ¿será el virus capaz de hacer eso?

      Ayuda.

      Gracias.

    6. #6
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.354

      Re: Virus Windows 10

      Hola

      Desde el botón de Inicio escribe Centro de seguridad de Windows Defender busca Control de aplicaciones y cambia todas las opciones a Advertir, luego comprueba si puedes realizar los pasos.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de cloudx5
      Registrado
      dic 2017
      Ubicación
      Rep. Dom.
      Mensajes
      6

      Re: Virus Windows 10

      Muchísimas gracias, aquí tengo los resultados de:

      ------JRT

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 10 Home x64
      Ran by isaac (Administrator) on 26/12/2017 at 12:47:25.77
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 2

      Successfully deleted: C:\ProgramData\productdata (Folder)
      Successfully deleted: C:\WINDOWS\SysWOW64\findit.xml (File)



      Registry: 4

      Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar (Registry Value)
      Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\SearchAssistant (Registry Value)
      Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchUrl\\Default (Registry Value)
      Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0E7D8307-9E9D-40FA-A49C-DCE80C0EBF41} (Registry Key)




      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 26/12/2017 at 12:51:29.97
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      ------AdwCleaner

      # AdwCleaner 7.0.5.0 - Logfile created on Tue Dec 26 16:57:22 2017
      # Updated on 2017/29/11 by Malwarebytes
      # Database: 12-26-2017.1
      # Running on Windows 10 Home (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      Adware.Elex, C:\Users\isaac\AppData\Local\terana
      Adware.Elex, C:\Users\isaac\AppData\Local\VNASRE
      Adware.Elex, C:\Users\isaac\AppData\Local\CWASRE
      Adware.Elex, C:\Users\isaac\AppData\Local\CSHMDR
      Adware.Elex, C:\Users\isaac\AppData\Local\snare
      Adware.Ghokswa, C:\Users\INVITADO\AppData\Local\Footjane
      Adware.Ghokswa, C:\Users\isaac\AppData\Local\Footjane
      Adware.Ghokswa, C:\Users\isaac\AppData\Roaming\Footjane
      Adware.Ghokswa, C:\Users\Martin Gonzalez\AppData\Local\Footjane
      Adware.Ghokswa, C:\Users\INVITADO\AppData\Local\Birdjob
      Adware.Ghokswa, C:\Users\Martin Gonzalez\AppData\Local\Birdjob
      PUP.Optional.Legacy, C:\Users\isaac\AppData\Roaming\Firefox
      PUP.Optional.Legacy, C:\Users\Martin Gonzalez\AppData\Roaming\Firefox
      PUP.Optional.Legacy, C:\Program Files\Common Files\Noobzo
      PUP.Optional.Legacy, C:\Program Files (x86)\deskapp
      PUP.Optional.Linkury, C:\ProgramData\Ronzap
      PUP.Optional.Linkury, C:\ProgramData\Application Data\Ronzap
      PUP.Optional.Linkury, C:\Users\All Users\Ronzap
      PUP.Optional.Linkury, C:\ProgramData\Ronzaps
      PUP.Optional.Linkury, C:\ProgramData\Application Data\Ronzaps
      PUP.Optional.Linkury, C:\Users\All Users\Ronzaps


      ***** [ Files ] *****

      PUP.Optional.Legacy, C:\Windows\rsrcs.dll
      PUP.Optional.Legacy, C:\Users\isaac\AppData\Roaming\agent.dat
      PUP.Optional.Legacy, C:\Users\isaac\AppData\Roaming\Main.dat
      PUP.Optional.Legacy, C:\Users\isaac\AppData\Roaming\InstallationConfiguration.xml
      PUP.Optional.Legacy, C:\Users\isaac\AppData\Roaming\Installer.dat
      PUP.Optional.Legacy, C:\Users\isaac\AppData\Roaming\noah.dat
      PUP.Optional.Legacy, C:\Users\isaac\AppData\Roaming\Config.xml
      PUP.Optional.Legacy, C:\Users\isaac\AppData\Roaming\md.xml
      PUP.Optional.Legacy, C:\Users\All Users\Documents\report.dat
      PUP.Optional.Legacy, C:\Users\Public\Documents\report.dat
      PUP.Optional.Legacy, C:\Users\All Users\Documents\temp.dat
      PUP.Optional.Legacy, C:\Users\Public\Documents\temp.dat
      PUP.Optional.Legacy, C:\ProgramData\Apple\Apple Application Support\Support.dll
      PUP.Optional.Legacy, C:\Users\INVITADO\AppData\Roaming\Mozilla\Firefox\Profiles\f1d1r9tx.default\searchplugins\luck.xml
      PUP.Optional.Legacy, C:\Users\Martin Gonzalez\AppData\Roaming\Mozilla\Firefox\Profiles\u5uslmb0.default\searchplugins\startpageing123.xml
      PUP.Optional.Legacy, C:\Users\Martin Gonzalez\AppData\Roaming\Mozilla\Firefox\Profiles\u5uslmb0.default\searchplugins\luck.xml
      PUP.Optional.MyWebShield, C:\Windows\SysNative\drivers\mwescontroller.sys
      PUP.Optional.SpyHunter, C:\Users\isaac\Downloads\SpyHunter-Installer.exe
      PUP.Optional.Goobzo.BITSRST, C:\Windows\SysNative\bi3.exe


      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      Adware.Elex, Windows-PG
      PUP.Optional.Legacy, Microsoft\Windows\Multimedia\Manager
      PUP.Optional.SafeFinder, hostTask


      ***** [ Registry ] *****

      Adware.Elex, [Key] - HKLM\SOFTWARE\jhdbca
      Adware.Elex, [Key] - HKU\.DEFAULT\Software\jhdbca
      Adware.Elex, [Key] - HKU\S-1-5-18\Software\jhdbca
      Adware.Elex, [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
      Adware.Elex, [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\deskapp
      Adware.Elex, [Key] - HKCU\Software\deskapp
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Adware.Ghokswa, [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\Footjane
      Adware.Ghokswa, [Key] - HKCU\Software\Footjane
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\b`nl{y
      PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\b`nl{y
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\b`nl{y
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{3E0DB45B-9FCC-4064-B48C-080BD03A99A4}
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{C81BED3B-31BD-491F-813D-78EFC2638CE1}
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
      PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      PUP.Optional.SafeFinder, [Value] - HKCU\Environment | SNF
      PUP.Optional.SafeFinder, [Value] - HKCU\Environment | SNP
      PUP.Optional.BitCoinMiner, [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\isMiner
      PUP.Optional.BitCoinMiner, [Key] - HKCU\Software\isMiner
      PUP.Optional.ScreenShot, [Key] - HKLM\SOFTWARE\ScreenShot
      PUP.Optional.Linkury.ACMB1, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      PUP.Optional.Linkury.ACMB1, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      PUP.Optional.Linkury.ACMB1, [Value] - HKCU\Environment | SNF
      PUP.Optional.Linkury.ACMB1, [Value] - HKCU\Environment | SNP
      Adware.FileTour, [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\Installer
      Adware.FileTour, [Key] - HKCU\Software\Installer
      PUP.Optional.StartPage.ShrtCln, [Key] - HKLM\SOFTWARE\startpageing123Software
      PUP.Optional.Linkury, [Key] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RONZAP.EXE


      ***** [ Firefox (and derivatives) ] *****

      PUP.Optional.xRocketToolbar, Plugin found: xRocket Toolbar - Jason Bourne


      ***** [ Chromium (and derivatives) ] *****

      PUP.Optional.22ChromeEXT, Plugin found: User-Agent Switcher for Chrome -

      /!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271


      *************************

      C:/AdwCleaner/AdwCleaner[S0].txt - [11617 B] - [2017/6/8 14:19:12]
      C:/AdwCleaner/AdwCleaner[S1].txt - [11661 B] - [2017/6/8 14:53:48]


      ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########

    8. #8
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      25.354

      Re: Virus Windows 10

      Hola

      El reporte de AdwCleaner es del escaneo, presionaste después en limpiar? Si no es así lo vuelves a ejecutar.

      Falta el reporte de Malwarebytes, lo has podido utilizar?

      No olvides comentar como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de cloudx5
      Registrado
      dic 2017
      Ubicación
      Rep. Dom.
      Mensajes
      6

      Re: Virus Windows 10

      # AdwCleaner 7.0.6.0 - Logfile created on Wed Dec 27 03:31:42 2017
      # Updated on 2017/21/12 by Malwarebytes
      # Running on Windows 10 Home (X64)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      Deleted: C:\Users\isaac\AppData\Local\terana
      Deleted: C:\Users\isaac\AppData\Local\VNASRE
      Deleted: C:\Users\isaac\AppData\Local\CWASRE
      Deleted: C:\Users\isaac\AppData\Local\CSHMDR
      Deleted: C:\Users\isaac\AppData\Local\snare
      Deleted: C:\Users\INVITADO\AppData\Local\Footjane
      Deleted: C:\Users\isaac\AppData\Local\Footjane
      Deleted: C:\Users\isaac\AppData\Roaming\Footjane
      Deleted: C:\Users\Martin Gonzalez\AppData\Local\Footjane
      Deleted: C:\Users\INVITADO\AppData\Local\Birdjob
      Deleted: C:\Users\Martin Gonzalez\AppData\Local\Birdjob
      Deleted: C:\Users\isaac\AppData\Roaming\\Firefox
      Deleted: C:\Users\Martin Gonzalez\AppData\Roaming\\Firefox
      Deleted: C:\Program Files\Common Files\Noobzo
      Deleted: C:\Program Files (x86)\deskapp
      Deleted: C:\ProgramData\Ronzap
      Deleted: C:\ProgramData\Application Data\Ronzap
      Deleted: C:\Users\All Users\Ronzap
      Deleted: C:\ProgramData\Ronzaps
      Deleted: C:\ProgramData\Application Data\Ronzaps
      Deleted: C:\Users\All Users\Ronzaps


      ***** [ Files ] *****

      Deleted: C:\Windows\\rsrcs.dll
      Deleted: C:\Users\isaac\AppData\Roaming\\agent.dat
      Deleted: C:\Users\isaac\AppData\Roaming\Main.dat
      Deleted: C:\Users\isaac\AppData\Roaming\\InstallationConfiguration.xml
      Deleted: C:\Users\isaac\AppData\Roaming\\Installer.dat
      Deleted: C:\Users\isaac\AppData\Roaming\\noah.dat
      Deleted: C:\Users\isaac\AppData\Roaming\\Config.xml
      Deleted: C:\Users\isaac\AppData\Roaming\\md.xml
      Deleted: C:\Users\All Users\Documents\\report.dat
      Deleted: C:\Users\Public\Documents\\report.dat
      Deleted: C:\Users\All Users\Documents\\temp.dat
      Deleted: C:\Users\Public\Documents\\temp.dat
      Deleted: C:\ProgramData\Apple\Apple Application Support\\Support.dll
      Deleted: C:\Users\INVITADO\AppData\Roaming\Mozilla\Firefox\Profiles\f1d1r9tx.default\searchplugins\luck.xml
      Deleted: C:\Users\Martin Gonzalez\AppData\Roaming\Mozilla\Firefox\Profiles\u5uslmb0.default\searchplugins\startpageing123.xml
      Deleted: C:\Users\Martin Gonzalez\AppData\Roaming\Mozilla\Firefox\Profiles\u5uslmb0.default\searchplugins\luck.xml
      Deleted: C:\Windows\SysNative\drivers\mwescontroller.sys
      Deleted: C:\Users\isaac\Downloads\SpyHunter-Installer.exe
      Deleted: C:\Windows\SysNative\bi3.exe


      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      Deleted: Windows-PG
      Deleted: Microsoft\Windows\Multimedia\Manager
      Deleted: hostTask


      ***** [ Registry ] *****

      Deleted: [Key] - HKLM\SOFTWARE\jhdbca
      Deleted: [Key] - HKU\.DEFAULT\Software\jhdbca
      Deleted: [Key] - HKU\S-1-5-18\Software\jhdbca
      Deleted: [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
      Deleted: [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\deskapp
      Deleted: [Key] - HKCU\Software\deskapp
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\Footjane
      Deleted: [Key] - HKCU\Software\Footjane
      Deleted: [Key] - HKLM\SOFTWARE\b`nl{y
      Deleted: [Key] - HKU\.DEFAULT\Software\b`nl{y
      Deleted: [Key] - HKU\S-1-5-18\Software\b`nl{y
      Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{3E0DB45B-9FCC-4064-B48C-080BD03A99A4}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{C81BED3B-31BD-491F-813D-78EFC2638CE1}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Value] - HKCU\Environment|SNF
      Deleted: [Value] - HKCU\Environment|SNP
      Deleted: [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\isMiner
      Deleted: [Key] - HKCU\Software\isMiner
      Deleted: [Key] - HKLM\SOFTWARE\ScreenShot
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Value] - HKCU\Environment|SNF
      Deleted: [Value] - HKCU\Environment|SNP
      Deleted: [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\Installer
      Deleted: [Key] - HKCU\Software\Installer
      Deleted: [Key] - HKLM\SOFTWARE\startpageing123Software
      Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RONZAP.EXE


      ***** [ Firefox (and derivatives) ] *****

      Plugin deleted: xRocket Toolbar - Jason Bourne


      ***** [ Chromium (and derivatives) ] *****

      Plugin deleted: User-Agent Switcher for Chrome -


      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[S0].txt - [11617 B] - [2017/6/8 14:19:12]
      C:/AdwCleaner/AdwCleaner[S1].txt - [11661 B] - [2017/6/8 14:53:48]
      C:/AdwCleaner/AdwCleaner[S2].txt - [7289 B] - [2017/12/26 16:57:22]
      C:/AdwCleaner/AdwCleaner[S3].txt - [7358 B] - [2017/12/27 3:17:9]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

    10. #10
      Usuario Avatar de cloudx5
      Registrado
      dic 2017
      Ubicación
      Rep. Dom.
      Mensajes
      6

      Re: Virus Windows 10

      # AdwCleaner 7.0.6.0 - Logfile created on Wed Dec 27 03:31:42 2017
      # Updated on 2017/21/12 by Malwarebytes
      # Running on Windows 10 Home (X64)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      Deleted: C:\Users\isaac\AppData\Local\terana
      Deleted: C:\Users\isaac\AppData\Local\VNASRE
      Deleted: C:\Users\isaac\AppData\Local\CWASRE
      Deleted: C:\Users\isaac\AppData\Local\CSHMDR
      Deleted: C:\Users\isaac\AppData\Local\snare
      Deleted: C:\Users\INVITADO\AppData\Local\Footjane
      Deleted: C:\Users\isaac\AppData\Local\Footjane
      Deleted: C:\Users\isaac\AppData\Roaming\Footjane
      Deleted: C:\Users\Martin Gonzalez\AppData\Local\Footjane
      Deleted: C:\Users\INVITADO\AppData\Local\Birdjob
      Deleted: C:\Users\Martin Gonzalez\AppData\Local\Birdjob
      Deleted: C:\Users\isaac\AppData\Roaming\\Firefox
      Deleted: C:\Users\Martin Gonzalez\AppData\Roaming\\Firefox
      Deleted: C:\Program Files\Common Files\Noobzo
      Deleted: C:\Program Files (x86)\deskapp
      Deleted: C:\ProgramData\Ronzap
      Deleted: C:\ProgramData\Application Data\Ronzap
      Deleted: C:\Users\All Users\Ronzap
      Deleted: C:\ProgramData\Ronzaps
      Deleted: C:\ProgramData\Application Data\Ronzaps
      Deleted: C:\Users\All Users\Ronzaps


      ***** [ Files ] *****

      Deleted: C:\Windows\\rsrcs.dll
      Deleted: C:\Users\isaac\AppData\Roaming\\agent.dat
      Deleted: C:\Users\isaac\AppData\Roaming\Main.dat
      Deleted: C:\Users\isaac\AppData\Roaming\\InstallationConfiguration.xml
      Deleted: C:\Users\isaac\AppData\Roaming\\Installer.dat
      Deleted: C:\Users\isaac\AppData\Roaming\\noah.dat
      Deleted: C:\Users\isaac\AppData\Roaming\\Config.xml
      Deleted: C:\Users\isaac\AppData\Roaming\\md.xml
      Deleted: C:\Users\All Users\Documents\\report.dat
      Deleted: C:\Users\Public\Documents\\report.dat
      Deleted: C:\Users\All Users\Documents\\temp.dat
      Deleted: C:\Users\Public\Documents\\temp.dat
      Deleted: C:\ProgramData\Apple\Apple Application Support\\Support.dll
      Deleted: C:\Users\INVITADO\AppData\Roaming\Mozilla\Firefox\Profiles\f1d1r9tx.default\searchplugins\luck.xml
      Deleted: C:\Users\Martin Gonzalez\AppData\Roaming\Mozilla\Firefox\Profiles\u5uslmb0.default\searchplugins\startpageing123.xml
      Deleted: C:\Users\Martin Gonzalez\AppData\Roaming\Mozilla\Firefox\Profiles\u5uslmb0.default\searchplugins\luck.xml
      Deleted: C:\Windows\SysNative\drivers\mwescontroller.sys
      Deleted: C:\Users\isaac\Downloads\SpyHunter-Installer.exe
      Deleted: C:\Windows\SysNative\bi3.exe


      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      Deleted: Windows-PG
      Deleted: Microsoft\Windows\Multimedia\Manager
      Deleted: hostTask


      ***** [ Registry ] *****

      Deleted: [Key] - HKLM\SOFTWARE\jhdbca
      Deleted: [Key] - HKU\.DEFAULT\Software\jhdbca
      Deleted: [Key] - HKU\S-1-5-18\Software\jhdbca
      Deleted: [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
      Deleted: [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\deskapp
      Deleted: [Key] - HKCU\Software\deskapp
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\Footjane
      Deleted: [Key] - HKCU\Software\Footjane
      Deleted: [Key] - HKLM\SOFTWARE\b`nl{y
      Deleted: [Key] - HKU\.DEFAULT\Software\b`nl{y
      Deleted: [Key] - HKU\S-1-5-18\Software\b`nl{y
      Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{3E0DB45B-9FCC-4064-B48C-080BD03A99A4}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{C81BED3B-31BD-491F-813D-78EFC2638CE1}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Value] - HKCU\Environment|SNF
      Deleted: [Value] - HKCU\Environment|SNP
      Deleted: [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\isMiner
      Deleted: [Key] - HKCU\Software\isMiner
      Deleted: [Key] - HKLM\SOFTWARE\ScreenShot
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Deleted: [Value] - HKCU\Environment|SNF
      Deleted: [Value] - HKCU\Environment|SNP
      Deleted: [Key] - HKU\S-1-5-21-3850515685-1168504035-4146528610-1003\Software\Installer
      Deleted: [Key] - HKCU\Software\Installer
      Deleted: [Key] - HKLM\SOFTWARE\startpageing123Software
      Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RONZAP.EXE


      ***** [ Firefox (and derivatives) ] *****

      Plugin deleted: xRocket Toolbar - Jason Bourne


      ***** [ Chromium (and derivatives) ] *****

      Plugin deleted: User-Agent Switcher for Chrome -


      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[S0].txt - [11617 B] - [2017/6/8 14:19:12]
      C:/AdwCleaner/AdwCleaner[S1].txt - [11661 B] - [2017/6/8 14:53:48]
      C:/AdwCleaner/AdwCleaner[S2].txt - [7289 B] - [2017/12/26 16:57:22]
      C:/AdwCleaner/AdwCleaner[S3].txt - [7358 B] - [2017/12/27 3:17:9]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

    Página 1 de 2 12 ÚltimoÚltimo