Computadora lenta (csrss.exe)

Responder
Pcsur2014
Mensajes: 19
Registrado: 14 Ene 2015, 15:26

Computadora lenta (csrss.exe)

Mensaje por Pcsur2014 » 02 Ago 2015, 17:07

tanto el equipo de un cliente como el mio. se hallan lento.

investigando..la posible causa debe ser este proceso csrss.exe



aqui les dejo las imagenes...



[url=http://www.imagebam.com/image/ddaad9425940198][img]http://thumbnails114.imagebam.com/42595/ddaad9425940198.jpg[/img][/url]





[url=http://www.imagebam.com/image/12397e425940316][img]http://thumbnails105.imagebam.com/42595/12397e425940316.jpg[/img][/url]



que pudiera hacer? alguien lo ha solucionado?

el equipo comienza con 23% de uso de memoria ram..

y poco a poco va a incrementando hasta llegar el 70% del uso de memoria ram





-------------------------------------------------------------------------------------------------------------------

(2-8-2015 14:02:03 (GMT))

EliStartPage v32.83 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 31 de Julio del 2015)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.0)

Usuario: pcsur

ID de Usuario: S-1-5-21-4081950201-1990186299-235548268-1000

Cadenas Víricas: 24294



Lista de Acciones (por Acción Directa):

Eliminadas las Paginas de Inicio y de Busqueda del IE

Eliminados Ficheros Temporales del IE



(2-8-2015 14:07:41 (GMT))

EliStartPage v32.83 (c)2015 S.G.H. / Satinfo S.L. (Actualizado el 31 de Julio del 2015)

--------------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.0)

Usuario: pcsur

ID de Usuario: S-1-5-21-4081950201-1990186299-235548268-1000

Cadenas Víricas: 24294



Lista de Acciones (por Exploración):

Explorando "C:\"



Nº Total de Directorios: 13436

Nº Total de Ficheros: 82344

Nº de Ficheros Analizados: 23661

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0





-------------------------------------------------------------------------------------------------------------------



(2-8-2015 14:23:59 GMT)

SProces v8.6 (c)2015 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Windows 7 Ultimate (v6.1)

Internet Explorer: (v8.0.7600.16385) 0

Equipo: PCSUR-PC

Usuario: pcsur

Sesión de Usuario: pcsur



80 Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\CSRSS.EXE

C:\WINDOWS\SYSTEM32\WININIT.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\WINDOWS\SYSTEM32\LSM.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\ASCSERVICE.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\TRUSTEER\RAPPORT\BIN\RAPPORTMGMTSERVICE.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\AUDIODG.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\DWM.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\SYSTEM32\TASKHOST.EXE

C:\PROGRAM FILES\SKYPE\TOOLBARS\AUTOUPDATE\SKYPEC2CAUTOUPDATESVC.EXE

C:\PROGRAM FILES\SKYPE\TOOLBARS\PNRSVC\SKYPEC2CPNRSVC.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\MONITOR.EXE

C:\PROGRAM FILES\VMWARE\VMWARE WORKSTATION\VMWARE-TRAY.EXE

C:\PROGRAM FILES\DELLTPAD\APOINT.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\UPDATE\1.3.28.1\GOOGLECRASHHANDLER.EXE

C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE

C:\PROGRAMDATA\DIGITEL 3G\ONLINEUPDATE\OUC.EXE

C:\PROGRAMDATA\DATACARDSERVICE\HWDEVICESERVICE.EXE

C:\PROGRAMDATA\DATACARDSERVICE\DCSHELPER.EXE

C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE15\POWERPNT.EXE

C:\PROGRAM FILES\BURNAWARE PRO RETAIL BY MINIMAL\NMSACCESSU.EXE

C:\PROGRAM FILES\TRUSTEER\RAPPORT\BIN\RAPPORTSERVICE.EXE

C:\WINDOWS\SYSTEM32\VIAKARAOKESRV.EXE

C:\WINDOWS\SYSTEM32\VMNAT.EXE

C:\WINDOWS\SYSTEM32\VMNETDHCP.EXE

C:\PROGRAM FILES\COMMON FILES\VMWARE\USB\VMWARE-USBARBITRATOR.EXE

C:\PROGRAM FILES\VMWARE\VMWARE WORKSTATION\VMWARE-AUTHD.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE

C:\WINDOWS\SPEECH\COMMON\SAPISVR.EXE

C:\PROGRAM FILES\DELLTPAD\APMSGFWD.EXE

C:\PROGRAM FILES\INTERNET DOWNLOAD MANAGER\IDMAN.EXE

C:\PROGRAM FILES\DELLTPAD\HIDFIND.EXE

C:\PROGRAM FILES\DELLTPAD\APNTEX.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE

C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\ASCTRAY.EXE

C:\PROGRAM FILES\INTERNET DOWNLOAD MANAGER\IEMONITOR.EXE

C:\PROGRAM FILES\IOBIT\IOBIT UNINSTALLER\UNINSTALLMONITOR.EXE

C:\WINDOWS\SYSTEM32\SPPSVC.EXE

C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\REALTIMEPROTECTOR.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAMDATA\DATACARDSERVICE\DCSHELPER.EXE

C:\PROGRAM FILES\DIGITEL 3G\DIGITEL 3G.EXE

C:\WINDOWS\SYSTEM32\WUDFHOST.EXE

C:\WINDOWS\SYSTEM32\TASKMGR.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\PROGRAM FILES\IOBIT\IOBIT UNINSTALLER\IOBITUNINSTALER.EXE

C:\WINDOWS\EXPLORER.EXE

C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE15\WINWORD.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\USERS\PCSUR\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE

C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE

C:\WINDOWS\EXPLORER.EXE

C:\USERS\PCSUR\DOWNLOADS\COMPRESSED\SPROCES\SPROCES.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL

O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL

O4 - HKCU\..\Run: [Google Update] "C:\Users\pcsur\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO

O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup

O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [*LABAL*]

O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"

O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio Local')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio Local')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')

O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105

O8 - Extra context menu item: Descargar con IDM - C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Program Files\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (HKLM)

O9 - Extra button: Complemento Hacer clic para llamar de Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (HKLM)

O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (HKLM)

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (HKLM)

O17 - HKLM\System\CCS\Services\Tcpip\..\{C22C70C0-F0EB-48D0-B432-1210A0B8E7C8}: NameServer = 190.121.224.3 190.121.224.4

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (no file)



Información Adicional:

----------------------

Acceso Rapido ('pcsur'): BurnAware Professional.lnk = C:\Program Files\BurnAware Pro Retail by minimaL\burnaware.exe

Acceso Rapido ('pcsur'): Google Chrome.lnk = C:\Users\pcsur\AppData\Local\Google\Chrome\Application\chrome.exe

Acceso Rapido ('pcsur'): Launch Internet Explorer Browser.lnk = C:\Program Files\Internet Explorer\iexplore.exe

Acceso Rapido ('pcsur'): Shows Desktop.lnk =

Acceso Rapido ('pcsur'): Window Switcher.lnk =

Acceso Rapido ('pcsur'): Your Uninstaller! 2008.lnk = C:\Program Files\Your Uninstaller 2008\uruninstaller.exe

Ext.Google Chrome. ('pcsur') Id: aohghmighlieiainnegkcijnfilokake

Ext.Google Chrome. ('pcsur') Id: apdfllckaahabafndbhieahigkjlhalf

Ext.Google Chrome. ('pcsur') Id: bbjllphbppobebmjpjcijfbakobcheof

Ext.Google Chrome. ('pcsur') Id: blpcfgokakmgnkcojhhkbfbldkacnbeo

Ext.Google Chrome. ('pcsur') Id: cfhdojbkjhnklbpkdaibdccddilifddb

Ext.Google Chrome. ('pcsur') Id: coobgpohoikkiipiblmjeljniedjpjpf

Ext.Google Chrome. ('pcsur') Id: lccekmodgklaepjeofjdjpbminllajkg

Ext.Google Chrome. ('pcsur') Id: lifbcibllhkdhoafpjfnlhfpfgnpldfl C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx

Ext.Google Chrome. ('pcsur') Id: ngpampappnmepgilojfohadhhmbhlaek C:\Program Files\Internet Download Manager\IDMGCExt.crx

Ext.Google Chrome. ('pcsur') Id: nmmhkkegccagdldgiimedpiccmgmieda

Ext.Google Chrome. ('pcsur') Id: pjkljhegncpnkpknbcohdijeoejaedia

DataBases Google Chrome. ('pcsur'): Databases.db

Tarea Programada: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4081950201-1990186299-235548268-1000Core.job

Tarea Programada: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4081950201-1990186299-235548268-1000UA.job

Tarea Programada: C:\WINDOWS\Tasks\ParetoLogic Registration3.job

Tarea Programada: C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job

Tarea Programada: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe

O23 - Service: DIGITEL. OUC (DIGITEL. RunOuc) - Unknown owner - C:\Program Files\DIGITEL 3G\UpdateDog\ouc.exe

O23 - Service: VMware hcmon (hcmon) - VMware, Inc. - C:\Windows\system32\drivers\hcmon.sys

O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe

O23 - Service: IDMWFP - Tonec Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\idmwfp.sys

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\BurnAware Pro Retail by minimaL\nmsaccessu.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\viakaraokesrv.exe

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

O23 - Service: VMware Bridge Protocol (VMnetBridge) - VMware, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetbridge.sys

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe

O23 - Service: VMware Network Application Interface (VMnetuserif) - VMware, Inc. - C:\Windows\system32\drivers\vmnetuserif.sys

O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe

O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml (file missing)

O23 - Service: VMware vmx86 (vmx86) - VMware, Inc. - C:\Windows\system32\Drivers\vmx86.sys

O23 - Service: Vstor2 MntApi 1.0 Driver (shared) (vstor2-mntapi10-shared) - VMware, Inc. - C:\WINDOWS\SYSTEM32\drivers\vstor2-mntapi10-shared.sys



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: adp94xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adp94xx.sys

O23 - Service: adpahci - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpahci.sys

O23 - Service: adpu320 - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\adpu320.sys

O23 - Service: aic78xx - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\djsvs.sys

O23 - Service: aliide - Acer Laboratories Inc. - C:\WINDOWS\system32\DRIVERS\aliide.sys

O23 - Service: amdsata - Advanced Micro Devices - C:\WINDOWS\system32\DRIVERS\amdsata.sys

O23 - Service: amdsbs - AMD Technologies Inc. - C:\WINDOWS\system32\DRIVERS\amdsbs.sys

O23 - Service: Alps Touch Pad Filter Driver for Windows x86 (ApfiltrService) - Alps Electric Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys

O23 - Service: arc - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arc.sys

O23 - Service: arcsas - Adaptec, Inc. - C:\WINDOWS\system32\DRIVERS\arcsas.sys

O23 - Service: Broadcom NetXtreme II VBD (b06bdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\bxvbdx.sys

O23 - Service: Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 (b57nd60x) - Broadcom Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\b57nd60x.sys

O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys

O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - Brother Industries, Ltd. - C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys

O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\Brserid.sys

O23 - Service: Brother WDM Serial driver (BrSerWdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrSerWdm.sys

O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbMdm.sys

O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - Brother Industries Ltd. - C:\WINDOWS\System32\Drivers\BrUsbSer.sys

O23 - Service: cmdide - CMD Technology, Inc. - C:\WINDOWS\system32\DRIVERS\cmdide.sys

O23 - Service: Broadcom NetXtreme II 10 GigE VBD (ebdrv) - Broadcom Corporation - C:\WINDOWS\system32\DRIVERS\evbdx.sys

O23 - Service: elxstor - Emulex - C:\WINDOWS\system32\DRIVERS\elxstor.sys

O23 - Service: Huawei MobileBroadband USB PNP Device (ew_hwusbdev) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ew_hwusbdev.sys

O23 - Service: huawei_CompositeFilter (ew_usbenumfilter) - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ew_usbenumfilter.sys

O23 - Service: Hauppauge Consumer Infrared Receiver (hcw85cir) - Hauppauge Computer Works, Inc. - C:\WINDOWS\system32\drivers\hcw85cir.sys

O23 - Service: HpSAMD - Hewlett-Packard Company - C:\WINDOWS\system32\DRIVERS\HpSAMD.sys

O23 - Service: huawei_cdcacm - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ew_jucdcacm.sys

O23 - Service: huawei_enumerator - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ew_jubusenum.sys

O23 - Service: huawei_ext_ctrl - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ew_juextctrl.sys

O23 - Service: huawei_wwanecm - Huawei Technologies Co., Ltd. - C:\WINDOWS\SYSTEM32\DRIVERS\ew_juwwanecm.sys

O23 - Service: iaStorV - Intel Corporation - C:\WINDOWS\system32\DRIVERS\iaStorV.sys

O23 - Service: igfx - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\igdkmd32.sys

O23 - Service: iirsp - Intel Corp./ICP vortex GmbH - C:\WINDOWS\system32\DRIVERS\iirsp.sys

O23 - Service: Intel 28F320C3 Flash Update Device Driver v6.4 (int0800) - Intel Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\flashud.sys

O23 - Service: LSI_FC - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_fc.sys

O23 - Service: LSI_SAS - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas.sys

O23 - Service: LSI_SAS2 - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_sas2.sys

O23 - Service: LSI_SCSI - LSI Corporation - C:\WINDOWS\system32\DRIVERS\lsi_scsi.sys

O23 - Service: megasas - LSI Corporation - C:\WINDOWS\system32\DRIVERS\megasas.sys

O23 - Service: MegaSR - LSI Corporation, Inc. - C:\WINDOWS\system32\DRIVERS\MegaSR.sys

O23 - Service: nfrd960 - IBM Corporation - C:\WINDOWS\system32\DRIVERS\nfrd960.sys

O23 - Service: nvraid - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvraid.sys

O23 - Service: nvstor - NVIDIA Corporation - C:\WINDOWS\system32\DRIVERS\nvstor.sys

O23 - Service: ql2300 - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql2300.sys

O23 - Service: ql40xx - QLogic Corporation - C:\WINDOWS\system32\DRIVERS\ql40xx.sys

O23 - Service: Realtek 8167 NT Driver (RTL8167) - Realtek - C:\WINDOWS\SYSTEM32\DRIVERS\Rt86win7.sys

O23 - Service: Nuvoton Serenum Filter Driver (Serenum) - Windows (R) Win 7 DDK provider - C:\WINDOWS\SYSTEM32\DRIVERS\nuvserenum.sys

O23 - Service: Nuvoton Serial driver (Serial) - Nuvoton Technology Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\nuvserial.sys

O23 - Service: SiSRaid2 - Silicon Integrated Systems Corp. - C:\WINDOWS\system32\DRIVERS\SiSRaid2.sys

O23 - Service: SiSRaid4 - Silicon Integrated Systems - C:\WINDOWS\system32\DRIVERS\sisraid4.sys

O23 - Service: stexstor - Promise Technology - C:\WINDOWS\system32\DRIVERS\stexstor.sys

O23 - Service: VIA High Definition Audio Driver Service (VIAHdAudAddService) - VIA Technologies, Inc. - C:\WINDOWS\SYSTEM32\drivers\viahduaa.sys

O23 - Service: viaide - VIA Technologies, Inc. - C:\WINDOWS\system32\DRIVERS\viaide.sys

O23 - Service: VMware Virtual Ethernet Adapter Driver (VMnetAdapter) - VMware, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\vmnetadapter.sys

O23 - Service: VMware USB Client Driver (vmusb) - VMware, Inc. - C:\WINDOWS\SYSTEM32\Drivers\vmusb.sys

O23 - Service: vsmraid - VIA Technologies Inc.,Ltd - C:\WINDOWS\system32\DRIVERS\vsmraid.sys



Listado de Servicios (Deshabilitados):

--------------------------------------



75 Servicios.

20 de Carga Automatica.

55 de Carga Manual.

0 Deshabilitados.



Listado de Programas Instalados:

--------------------------------

Adobe Flash Player ActiveX -> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin -> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Advanced SystemCare 8 -> "C:\Program Files\IObit\Advanced SystemCare 8\unins000.exe"

BurnAware Pro 2.3.2 Retail by minimaL -> "C:\Program Files\BurnAware Pro Retail by minimaL\unins000.exe"

CCleaner -> "C:\Program Files\CCleaner\uninst.exe"

DIGITEL 3G -> C:\Program Files\DIGITEL 3G\uninst.exe

Internet Download Manager -> C:\Program Files\Internet Download Manager\Uninstall.exe

Surfing Protection -> "C:\Program Files\IObit\Surfing Protection\unins000.exe"

IObit Uninstaller -> "C:\Program Files\IObit\IObit Uninstaller\UninstallDisplay.exe" uninstall_start

Mozilla Firefox 8.0.1 (x86 ru) -> C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Trusteer Seguridad Terminal -> msiexec /x{1DD81E7D-0D28-4ceb-87B2-C041A4FCB215} /lvx+ "C:\ProgramData\Trusteer\Rapport\logs\uninstall.log"

UltraISO Premium V9.33 -> "C:\Program Files\UltraISO\unins000.exe"

Unlocker 1.8.7 -> C:\Program Files\Unlocker\uninst.exe

VMware Workstation -> C:\ProgramData\VMware\VMware Workstation\Uninstaller\uninstall.exe -x -S "C:\ProgramData\VMware\VMware Workstation\Uninstaller\"

Compresor WinRAR -> C:\Program Files\Winrar\uninstall.exe

Your Uninstaller! 2008 Version 6.2 -> "C:\Program Files\Your Uninstaller 2008\unins000.exe"

tools-freebsd -> MsiExec.exe /X{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}

VMware Workstation -> MsiExec.exe /I{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}

tools-netware -> MsiExec.exe /X{197597A7-AD33-4898-9D8E-73066818B464}

Rapport -> MsiExec.exe /X{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}

Adobe Shockwave Player -> MsiExec.exe /X{211E8730-5681-49ED-BC6A-78C9F88E95F5}

7-Zip 9.20 -> MsiExec.exe /I{23170F69-40C1-2701-0920-000001000000}

Skype™ 7.7 -> MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}

LibreOffice 4.2 Help Pack (Spanish) -> MsiExec.exe /I{43C16345-54E2-408C-9E21-488A4FAFF42A}

Skype Click to Call -> MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701}

Microsoft Access MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0015-0C0A-0000-0000000FF1CE}

Microsoft Excel MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0016-0C0A-0000-0000000FF1CE}

Microsoft PowerPoint MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0018-0C0A-0000-0000000FF1CE}

Microsoft Publisher MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0019-0C0A-0000-0000000FF1CE}

Microsoft Outlook MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-001A-0C0A-0000-0000000FF1CE}

Microsoft Word MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-001B-0C0A-0000-0000000FF1CE}

Microsoft InfoPath MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0044-0C0A-0000-0000000FF1CE}

Microsoft DCF MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-0090-0C0A-0000-0000000FF1CE}

Microsoft OneNote MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-00A1-0C0A-0000-0000000FF1CE}

Microsoft Groove MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-00BA-0C0A-0000-0000000FF1CE}

Microsoft Lync MUI (Spanish) 2013 -> MsiExec.exe /X{90150000-012B-0C0A-0000-0000000FF1CE}

Dell Touchpad -> C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE

tools-solaris -> MsiExec.exe /X{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}

Adobe Reader X - Español -> MsiExec.exe /I{AC76BA86-7AD7-1034-7B44-AA0000000001}

tools-winPre2k -> MsiExec.exe /X{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}

LibreOffice 4.2.1.1 -> MsiExec.exe /I{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}

tools-linux -> MsiExec.exe /X{D102611A-6466-4101-A51D-51069303AC65}

tools-windows -> MsiExec.exe /X{FFD9383C-01D5-4897-A954-43AF599AED30}

Google Chrome -> "C:\Users\pcsur\AppData\Local\Google\Chrome\Application\44.0.2403.125\Installer\setup.exe" --uninstall --multi-install --chrome
Adjuntos
JWGKVSQ.VMX.Muestra EliStartPage v32.rar
esa muestra la tengo desde hace tiempo..cuando analize mi computadora con elistara..no se si eso servira de algo con este nuevo caso
(154.74 KiB) Descargado 251 veces

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Computadora lenta (csrss.exe)

Mensaje por msc hotline sat » 02 Ago 2015, 17:37

Pus si bien tiene dos procesos activos del csrss.exe , estan lanzados desde la carpeta de sistema, por lo cual lo mas normal es que sean del windows, pero otra cosa mucho mas importante es que aunque usa Windows 7, esta usando IE 8, totalmente obsoleto y que aun estando cargado de vulnerabilidades, Microsoft ya no parchea porque para esto hay actualmente las versiones de IE 9, 10 y 11 que lo han ido sustituyendo





Actualice su navegador que es lo que tiene mas debil !!!





Tras ello diganos el resultado, gracias



saludos



ms, 2-8-2015





[b]NOTA: Y la muestra que le pediamos nos enviara era propia de un CONFICKER, que si no ha eliminado aun, hagalo bajando el ELITRIITIP.EXE y lanzandolo ... [/b]



ms.

Pcsur2014
Mensajes: 19
Registrado: 14 Ene 2015, 15:26

Re: Computadora lenta (csrss.exe)

Mensaje por Pcsur2014 » 04 Ago 2015, 18:33

[attachment=5]TEST2.EXE.Muestra EliTriIP v7.rar[/attachment][attachment=5]TEST2.EXE.Muestra EliTriIP v7.rar[/attachment]ya actualize el internet explorer..lo actualize al 9



ya le pase el eliptri..detecto un gusano...







--------------------------------------------------------------------------------------------------------------

(4-8-2015 01:43:25 (GMT))

EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de Diciembre del 2014)

---------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.0)

Usuario: pcsur

ID de Usuario: S-1-5-21-4081950201-1990186299-235548268-1000

Cadenas Víricas: 1345



Lista de Acciones (por Acción Directa):

Por favor, envienos una muestra del fichero

C:\Muestras\TEST2.EXE.Muestra EliTriIP v7.98

a "virus@satinfo.es". Gracias.

C:\WINDOWS\SYSTEM32\TEST2.EXE --> Eliminado



(4-8-2015 02:03:51 (GMT))

EliTriIP v7.98 (c)2014 S.G.H. / Satinfo S.L. (Actualizado el 15 de Diciembre del 2014)

---------------------------------------------

Sistema Operativo: Windows 7 Ultimate (6.1.0)

Usuario: pcsur

ID de Usuario: S-1-5-21-4081950201-1990186299-235548268-1000

Cadenas Víricas: 1345



Lista de Acciones (por Exploración):

Explorando "C:\"



Nº Total de Directorios: 13923

Nº Total de Ficheros: 84525

Nº de Ficheros Analizados: 18552

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0





--------------------------------------------------------------------------------------------------------------



[url=http://www.imagebam.com/image/382529426387133][img]http://thumbnails113.imagebam.com/42639/382529426387133.jpg[/img][/url]



[url=http://www.imagebam.com/image/d5d5e6426387140][img]http://thumbnails113.imagebam.com/42639/d5d5e6426387140.jpg[/img][/url]



[url=http://www.imagebam.com/image/826b2b426387157][img]http://thumbnails114.imagebam.com/42639/826b2b426387157.jpg[/img][/url]



[url=http://www.imagebam.com/image/b3b013426387165][img]http://thumbnails113.imagebam.com/42639/b3b013426387165.jpg[/img][/url]



[url=http://www.imagebam.com/image/633a36426387175][img]http://thumbnails105.imagebam.com/42639/633a36426387175.jpg[/img][/url]





todavia persiste el problema...
Adjuntos
csrss posible virus 4.rar
verifique si esto es un virus....
(1.05 KiB) Descargado 219 veces
csrss posible virus 3.rar
verifique si esto es un virus....
(988 Bytes) Descargado 225 veces
csrss posible virus 2.rar
verifique si esto es un virus....
(2.65 KiB) Descargado 271 veces
csrss posible virus.rar
verifique si esto es un virus....
(2.58 KiB) Descargado 245 veces
TEST2.EXE.Muestra EliTriIP v7.rar
despues del analisis dee eliptrip detecto esto...
(318.24 KiB) Descargado 229 veces

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Computadora lenta (csrss.exe)

Mensaje por msc hotline sat » 04 Ago 2015, 20:23

Al parecer no se ha leido la forma de enviar las muestras...



https://foros.zonavirus.com/viewtopic.php?f=5&t=45334



Tan pronto se reciban las muestras, se analizaran e informara al respecto.



saludos



ms, 4-8-2015

Pcsur2014
Mensajes: 19
Registrado: 14 Ene 2015, 15:26

Re: Computadora lenta (csrss.exe)

Mensaje por Pcsur2014 » 05 Ago 2015, 08:27

ya envie las muestras. la contraseña es virus

Pcsur2014
Mensajes: 19
Registrado: 14 Ene 2015, 15:26

Re: Computadora lenta (csrss.exe)

Mensaje por Pcsur2014 » 05 Ago 2015, 09:03

[url=http://www.imagebam.com/image/a5e2ee426545418][img]http://thumbnails113.imagebam.com/42655/a5e2ee426545418.jpg[/img][/url]





[url=http://www.imagebam.com/image/56ea96426545432][img]http://thumbnails113.imagebam.com/42655/56ea96426545432.jpg[/img][/url]

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Computadora lenta (csrss.exe)

Mensaje por msc hotline sat » 05 Ago 2015, 12:37

Pues en cuanto los recibamos, los analizaremos e informaremos del resultado.



saludos



ms, 5-8-2015

Pcsur2014
Mensajes: 19
Registrado: 14 Ene 2015, 15:26

Re: Computadora lenta (csrss.exe)

Mensaje por Pcsur2014 » 05 Ago 2015, 19:57

No entiendo. ... pero ya recibio las muestras? pues ya se las envie

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Computadora lenta (csrss.exe)

Mensaje por msc hotline sat » 05 Ago 2015, 20:21

Durante este mes haceimos jornada intensiva de mañanas



En cuanto volvamos mañana al trabajo, esperamos que se hayan recibido para analizarlas e informar al respecto.



saludos



ms, 5-8-2015

Pcsur2014
Mensajes: 19
Registrado: 14 Ene 2015, 15:26

Re: Computadora lenta (csrss.exe)

Mensaje por Pcsur2014 » 07 Ago 2015, 21:53

le tengo buenas noticias..y una mala tambien.



empezemos con la buena noticia..



ya el equipo no presenta la lentitud de antes



le pase el adwarecleaner.. aqui esta el informe..





--------------------------------------------------------------------------------------------

C:\ProgramData\AVG Secure Search\Logger\logger.properties->C:\AdwCleaner\Quarantine\C\ProgramData\AVG Secure Search\Logger\logger.properties.vir

C:\ProgramData\AVG Secure Search\CrashReport\crash.avgdx->C:\AdwCleaner\Quarantine\C\ProgramData\AVG Secure Search\CrashReport\crash.avgdx.vir

C:\ProgramData\AVG Secure Search\ChromeExt\18.7.0.147\avg.crx->C:\AdwCleaner\Quarantine\C\ProgramData\AVG Secure Search\ChromeExt\18.7.0.147\avg.crx.vir

C:\ProgramData\AVG Secure Search\ChromeExt\18.7.0.147\background.js->C:\AdwCleaner\Quarantine\C\ProgramData\AVG Secure Search\ChromeExt\18.7.0.147\background.js.vir

C:\ProgramData\AVG Secure Search\ChromeExt\18.7.0.147\ExtensionTemplate.txt->C:\AdwCleaner\Quarantine\C\ProgramData\AVG Secure Search\ChromeExt\18.7.0.147\ExtensionTemplate.txt.vir

C:\ProgramData\AVG Secure Search\ChromeExt\18.7.0.147\newtab.js->C:\AdwCleaner\Quarantine\C\ProgramData\AVG Secure Search\ChromeExt\18.7.0.147\newtab.js.vir

C:\ProgramData\AVG Secure Search\ChromeExt\18.7.0.147\Chrome\content\js\background.js->C:\AdwCleaner\Quarantine\C\ProgramData\AVG Secure Search\ChromeExt\18.7.0.147\Chrome\content\js\background.js.vir

C:\ProgramData\ParetoLogic\UUS3\Master.xml->C:\AdwCleaner\Quarantine\C\ProgramData\ParetoLogic\UUS3\Master.xml.vir

C:\ProgramData\ParetoLogic\UUS3\Patch.xml->C:\AdwCleaner\Quarantine\C\ProgramData\ParetoLogic\UUS3\Patch.xml.vir

C:\ProgramData\ParetoLogic\UUS3\Update.xml->C:\AdwCleaner\Quarantine\C\ProgramData\ParetoLogic\UUS3\Update.xml.vir

C:\ProgramData\ParetoLogic\UUS3\PCHA\Database.xml->C:\AdwCleaner\Quarantine\C\ProgramData\ParetoLogic\UUS3\PCHA\Database.xml.vir

C:\ProgramData\ParetoLogic\UUS3\PCHA\Master.xml->C:\AdwCleaner\Quarantine\C\ProgramData\ParetoLogic\UUS3\PCHA\Master.xml.vir

C:\ProgramData\ParetoLogic\UUS3\PCHA\Patch.xml->C:\AdwCleaner\Quarantine\C\ProgramData\ParetoLogic\UUS3\PCHA\Patch.xml.vir

C:\ProgramData\ParetoLogic\UUS3\PCHA\Update.xml->C:\AdwCleaner\Quarantine\C\ProgramData\ParetoLogic\UUS3\PCHA\Update.xml.vir

C:\ProgramData\{53913056-b7c9-0dc3-5391-13056b7cc15a}\ewido anti-spyware 4.dat->C:\AdwCleaner\Quarantine\C\ProgramData\{53913056-b7c9-0dc3-5391-13056b7cc15a}\ewido anti-spyware 4.dat.vir

C:\Program Files\AVG Secure Search\about.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\about.gif.vir

C:\Program Files\AVG Secure Search\active-threats18.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\active-threats18.gif.vir

C:\Program Files\AVG Secure Search\AVG Secure Search->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\AVG Secure Search.vir

C:\Program Files\AVG Secure Search\AvgComponents.manifest->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\AvgComponents.manifest.vir

C:\Program Files\AVG Secure Search\avgMozXPCOM.js->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\avgMozXPCOM.js.vir

C:\Program Files\AVG Secure Search\BundleInstall.exe->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\BundleInstall.exe.vir

C:\Program Files\AVG Secure Search\BundleInstaller.ini->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\BundleInstaller.ini.vir

C:\Program Files\AVG Secure Search\calc.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\calc.gif.vir

C:\Program Files\AVG Secure Search\CleanHistory.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\CleanHistory.gif.vir

C:\Program Files\AVG Secure Search\configuration.xml->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\configuration.xml.vir

C:\Program Files\AVG Secure Search\crash.avgdx->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\crash.avgdx.vir

C:\Program Files\AVG Secure Search\current.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\current.gif.vir

C:\Program Files\AVG Secure Search\currently-safe18.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\currently-safe18.gif.vir

C:\Program Files\AVG Secure Search\data.zip->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\data.zip.vir

C:\Program Files\AVG Secure Search\EULA.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\EULA.gif.vir

C:\Program Files\AVG Secure Search\Facebook.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Facebook.gif.vir

C:\Program Files\AVG Secure Search\favicon.ico->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\favicon.ico.vir

C:\Program Files\AVG Secure Search\feedback.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\feedback.gif.vir

C:\Program Files\AVG Secure Search\help.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\help.gif.vir

C:\Program Files\AVG Secure Search\icon18.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\icon18.gif.vir

C:\Program Files\AVG Secure Search\labs.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\labs.gif.vir

C:\Program Files\AVG Secure Search\lip.exe->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\lip.exe.vir

C:\Program Files\AVG Secure Search\note.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\note.gif.vir

C:\Program Files\AVG Secure Search\privacy.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\privacy.gif.vir

C:\Program Files\AVG Secure Search\remote_configuration.xml->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\remote_configuration.xml.vir

C:\Program Files\AVG Secure Search\search.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\search.gif.vir

C:\Program Files\AVG Secure Search\setup.bmp->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\setup.bmp.vir

C:\Program Files\AVG Secure Search\surf-with-caution18.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\surf-with-caution18.gif.vir

C:\Program Files\AVG Secure Search\TBAPI.dll->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\TBAPI.dll.vir

C:\Program Files\AVG Secure Search\Uninstall.exe->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Uninstall.exe.vir

C:\Program Files\AVG Secure Search\uninstall.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\uninstall.gif.vir

C:\Program Files\AVG Secure Search\updating18.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\updating18.gif.vir

C:\Program Files\AVG Secure Search\vprot.exe->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\vprot.exe.vir

C:\Program Files\AVG Secure Search\weather.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\weather.gif.vir

C:\Program Files\AVG Secure Search\windows.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\windows.gif.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.5.1.min.js->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.5.1.min.js.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.8.1.min.js->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.8.1.min.js.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\JQueyExtensions.js->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\JQueyExtensions.js.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\uninstall_cp.css->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\uninstall_cp.css.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp.html.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp_step2.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp_step2.html.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp-bg.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp-bg.png.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp_logo.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp_logo.png.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\downBtn.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\downBtn.png.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\uninstall-bg.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\uninstall-bg.png.vir

C:\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\upBtn.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\upBtn.png.vir

C:\Program Files\AVG Secure Search\Licenses\CPOL license.txt->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Licenses\CPOL license.txt.vir

C:\Program Files\AVG Secure Search\Licenses\Encoding_decoding_base64.txt->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Licenses\Encoding_decoding_base64.txt.vir

C:\Program Files\AVG Secure Search\Licenses\hmac.txt->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Licenses\hmac.txt.vir

C:\Program Files\AVG Secure Search\Licenses\LICENSE-bsdiff.txt->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Licenses\LICENSE-bsdiff.txt.vir

C:\Program Files\AVG Secure Search\Licenses\LICENSE-bzip.txt->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Licenses\LICENSE-bzip.txt.vir

C:\Program Files\AVG Secure Search\Licenses\LICENSE-JasonCpp.txt->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Licenses\LICENSE-JasonCpp.txt.vir

C:\Program Files\AVG Secure Search\Licenses\LICENSE-MPL-NPAPI.txt->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Licenses\LICENSE-MPL-NPAPI.txt.vir

C:\Program Files\AVG Secure Search\Licenses\LICENSE-sparsehash.txt->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Licenses\LICENSE-sparsehash.txt.vir

C:\Program Files\AVG Secure Search\Licenses\Log4CPlus.txt->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Licenses\Log4CPlus.txt.vir

C:\Program Files\AVG Secure Search\Licenses\PassthruApp.txt->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Licenses\PassthruApp.txt.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp1.css->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp1.css.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp1.js->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp1.js.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp2.css->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp2.css.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp2.js->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp2.js.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp_step1.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp_step1.html.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp_step2.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\ie_dsp_step2.html.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\jquery-1.8.1.min.js->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\jquery-1.8.1.min.js.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\Images\arrow-up.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\Images\arrow-up.png.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\Images\arrow.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\Images\arrow.png.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\Images\avg_logo.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\Images\avg_logo.png.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\Images\box-bottom-small.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\Images\box-bottom-small.png.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\Images\box-bottom.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\Images\box-bottom.png.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\Images\box-middle.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\Images\box-middle.png.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\Images\box-top-small.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\Images\box-top-small.png.vir

C:\Program Files\AVG Secure Search\IeDspHelperRes\Images\box-top.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\IeDspHelperRes\Images\box-top.png.vir

C:\Program Files\AVG Secure Search\EnableHelperRes\EEImageHandler.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\EnableHelperRes\EEImageHandler.html.vir

C:\Program Files\AVG Secure Search\EnableHelperRes\Images\box_ie.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\EnableHelperRes\Images\box_ie.png.vir

C:\Program Files\AVG Secure Search\EnableHelperRes\Images\Thumbs.db->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\EnableHelperRes\Images\Thumbs.db.vir

C:\Program Files\AVG Secure Search\DSPDlg_IE\all.css->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\DSPDlg_IE\all.css.vir

C:\Program Files\AVG Secure Search\DSPDlg_IE\btn-ok2.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\DSPDlg_IE\btn-ok2.gif.vir

C:\Program Files\AVG Secure Search\DSPDlg_IE\downBtn.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\DSPDlg_IE\downBtn.png.vir

C:\Program Files\AVG Secure Search\DSPDlg_IE\DSPDlg_IE.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\DSPDlg_IE\DSPDlg_IE.html.vir

C:\Program Files\AVG Secure Search\DSPDlg_IE\logo2.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\DSPDlg_IE\logo2.png.vir

C:\Program Files\AVG Secure Search\DSPDlg_IE\Thumbs.db->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\DSPDlg_IE\Thumbs.db.vir

C:\Program Files\AVG Secure Search\DSPDlg_IE\upBtn.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\DSPDlg_IE\upBtn.png.vir

C:\Program Files\AVG Secure Search\ChromeRes\nt.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeRes\nt.html.vir

C:\Program Files\AVG Secure Search\ChromeRes\nt28_2.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeRes\nt28_2.html.vir

C:\Program Files\AVG Secure Search\ChromeRes\nt28_2.js->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeRes\nt28_2.js.vir

C:\Program Files\AVG Secure Search\ChromeRes\AVG Secure Search\nt28_2.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeRes\AVG Secure Search\nt28_2.html.vir

C:\Program Files\AVG Secure Search\ChromeRes\AVG SafeGuard toolbar\nt28_2.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeRes\AVG SafeGuard toolbar\nt28_2.html.vir

C:\Program Files\AVG Secure Search\ChromeRes\AVG Nation toolbar\nt28_2.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeRes\AVG Nation toolbar\nt28_2.html.vir

C:\Program Files\AVG Secure Search\ChromeGuardRes\avg_logo_medium.png->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeGuardRes\avg_logo_medium.png.vir

C:\Program Files\AVG Secure Search\ChromeGuardRes\cg.css->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeGuardRes\cg.css.vir

C:\Program Files\AVG Secure Search\ChromeGuardRes\cg.js->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeGuardRes\cg.js.vir

C:\Program Files\AVG Secure Search\ChromeGuardRes\ChromeGuadDsp.html->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeGuardRes\ChromeGuadDsp.html.vir

C:\Program Files\AVG Secure Search\ChromeGuardRes\jquery-1.8.1.min.js->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\ChromeGuardRes\jquery-1.8.1.min.js.vir

C:\Program Files\AVG Secure Search\Chrome\content\icons\bg_close.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Chrome\content\icons\bg_close.gif.vir

C:\Program Files\AVG Secure Search\Chrome\content\icons\bg_expand.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Chrome\content\icons\bg_expand.gif.vir

C:\Program Files\AVG Secure Search\Chrome\content\icons\bg_tooltip.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Chrome\content\icons\bg_tooltip.gif.vir

C:\Program Files\AVG Secure Search\Chrome\content\icons\bg_tracking.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Chrome\content\icons\bg_tracking.gif.vir

C:\Program Files\AVG Secure Search\Chrome\content\icons\bull4x4.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Chrome\content\icons\bull4x4.gif.vir

C:\Program Files\AVG Secure Search\Chrome\content\icons\divider.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Chrome\content\icons\divider.gif.vir

C:\Program Files\AVG Secure Search\Chrome\content\icons\innerBG_gradient.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Chrome\content\icons\innerBG_gradient.gif.vir

C:\Program Files\AVG Secure Search\Chrome\content\icons\loader.gif->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\Chrome\content\icons\loader.gif.vir

C:\Program Files\AVG Secure Search\18.7.0.147\AVG Secure Search_toolbar.dll->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\18.7.0.147\AVG Secure Search_toolbar.dll.vir

C:\Program Files\AVG Secure Search\18.7.0.147\install.ini->C:\AdwCleaner\Quarantine\C\Program Files\AVG Secure Search\18.7.0.147\install.ini.vir

C:\Program Files\Common Files\AVG Secure Search\InstalledProducts.ini->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\InstalledProducts.ini.vir

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\log4cplusU.dll->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\log4cplusU.dll.vir

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe.vir

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe.vir

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\updater.xml->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\updater.xml.vir

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\UpdaterConfig.ini->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\UpdaterConfig.ini.vir

C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.7.0\ViProtocol.dll->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.7.0\ViProtocol.dll.vir

C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\18.7.0\toolband->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\ToolBandTlb\18.7.0\toolband.vir

C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.7.0\SiteSafety.dll->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.7.0\SiteSafety.dll.vir

C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\18.7.0\manifest.json->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\18.7.0\manifest.json.vir

C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\18.7.0\ScriptHelper.exe->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\18.7.0\ScriptHelper.exe.vir

C:\Program Files\Common Files\AVG Secure Search\NativeBrowserApi\18.7.0\NativeBrowserApi.dll->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\NativeBrowserApi\18.7.0\NativeBrowserApi.dll.vir

C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\18.7.0\avgdttbx.dll->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\AVG Secure Search\DNTInstaller\18.7.0\avgdttbx.dll.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\LiteUnzip.dll->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\LiteUnzip.dll.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\settings.xml->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\settings.xml.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\ad_generic.jpg->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\ad_generic.jpg.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\close.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\close.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\close_md.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\close_md.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\close_mo.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\close_mo.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\close_pu.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\close_pu.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\close_pu_md.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\close_pu_md.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\close_pu_mo.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\close_pu_mo.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\Logo.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\Logo.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\min.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\min.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\min_md.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\min_md.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\min_mo.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\min_mo.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\progress_glow.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\progress_glow.png.vir

C:\Program Files\Common Files\ParetoLogic\UUS3\Images\topbar_gradient.png->C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ParetoLogic\UUS3\Images\topbar_gradient.png.vir

C:\Users\pcsur\AppData\Local\AVG Secure Search\SiteSafety\l_2015_08_02_09_47_54.db->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\AVG Secure Search\SiteSafety\l_2015_08_02_09_47_54.db.vir

C:\Users\pcsur\AppData\Local\AVG Secure Search\DNT\dt.dat->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\AVG Secure Search\DNT\dt.dat.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\272512937d9e61a4.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\272512937d9e61a4.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\272512937d9e61a4__exp__1438620409->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\272512937d9e61a4__exp__1438620409.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\28bc8f716fd76a47.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\28bc8f716fd76a47.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\28bc8f716fd76a47__exp__1438620327->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\28bc8f716fd76a47__exp__1438620327.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\32c84fe32bb74d60.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\32c84fe32bb74d60.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\32c84fe32bb74d60__exp__1438620416->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\32c84fe32bb74d60__exp__1438620416.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\590ba23ce359fd0c.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\590ba23ce359fd0c.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\590ba23ce359fd0c__exp__1438620413->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\590ba23ce359fd0c__exp__1438620413.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\651c5d3cdbfb8bd1.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\651c5d3cdbfb8bd1.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\651c5d3cdbfb8bd1__exp__1438620400->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\651c5d3cdbfb8bd1__exp__1438620400.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\6c59ac5e7e7a3ad0.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\6c59ac5e7e7a3ad0.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\6c59ac5e7e7a3ad0__exp__1438620405->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\6c59ac5e7e7a3ad0__exp__1438620405.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\6d03dad1035885d3.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\6d03dad1035885d3.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\6d03dad1035885d3__exp__1438620426->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\6d03dad1035885d3__exp__1438620426.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\935ee77178548e84.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\935ee77178548e84.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\935ee77178548e84__exp__1438620353->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\935ee77178548e84__exp__1438620353.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\ad10a52aff5e038d.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\ad10a52aff5e038d.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\ad10a52aff5e038d__exp__1438620339->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\ad10a52aff5e038d__exp__1438620339.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c1fa887b03019701.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c1fa887b03019701.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c1fa887b03019701__exp__1438620423->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c1fa887b03019701__exp__1438620423.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c33fac5a53ab7024.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c33fac5a53ab7024.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c33fac5a53ab7024__exp__1438620322->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c33fac5a53ab7024__exp__1438620322.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c4d28dca2e7648be.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c4d28dca2e7648be.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c4d28dca2e7648be__exp__1438620391->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\c4d28dca2e7648be__exp__1438620391.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\d201ef9910cd39de.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\d201ef9910cd39de.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\d201ef9910cd39de__exp__1438620397->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\d201ef9910cd39de__exp__1438620397.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\f998975c9cc711ee.fb->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\f998975c9cc711ee.fb.vir

C:\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\f998975c9cc711ee__exp__1438620419->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\AVG Secure Search\cache\f998975c9cc711ee__exp__1438620419.vir

C:\Users\pcsur\AppData\LocalLow\Mail.Ru\GoMailRu.ico->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\LocalLow\Mail.Ru\GoMailRu.ico.vir

C:\Users\pcsur\AppData\Roaming\DriverCure\LogFile.txt->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Roaming\DriverCure\LogFile.txt.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\background.html->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\background.html.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\manifest.json->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\manifest.json.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgnpss.dll->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgnpss.dll.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgxpl.dll->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgxpl.dll.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\avgls-inline.js->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\avgls-inline.js.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\flyover.js->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\flyover.js.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\interstitial-block.html->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\interstitial-block.html.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\jquery-1.4.4.min.js->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\jquery-1.4.4.min.js.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\searchengine.js->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\searchengine.js.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\searchshield.js->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\searchshield.js.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\128x128.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\128x128.png.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\16x16.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\16x16.png.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\48x48.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\48x48.png.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\64x64.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\64x64.png.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_middle_gray.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_middle_gray.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_middle_green.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_middle_green.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_middle_orange.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_middle_orange.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_middle_red.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_middle_red.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_middle_yellow.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_middle_yellow.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_top_gray.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_top_gray.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_top_green.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_top_green.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_top_orange.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_top_orange.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_top_red.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_top_red.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_top_yellow.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\background_top_yellow.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\block-doc.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\block-doc.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\blocked.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\blocked.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\blocked12.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\blocked12.png.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_bottom_gray.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_bottom_gray.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_bottom_green.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_bottom_green.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_bottom_orange.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_bottom_orange.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_bottom_red.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_bottom_red.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_bottom_yellow.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_bottom_yellow.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_top_gray.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_top_gray.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_top_green.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_top_green.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_top_orange.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_top_orange.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_top_red.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_top_red.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_top_yellow.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\border_top_yellow.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\box_bottom_red.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\box_bottom_red.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\box_top_red.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\box_top_red.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\caution.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\caution.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\caution12.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\caution12.png.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\click_here_gray.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\click_here_gray.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\click_here_green.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\click_here_green.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\click_here_orange.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\click_here_orange.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\click_here_red.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\click_here_red.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\click_here_yellow.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\click_here_yellow.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\clock.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\clock.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\clock12.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\clock12.png.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_blocked.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_blocked.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_caution.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_caution.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_close.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_close.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_safe.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_safe.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_unknown.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_unknown.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_warning.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\icons_warning.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\LS_Logo_Results.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\LS_Logo_Results.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\safe.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\safe.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\safe12.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\safe12.png.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\unknown.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\unknown.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\vrsn-secured-lsfo.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\vrsn-secured-lsfo.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\warning.gif->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\warning.gif.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\warning12.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\content\Icons\warning12.png.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\manifest.json->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\manifest.json.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\_metadata\computed_hashes.json->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\_metadata\computed_hashes.json.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\_metadata\verified_contents.json->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\_metadata\verified_contents.json.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\js\background.js->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\js\background.js.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\icons\wticon128.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\icons\wticon128.png.vir

C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\icons\wticon19.png->C:\AdwCleaner\Quarantine\C\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\1.0.0.8_0\icons\wticon19.png.vir



---------------------------------------------------------------------------------------------------------------

# AdwCleaner v4.208 - Registro generado 04/08/2015 en 22:34:56

# Actualizado 09/07/2015 por Xplode

# Base de datos : 2015-07-09.2 [Local]

# Sistema operativo : Windows 7 Ultimate (x86)

# Nombre de usuario : pcsur - PCSUR-PC

# Ejecutado desde : C:\Users\pcsur\Downloads\Programs\adwcleaner_4.208.exe

# Opción : Escanear



***** [ Servicios ] *****



Servicio Encontrar : vToolbarUpdater18.7.0



***** [ Archivos / Carpetas ] *****



Carpeta Encontrar : C:\Program Files\AVG Secure Search

Carpeta Encontrar : C:\Program Files\Common Files\AVG Secure Search

Carpeta Encontrar : C:\Program Files\Common Files\ParetoLogic

Carpeta Encontrar : C:\ProgramData\{53913056-b7c9-0dc3-5391-13056b7cc15a}

Carpeta Encontrar : C:\ProgramData\AVG Secure Search

Carpeta Encontrar : C:\ProgramData\ParetoLogic

Carpeta Encontrar : C:\Users\pcsur\AppData\Local\AVG Secure Search

Carpeta Encontrar : C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Carpeta Encontrar : C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Carpeta Encontrar : C:\Users\pcsur\AppData\Local\Mail.Ru

Carpeta Encontrar : C:\Users\pcsur\AppData\LocalLow\AVG Secure Search

Carpeta Encontrar : C:\Users\pcsur\AppData\LocalLow\Mail.Ru

Carpeta Encontrar : C:\Users\pcsur\AppData\Roaming\DriverCure

Carpeta Encontrar : C:\Users\pcsur\AppData\Roaming\ParetoLogic



***** [ Tareas programadas... ] *****



Tarea Encontrado : paretologic registration3

Tarea Encontrado : paretologic update version3

Tarea Encontrado : ParetoLogic Update Version3 Startup Task



***** [ Accesos directos ] *****





***** [ Registro ] *****



Llave Encontrado : HKCU\Software\AVG Secure Search

Llave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10921475-03CE-4E04-90CE-E2E7EF20C814}

Llave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Llave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Llave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}

Llave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Llave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Llave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MailRuUpdater

Llave Encontrado : HKCU\Software\ParetoLogic

Llave Encontrado : HKLM\SOFTWARE\AVG Secure Search

Llave Encontrado : HKLM\SOFTWARE\AVG Security Toolbar

Llave Encontrado : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Llave Encontrado : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Llave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}

Llave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Llave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Llave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Llave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Llave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Llave Encontrado : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Llave Encontrado : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Llave Encontrado : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Llave Encontrado : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Llave Encontrado : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Llave Encontrado : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Llave Encontrado : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Llave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Llave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Llave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Llave Encontrado : HKLM\SOFTWARE\Classes\uus3url-pl

Llave Encontrado : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Llave Encontrado : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Llave Encontrado : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Llave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}

Llave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Llave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Llave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47

Llave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856

Llave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

Llave Encontrado : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Llave Encontrado : HKLM\SOFTWARE\ParetoLogic



***** [ Navegadores Web ] *****



-\\ Internet Explorer v9.0.8112.16669





-\\ Google Chrome v



[C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Web data] - Encontrado [Search Provider] : hxxp://www.softonic.com/s/{searchTerms}



*************************



AdwCleaner[R0].txt - [5801 bytes] - [04/08/2015 22:34:56]



########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5860 bytes] ##########



------------------------------------------------------------------------------------------------------------------

# AdwCleaner v4.208 - Registro generado 04/08/2015 en 22:36:19

# Actualizado 09/07/2015 por Xplode

# Base de datos : 2015-07-09.2 [Local]

# Sistema operativo : Windows 7 Ultimate (x86)

# Nombre de usuario : pcsur - PCSUR-PC

# Ejecutado desde : C:\Users\pcsur\Downloads\Programs\adwcleaner_4.208.exe

# Opción : Limpiar



***** [ Servicios ] *****



[#] Servicio Eliminar : vToolbarUpdater18.7.0



***** [ Archivos / Carpetas ] *****



Carpeta Eliminar : C:\ProgramData\AVG Secure Search

Carpeta Eliminar : C:\ProgramData\ParetoLogic

Carpeta Eliminar : C:\ProgramData\{53913056-b7c9-0dc3-5391-13056b7cc15a}

Carpeta Eliminar : C:\Program Files\AVG Secure Search

Carpeta Eliminar : C:\Program Files\Common Files\AVG Secure Search

Carpeta Eliminar : C:\Program Files\Common Files\ParetoLogic

Carpeta Eliminar : C:\Users\pcsur\AppData\Local\AVG Secure Search

Carpeta Eliminar : C:\Users\pcsur\AppData\Local\Mail.Ru

Carpeta Eliminar : C:\Users\pcsur\AppData\LocalLow\AVG Secure Search

Carpeta Eliminar : C:\Users\pcsur\AppData\LocalLow\Mail.Ru

Carpeta Eliminar : C:\Users\pcsur\AppData\Roaming\DriverCure

Carpeta Eliminar : C:\Users\pcsur\AppData\Roaming\ParetoLogic

Carpeta Eliminar : C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Carpeta Eliminar : C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof



***** [ Tareas programadas... ] *****



Tarea Eliminar : paretologic registration3

Tarea Eliminar : paretologic update version3

Tarea Eliminar : ParetoLogic Update Version3 Startup Task



***** [ Accesos directos ] *****





***** [ Registro ] *****



Llave Eliminar : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Llave Eliminar : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Llave Eliminar : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Llave Eliminar : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Llave Eliminar : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Llave Eliminar : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Llave Eliminar : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Llave Eliminar : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Llave Eliminar : HKLM\SOFTWARE\Classes\uus3url-pl

Llave Eliminar : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Llave Eliminar : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Llave Eliminar : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Llave Eliminar : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Llave Eliminar : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Llave Eliminar : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Llave Eliminar : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}

Llave Eliminar : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Llave Eliminar : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Llave Eliminar : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Llave Eliminar : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Llave Eliminar : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Llave Eliminar : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Llave Eliminar : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}

Llave Eliminar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Llave Eliminar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Llave Eliminar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}

Llave Eliminar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Llave Eliminar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Llave Eliminar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10921475-03CE-4E04-90CE-E2E7EF20C814}

Llave Eliminar : HKCU\Software\AVG Secure Search

Llave Eliminar : HKCU\Software\ParetoLogic

Llave Eliminar : HKLM\SOFTWARE\AVG Secure Search

Llave Eliminar : HKLM\SOFTWARE\AVG Security Toolbar

Llave Eliminar : HKLM\SOFTWARE\ParetoLogic

Llave Eliminar : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MailRuUpdater

Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47

Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856

Llave Eliminar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494



***** [ Navegadores Web ] *****



-\\ Internet Explorer v9.0.8112.16669





-\\ Google Chrome v



[C:\Users\pcsur\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminar [Search Provider] : hxxp://www.softonic.com/s/{searchTerms}



*************************



AdwCleaner[R0].txt - [5939 bytes] - [04/08/2015 22:34:56]

AdwCleaner[S0].txt - [5758 bytes] - [04/08/2015 22:36:19]



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5817 bytes] ##########





------------------------------------------------------------------------------------------------------------------





no se si debo enviarle todas esas muestras.....



segundo le pase.. el glary utilities 5



y por ultimo combofix



------------------------------------------------------------------------------------------------------------------

ComboFix 15-08-03.01 - pcsur 05/08/2015 3:09.1.2 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.58.3082.18.2038.1007 [GMT -4,5:30]

Running from: d:\programas utilizados\ComboFix.exe

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\InfoSat.txt

C:\Muestras

c:\muestras\aqui\crss 5.rar

c:\muestras\aqui\ubicacion.txt

c:\muestras\aqui\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd_csrss.exe_06529458

c:\muestras\crss posible virus 5.rar

c:\muestras\csrss posible virus 2.rar

c:\muestras\csrss posible virus 3.rar

c:\muestras\csrss posible virus 4.rar

c:\muestras\csrss posible virus.rar

c:\muestras\elitrip.txt

c:\muestras\Imagen2.jpg

c:\muestras\Imagen3.jpg

c:\muestras\Imagen4.jpg

c:\muestras\Imagen5.jpg

c:\muestras\Imagen6.jpg

c:\muestras\TEST2.EXE.Muestra EliTriIP v7.rar

.

.

((((((((((((((((((((((((( Files Created from 2015-07-05 to 2015-08-05 )))))))))))))))))))))))))))))))

.

.

2015-08-05 07:55 . 2015-08-05 07:55 -------- d-----w- c:\programdata\IDM

2015-08-05 07:19 . 2015-08-03 07:05 22816 ----a-w- c:\windows\system32\RegBootDefrag.exe

2015-08-05 07:16 . 2015-08-05 07:16 -------- d-----w- c:\programdata\GlarySoft

2015-08-05 07:14 . 2015-08-05 07:14 17472 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys

2015-08-05 07:14 . 2015-08-05 07:14 -------- d-----w- c:\program files\Glary Utilities 5

2015-08-05 06:28 . 2012-10-15 21:32 17840 ----a-w- c:\windows\system32\roboot.exe

2015-08-05 06:00 . 2015-08-05 06:00 -------- d-----w- c:\program files\VS Revo Group

2015-08-05 03:11 . 2015-08-05 03:18 -------- d-----w- c:\program files\Free Window Registry Repair

2015-08-05 03:04 . 2015-08-05 03:06 -------- d-----w- C:\AdwCleaner

2015-08-05 02:38 . 2015-08-05 02:40 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2015-08-05 02:37 . 2015-08-05 02:38 -------- d-----w- c:\program files\Malwarebytes Anti-Malware

2015-08-05 02:37 . 2015-08-05 02:37 -------- d-----w- c:\programdata\Malwarebytes

2015-08-05 02:37 . 2015-06-18 13:11 51928 ----a-w- c:\windows\system32\drivers\mwac.sys

2015-08-05 02:37 . 2015-06-18 13:11 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2015-08-05 02:37 . 2015-06-18 13:11 23256 ----a-w- c:\windows\system32\drivers\mbam.sys

2015-08-05 02:03 . 2015-08-05 02:04 -------- d-----w- c:\programdata\WinZip

2015-08-04 02:10 . 2015-08-04 02:10 -------- d-----w- c:\windows\system32\wbem\en-US

2015-08-04 01:17 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

2015-08-04 01:17 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

2015-08-04 01:17 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2015-08-04 01:17 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

2015-08-04 01:17 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

2015-08-04 01:17 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

2015-08-04 01:17 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

2015-08-04 01:17 . 2012-06-02 19:49 171904 ----a-w- c:\windows\system32\wuwebv.dll

2015-08-04 01:17 . 2012-06-02 19:42 33792 ----a-w- c:\windows\system32\wuapp.exe

2015-08-03 00:57 . 2015-08-03 00:57 -------- d-----w- C:\!KillBox

2015-08-02 17:40 . 2015-08-02 17:40 -------- d-----w- C:\$AVG

2015-08-02 16:42 . 2015-08-02 16:42 -------- d--h--w- c:\programdata\Common Files

2015-08-02 16:38 . 2015-08-05 07:35 -------- d-----w- c:\programdata\AVG10

2015-08-02 16:38 . 2015-08-05 02:50 -------- d-----w- c:\windows\system32\drivers\AVG

2015-08-02 16:36 . 2015-08-02 16:36 -------- d-----w- c:\program files\AVG

2015-08-02 16:10 . 2015-08-02 16:47 -------- d-----w- c:\programdata\MFAData

2015-08-02 04:02 . 2015-08-02 13:56 -------- d-----w- c:\programdata\Malwarebytes Anti-Exploit

2015-07-31 12:14 . 2015-08-02 13:56 -------- d-----w- c:\programdata\ProductData

2015-07-31 12:14 . 2015-08-05 07:35 -------- d-----w- c:\programdata\IObit

2015-07-31 12:14 . 2015-07-31 12:14 -------- d-----w- c:\program files\Common Files\IObit

2015-07-31 12:13 . 2015-08-05 07:32 -------- d-----w- c:\program files\IObit

2015-07-26 21:37 . 2015-07-26 21:37 -------- d-----w- c:\program files\Common Files\Skype

2015-07-26 21:37 . 2015-07-26 21:38 -------- d-----r- c:\program files\Skype

2015-07-26 21:37 . 2015-07-26 21:38 -------- d-----w- c:\programdata\Skype

2015-07-26 20:33 . 2015-07-26 20:33 -------- d-----w- c:\windows\Profiles

2015-07-26 20:33 . 2015-07-26 20:35 -------- d-----w- c:\program files\Your Uninstaller 2008

2015-07-26 17:58 . 2015-07-26 17:59 -------- d-----w- c:\program files\Internet Download Manager

2015-07-26 17:19 . 2015-07-26 17:19 -------- d-----w- c:\programdata\Guard.Mail.Ru

2015-07-26 02:02 . 2011-09-07 07:53 1814640 ----a-w- c:\windows\system32\drivers\viahduaa.sys

2015-07-26 02:02 . 2010-12-23 10:29 731648 ----a-w- c:\windows\system32\VMAPO32.DLL

2015-07-26 02:02 . 2010-12-23 10:29 47104 ----a-w- c:\windows\system32\VMPPLD32.DLL

2015-07-26 02:02 . 2010-10-26 16:54 63488 ----a-w- c:\windows\system32\VMWRP32.DLL

2015-07-26 02:02 . 2011-09-07 07:54 634480 ----a-w- c:\windows\system32\VIASysFx.dll

2015-07-26 02:02 . 2011-09-07 07:54 2283120 ----a-w- c:\windows\system32\VIAPropPageExt.dll

2015-07-26 02:02 . 2011-09-07 07:54 78960 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll

2015-07-26 02:02 . 2011-09-07 07:54 191600 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll

2015-07-26 02:02 . 2011-09-07 07:54 106608 ----a-w- c:\windows\system32\ViaKaraokePropPageExt.dll

2015-07-26 02:02 . 2011-09-07 07:53 1021552 ----a-w- c:\windows\system32\ViaKaraokeApo.dll

2015-07-26 02:02 . 2011-06-08 16:19 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll

2015-07-26 02:02 . 2011-09-07 07:54 27760 ----a-w- c:\windows\system32\ViakaraokeSrv.exe

2015-07-26 01:53 . 2015-07-26 01:53 -------- d-----w- c:\program files\7-Zip

2015-07-26 01:52 . 2015-07-26 01:52 -------- d-----w- c:\program files\DellTPad

2015-07-26 01:52 . 2011-05-25 19:50 305488 ----a-w- c:\windows\system32\drivers\Apfiltr.sys

2015-07-26 01:52 . 2009-07-13 21:27 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll

2015-07-26 01:52 . 2011-05-19 21:01 122104 ----a-w- c:\windows\system32\Vxdif.dll

2015-07-26 01:52 . 2007-05-01 19:21 14128 ----a-w- c:\windows\system32\drivers\vmmouse.sys

2015-07-20 03:14 . 2015-07-20 03:14 -------- d-----w- c:\users\Default\AppData\Local\Trusteer

2015-07-19 01:28 . 2015-07-19 01:28 -------- d-----w- c:\program files\Trusteer

2015-07-19 01:26 . 2015-07-19 01:26 -------- d-----w- c:\programdata\Trusteer

2015-07-19 00:54 . 2015-07-19 00:57 -------- d-----w- c:\programdata\Package Cache

2015-07-19 00:42 . 2012-03-23 00:29 4815872 ----a-w- c:\windows\system32\drivers\igdkmd32.sys

2015-07-19 00:41 . 2015-07-19 00:41 -------- d-----w- c:\windows\system32\SRSLabs

2015-07-19 00:41 . 2015-07-19 00:41 -------- d-----w- c:\program files\VIA

2015-07-19 00:39 . 2015-01-15 11:42 76872 ----a-w- c:\windows\system32\RtNicProp32.dll

2015-07-19 00:39 . 2015-01-15 11:42 723160 ----a-w- c:\windows\system32\drivers\Rt86win7.sys

2015-07-19 00:39 . 2015-01-15 11:42 100896 ----a-w- c:\windows\system32\RTNUninst32.dll

2015-07-19 00:38 . 2009-09-09 09:23 42496 ----a-w- c:\windows\system32\drivers\flashud.sys

2015-07-19 00:34 . 2012-07-06 16:59 63128 ----a-w- c:\windows\system32\vsocklib.dll

2015-07-19 00:34 . 2012-07-06 16:59 61296 ----a-w- c:\windows\system32\drivers\vsock.sys

2015-07-19 00:33 . 2012-08-15 19:48 357016 ----a-w- c:\windows\system32\vmnetdhcp.exe

2015-07-19 00:33 . 2012-08-15 19:47 435864 ----a-w- c:\windows\system32\vmnat.exe

2015-07-19 00:33 . 2012-08-15 19:48 25752 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys

2015-07-19 00:33 . 2012-08-15 19:48 779928 ----a-w- c:\windows\system32\vnetlib.dll

2015-07-19 00:32 . 2012-08-01 21:40 41496 ----a-w- c:\windows\system32\drivers\hcmon.sys

2015-07-19 00:30 . 2015-08-05 07:52 -------- d-----w- c:\programdata\VMware

2015-07-19 00:30 . 2015-07-19 00:32 -------- d-----w- c:\program files\Common Files\VMware

2015-07-19 00:30 . 2015-07-19 00:32 -------- d-----w- c:\program files\VMware

2015-07-19 00:22 . 2015-07-19 00:22 -------- d-----w- c:\program files\UltraISO

2015-07-19 00:22 . 2015-07-19 00:22 -------- d-----w- c:\program files\Common Files\EZB Systems

2015-07-19 00:19 . 2015-06-24 05:53 9252600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7229FA29-C5FA-49D8-BDF4-AD45B107467D}\mpengine.dll

2015-07-19 00:19 . 2015-06-23 17:57 246952 ------w- c:\windows\system32\MpSigStub.exe

2015-07-19 00:15 . 2015-07-19 00:15 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft

2015-07-19 00:14 . 2015-07-19 00:14 -------- d-----w- c:\windows\PCHEALTH

2015-07-19 00:14 . 2015-07-19 00:16 -------- d-----w- c:\program files\Microsoft.NET

2015-07-19 00:14 . 2015-07-19 00:16 -------- d-----w- c:\program files\Microsoft SQL Server

2015-07-19 00:11 . 2015-07-19 00:11 -------- d-----w- c:\program files\Microsoft Analysis Services

2015-07-19 00:11 . 2015-07-19 00:20 -------- d-----w- c:\programdata\Microsoft Help

2015-07-19 00:10 . 2015-07-19 00:10 -------- d-----r- C:\MSOCache

2015-07-19 00:05 . 2015-07-19 00:05 -------- d-----w- c:\program files\LibreOffice 4

2015-07-19 00:03 . 2015-02-28 15:21 3591680 ----a-w- c:\windows\system32\x264vfw.dll

2015-07-19 00:03 . 2015-02-24 22:37 240128 ----a-w- c:\windows\system32\xvidvfw.dll

2015-07-19 00:03 . 2015-02-24 22:37 655872 ----a-w- c:\windows\system32\xvidcore.dll

2015-07-19 00:03 . 2011-12-07 17:32 216064 ----a-w- c:\windows\system32\lagarith.dll

2015-07-19 00:03 . 2012-07-21 10:54 122880 ----a-w- c:\windows\system32\ac3acm.acm

2015-07-19 00:03 . 2015-04-15 18:00 112128 ----a-w- c:\windows\system32\ff_vfw.dll

2015-07-19 00:03 . 2015-07-19 00:03 -------- d-----w- c:\program files\K-Lite Codec Pack

2015-07-19 00:00 . 2015-07-19 00:00 -------- d-----w- c:\windows\system32\Macromed

2015-07-18 23:59 . 2008-02-22 04:40 25037 ----a-w- c:\windows\system32\Nucleus.dll

2015-07-18 23:59 . 2015-07-18 23:59 29480 ----a-w- c:\windows\system32\msxml3a.dll

2015-07-18 23:59 . 2015-07-18 23:59 505128 ----a-w- c:\windows\system32\msvcp71.dll

2015-07-18 23:59 . 2015-07-18 23:59 353576 ----a-w- c:\windows\system32\msvcr71.dll

2015-07-18 23:58 . 2015-07-18 23:58 -------- d-----w- c:\program files\CCleaner

2015-07-18 23:56 . 2004-05-04 16:23 1645320 ----a-w- c:\windows\system32\gdiplus.dll

2015-07-18 23:56 . 2015-07-18 23:56 -------- d-----w- c:\program files\BurnAware Pro Retail by minimaL

2015-07-18 23:55 . 2015-07-18 23:55 -------- d-----w- c:\program files\Common Files\Adobe

2015-07-18 23:55 . 2015-08-05 06:08 -------- d-sh--w- c:\windows\Installer

2015-07-18 23:53 . 2015-07-18 23:53 -------- d-----r- C:\Windows Activation Technologies

2015-07-18 23:50 . 2015-07-18 23:50 -------- d-----w- c:\programdata\DIGITEL 3G

2015-07-18 11:42 . 2015-08-05 01:56 -------- d-----w- c:\windows\system32\wbem\Performance

2015-07-18 05:58 . 2015-08-05 07:28 -------- d-----w- c:\windows\Panther

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2015-06-15 13:00 . 2015-06-15 13:00 68280 ----a-w- c:\windows\system32\drivers\RapportHades.sys

2015-06-15 13:00 . 2015-06-15 13:00 218264 ----a-w- c:\windows\system32\drivers\RapportKELL.sys

2015-05-20 12:55 . 2015-05-20 13:57 123968 ----a-w- c:\windows\system32\drivers\idmwfp.sys

2011-11-21 04:44 . 2015-07-26 01:54 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2010-11-19 . C3EB9EA34EBE459F13F3F890F56CE72A . 285696 . . [6.1.7600.16385] . . c:\windows\System32\winlogon.exe

[7] 2009-07-14 . 8EC6A4AB12B8F3759E21F8E3A388F2CF . 285696 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

.

[-] 2010-11-19 . CF97D64D7EC169C53C93B0A192218B29 . 812032 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll

[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]

@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"

[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]

2012-10-02 01:03 1720976 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]

@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"

[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]

2012-10-02 01:03 1720976 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]

@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"

[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]

2012-10-02 01:03 1720976 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]

@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"

[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]

2014-04-21 08:02 23008 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2015-05-20 3903056]

"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-03-13 5529880]

"GUDelayStartup"="c:\program files\Glary Utilities 5\StartupManager.exe" [2015-08-03 37152]

"Glary Memory Optimizer"="c:\program files\Glary Utilities 5\memdefrag.exe" [2015-08-03 122656]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

"NoSMConfigurePrograms"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-11-16 01:32 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-11-16 01:32 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]

2011-07-20 00:09 505720 ----a-w- c:\program files\DellTPad\Apoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner]

2015-03-13 11:10 5529880 ----a-w- c:\program files\CCleaner\CCleaner.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]

2015-03-13 11:10 5529880 ----a-w- c:\program files\CCleaner\CCleaner.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2015-07-18 23:51 116648 ----atw- c:\users\pcsur\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]

2015-05-20 13:56 3903056 ----a-w- c:\program files\Internet Download Manager\IDMan.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2015-07-18 19:19 53753984 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Speech Recognition]

2009-07-14 01:14 51712 ----a-w- c:\windows\Speech\Common\sapisvr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray.exe]

2012-08-15 19:48 104088 ----a-w- c:\program files\VMware\VMware Workstation\vmware-tray.exe

.

R2 DIGITEL. RunOuc;DIGITEL. OUC;c:\program files\DIGITEL 3G\UpdateDog\ouc.exe [2011-04-07 246112]

R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2015-07-31 2909472]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-06-26 327296]

R2 VMwareHostd;VMware Workstation Server;c:\program files\VMware\VMware Workstation\vmware-hostd.exe [2012-08-15 15680000]

R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]

R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]

R4 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

R4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]

R4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]

S0 RapportHades;RapportHades;c:\windows\System32\Drivers\RapportHades.sys [2015-06-15 68280]

S0 RapportKELL;RapportKELL;c:\windows\System32\Drivers\RapportKELL.sys [2015-06-15 218264]

S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2012-07-06 71152]

S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2012-07-06 61296]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2012-11-12 255968]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2014-11-04 299552]

S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys [2015-08-05 17472]

S1 RapportCerberus_1412112;RapportCerberus_1412112;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1412112.sys [2015-07-20 531416]

S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [2015-06-15 280088]

S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [2015-06-15 337176]

S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]

S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]

S2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [2011-03-14 271712]

S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-05-20 123968]

S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-06-15 2222360]

S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-09-07 27760]

S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2012-08-01 719512]

S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);c:\windows\system32\drivers\vstor2-mntapi10-shared.sys [2011-07-12 22768]

S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]

S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-09-09 89856]

S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-09-09 73984]

S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-09-09 26624]

S3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-12-02 190976]

S3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4;c:\windows\system32\DRIVERS\flashud.sys [2009-09-09 42496]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]

S3 RapportIaso;RapportIaso;c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys [2015-07-20 162584]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2015-01-15 723160]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-09-07 1814640]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - RAPPORTIASO

.

Contents of the 'Scheduled Tasks' folder

.

2015-08-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4081950201-1990186299-235548268-1000Core.job

- c:\users\pcsur\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-18 23:51]

.

2015-07-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4081950201-1990186299-235548268-1000UA.job

- c:\users\pcsur\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-18 23:51]

.

2015-08-02 c:\windows\Tasks\Open Chrome.job

- c:\users\pcsur\AppData\Local\Google\Chrome\Application\chrome.exe [2015-07-18 08:46]

.

.

------- Supplementary Scan -------

.

uStart Page = about:blank

mStart Page = about:blank

IE: &Enviar a OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105

IE: Descargar con IDM - c:\program files\Internet Download Manager\IEExt.htm

IE: Descargar con IDM todos los enlaces - c:\program files\Internet Download Manager\IEGetAll.htm

IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000

TCP: Interfaces\{C4AE97BD-C4E1-4E36-BB22-3C56BACE0FD7}: NameServer = 190.121.224.3 190.121.224.4

Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL

FF - ProfilePath -

.

.

------- File Associations -------

.

inifile=Notepad.exe "%1"

txtfile=Notepad.exe "%1"

.

- - - - ORPHANS REMOVED - - - -

.

MSConfigStartUp-Advanced SystemCare 8 - c:\program files\IObit\Advanced SystemCare 8\ASCTray.exe

MSConfigStartUp-AVG_TRAY - c:\program files\AVG\AVG10\avgtray.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-4081950201-1990186299-235548268-1000_Classes\CLSID\{29be36cf-5479-4819-a211-95df67ab1da4}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:000000d8

"Therad"=dword:0000000d

.

[HKEY_USERS\S-1-5-21-4081950201-1990186299-235548268-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"scansk"=hex(0):ff,03,23,7b,c7,6a,e3,db,dd,33,54,07,6c,25,39,4a,5b,55,25,45,aa,

2b,3c,a0,65,c2,a4,55,a3,5e,94,f7,d2,48,44,fa,58,d2,9d,43,00,00,00,00,00,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\AUDIODG.EXE

c:\windows\system32\taskhost.exe

c:\programdata\DIGITEL 3G\OnlineUpdate\ouc.exe

c:\programdata\DatacardService\DCSHelper.exe

c:\program files\DIGITEL 3G\DIGITEL 3G.exe

c:\program files\BurnAware Pro Retail by minimaL\nmsaccessu.exe

c:\windows\system32\vmnat.exe

c:\windows\system32\vmnetdhcp.exe

c:\program files\VMware\VMware Workstation\vmware-authd.exe

c:\program files\Microsoft Office\Office15\MsoSync.exe

c:\windows\system32\WUDFHost.exe

c:\program files\IObit\IObit Uninstaller\UninstallMonitor.exe

c:\windows\system32\conhost.exe

c:\program files\Glary Utilities 5\Integrator.exe

c:\windows\system32\sppsvc.exe

.

**************************************************************************

.

Completion time: 2015-08-05 03:29:29 - machine was rebooted

ComboFix-quarantined-files.txt 2015-08-05 07:59

.

Pre-Run: 65.536.688.128 bytes libres

Post-Run: 65.444.544.512 bytes libres

.

- - End Of File - - 37E73C9238BCBE5F1BA240518FE1D7ED

A36C5E4F47E84449FF07ED3517B43A31



------------------------------------------------------------------------------------------------------------------



ahora lo que necesito es como me pueden ayudar con estos dos rpocesos...



csrss.exe y winlogon.exe



[url=http://www.imagebam.com/image/b51b01427133684][img]http://thumbnails114.imagebam.com/42714/b51b01427133684.jpg[/img][/url]



en el laboratorio de computacion. abri el administrador de tareas.



y resulta que esos dos procesos (csrss.exe y winlogon.exe.. )aparecen..como

procesos que forma parte del sistema..



pero si observas bien en mi computador tambien aparecen..pero con la diferencia

que no me dice el nombre del usuario..en este caso pcsur... y la descripcion de dichos archivos..son los unicos procesos.. es probables que el malware que tenia corrompio esos archivos.. e incluso ya no tengo rastro de ese virus..pues la computadora esta rapida entre lo que cabe..ahora mi objetivo es .. hacer que el sistema me reconozca esos dos archivos..es decir...que aparezca con su nombre de usuario y descripcion..

Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:

Re: Computadora lenta (csrss.exe)

Mensaje por msc hotline sat » 08 Ago 2015, 10:21

Pues aunque vemos que en c:/muestras tenia muchos ficheros ara enviarnos, no hemos recibido ninguno, pero ya, tras lo indicado, puede borrar dicha carpeta y su contenido.



Y celebramos que haya solucionado el problema de la lentitud, tal como indica, posiblemente debido a corrupcion de ficheros csrssexe que inicialmente son del sistema, y habiendo abierto en paralelo otro Tema, damos por solucionado este y procedemos a cerrarlo



Saludos



ms, 8-8-2015

Responder

Volver a “Foro Virus - Cuentanos tu problema”