Espero que te sirva.
saludos
ms, 3-9-2015
[quote="Renata"]Buenas tardes, agradecida por su apoyo y sintiéndome liberada de tanto bicho.
Lo primero fue pasar el limpiador, me detectó 8 virus, archivos dañados y muchas cosas malas en el pc. Después pasé descargué el antivirus BULA-Shopos, lo dejé escaneando mientras salí a almorzar y ahora, al regresar, encuentro el pc como una sedita, suave, terso y vivo. Pude desinstalar el BroBrowser de programas y por lo que veo, los problemas están superados.
Ahora mi pregunta es: ¿Puedo dejar el Shopos como mi antivirus único? o.. activo el que siempre he tenido.
Enviaré la MUESTRA que encontré en el archivo.
Mil y mil gracias, Dios les pague, ustedes son los aliados que necesitamos en cualquier parte del mundo.
Con todo cariño y gratitud, abrazo para toda la familia SATINFO y zona virus. Se los quiere mucho desde el otro lado del mundo.:D :roll: :D
Renata-
2015-09-03 16:57:07.047 Sophos Virus Removal Tool version 2.5.4
2015-09-03 16:57:07.047 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.
2015-09-03 16:57:07.047 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
2015-09-03 16:57:07.047 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64
2015-09-03 16:57:07.047 Checking for updates...
2015-09-03 16:57:10.542 Update progress: proxy server not available
2015-09-03 16:57:38.546 Option all = no
2015-09-03 16:57:38.546 Option recurse = yes
2015-09-03 16:57:38.546 Option archive = no
2015-09-03 16:57:38.546 Option service = yes
2015-09-03 16:57:38.546 Option confirm = yes
2015-09-03 16:57:38.546 Option sxl = yes
2015-09-03 16:57:38.546 Option max-data-age = 35
2015-09-03 16:57:38.546 Option EnableSafeClean = yes
2015-09-03 16:57:40.590 Option vdl-logging = yes
2015-09-03 16:57:40.605 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-09-03 16:57:40.605 Machine ID: 8c1a3f8d20d2494f8086cb4dadaeb316
2015-09-03 16:57:40.605 Component SVRTcli.exe version 2.5.4
2015-09-03 16:57:40.605 Component control.dll version 2.5.4
2015-09-03 16:57:40.605 Component SVRTservice.exe version 2.5.4
2015-09-03 16:57:40.621 Component engine\osdp.dll version 1.44.1.2210
2015-09-03 16:57:40.621 Component engine\veex.dll version 3.61.0.2210
2015-09-03 16:57:40.621 Component engine\savi.dll version 8.1.8.2210
2015-09-03 16:57:40.621 Component rkdisk.dll version 1.5.30.0
2015-09-03 16:57:40.621 Version info: Product version 2.5.4
2015-09-03 16:57:40.621 Version info: Detection engine 3.61.0
2015-09-03 16:57:40.621 Version info: Detection data 5.18
2015-09-03 16:57:40.621 Version info: Build date 18/08/2015
2015-09-03 16:57:40.621 Version info: Data files added 292
2015-09-03 16:57:40.621 Version info: Last successful update (not yet updated)
2015-09-03 16:58:28.435 Downloading updates...
2015-09-03 16:58:28.454 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement SAVIW32 LATEST
2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement IDE519 LATEST
2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement IDE520 LATEST
2015-09-03 16:58:28.454 Update progress: [I49502] Found supplement IDE521 LATEST
2015-09-03 16:58:28.454 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2015-09-03 16:58:28.454 Update progress: [I19463] Syncing product SAVIW32 59
2015-09-03 16:58:34.509 Update progress: [I19463] Syncing product IDE519 196
2015-09-03 16:58:36.178 Installing updates...
2015-09-03 16:58:37.613 Error level 1
2015-09-03 16:58:37.880 Update progress: [I19463] Syncing product IDE520 98
2015-09-03 16:58:37.880 Update progress: [I19463] Syncing product IDE521 1
2015-09-03 16:59:08.529 Update successful
2015-09-03 16:59:34.509 Option all = no
2015-09-03 16:59:34.509 Option recurse = yes
2015-09-03 16:59:34.509 Option archive = no
2015-09-03 16:59:34.509 Option service = yes
2015-09-03 16:59:34.509 Option confirm = yes
2015-09-03 16:59:34.509 Option sxl = yes
2015-09-03 16:59:34.509 Option max-data-age = 35
2015-09-03 16:59:34.509 Option EnableSafeClean = yes
2015-09-03 16:59:34.619 Option vdl-logging = yes
2015-09-03 16:59:34.619 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-09-03 16:59:34.619 Machine ID: 8c1a3f8d20d2494f8086cb4dadaeb316
2015-09-03 16:59:34.635 Component SVRTcli.exe version 2.5.4
2015-09-03 16:59:34.635 Component control.dll version 2.5.4
2015-09-03 16:59:34.635 Component SVRTservice.exe version 2.5.4
2015-09-03 16:59:34.635 Component engine\osdp.dll version 1.44.1.2210
2015-09-03 16:59:34.635 Component engine\veex.dll version 3.61.0.2210
2015-09-03 16:59:34.635 Component engine\savi.dll version 8.1.8.2210
2015-09-03 16:59:34.635 Component rkdisk.dll version 1.5.30.0
2015-09-03 16:59:34.635 Version info: Product version 2.5.4
2015-09-03 16:59:34.635 Version info: Detection engine 3.61.0
2015-09-03 16:59:34.635 Version info: Detection data 5.18G
2015-09-03 16:59:34.635 Version info: Build date 18/08/2015
2015-09-03 16:59:34.635 Version info: Data files added 292
2015-09-03 16:59:34.635 Version info: Last successful update 03/09/2015 11:59:08 a.m.
2015-09-03 17:09:30.259 Could not open C:\hiberfil.sys
2015-09-03 17:09:32.552 Could not open C:\pagefile.sys
2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{4b770cf6-4115-11e5-aee9-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{4b770cfb-4115-11e5-aee9-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.174 Could not open C:\System Volume Information\{5fdb67c9-4b52-11e5-84dc-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{5fdb67ed-4b52-11e5-84dc-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300a9-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300ad-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300b1-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{61d300b5-4055-11e5-b720-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{6577b558-4102-11e5-8520-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{7c38d3f7-5259-11e5-9300-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{9785b60c-4100-11e5-895f-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:20:49.190 Could not open C:\System Volume Information\{e974c966-4b50-11e5-9974-4c72b99d1b2c}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-09-03 17:21:03.636 >>> Virus 'Troj/Inject-BFS' found in file C:\Users\AlvaroNiño\AppData\Local\2050601dsisetup20545952.exe
2015-09-03 17:21:03.636 >>> Virus 'Troj/Inject-BFS' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2015-09-03 17:21:03.636 >>> Virus 'Troj/Inject-BFS' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2015-09-03 17:22:29.010 Could not open C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Current Session
2015-09-03 17:22:29.010 Could not open C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
2015-09-03 17:22:29.057 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)
2015-09-03 17:22:32.832 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\GCM Store\LOCK (virus scan failed)
2015-09-03 17:22:33.222 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh\LOCK (virus scan failed)
2015-09-03 17:22:35.017 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOCK (virus scan failed)
2015-09-03 17:22:35.049 Could not check C:\Users\AlvaroNiño\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)
2015-09-03 17:26:39.926 Could not check C:\Users\AlvaroNiño\Pictures\FOTOS Yuyo\Pausas power point\Pausa Agosto 2004.ppt (corrupt)
2015-09-03 17:37:08.902 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2015-09-03 17:37:08.902 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2015-09-03 17:37:16.911 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2015-09-03 17:37:16.911 Could not open C:\Windows\System32\config\RegBack\SAM
2015-09-03 17:37:16.911 Could not open C:\Windows\System32\config\RegBack\SECURITY
2015-09-03 17:37:16.926 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2015-09-03 17:37:16.926 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2015-09-03 18:05:58.346 The following items will be cleaned up:
2015-09-03 18:05:58.346 Troj/Inject-BFS
2015-09-03 18:18:47.381 Threat 'Troj/Inject-BFS' has been cleaned up.
2015-09-03 18:18:47.397 File "C:\Users\AlvaroNiño\AppData\Local\2050601dsisetup20545952.exe" belongs to 'Troj/Inject-BFS'.
2015-09-03 18:18:47.397 File "C:\Users\AlvaroNiño\AppData\Local\2050601dsisetup20545952.exe" has been cleaned up.
2015-09-03 18:18:47.397 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" belongs to 'Troj/Inject-BFS'.
2015-09-03 18:18:47.397 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" has been cleaned up.
2015-09-03 18:18:47.397 Removal successful
2015-09-03 18:18:47.459 Contents of SafeClean bin directory:
2015-09-03 18:18:47.459 {
2015-09-03 18:18:47.459 RecordID : "0000000000000001",
2015-09-03 18:18:47.459 ItemType : "1",
2015-09-03 18:18:47.459 Location : "C:\Users\AlvaroNiño\AppData\Local\",
2015-09-03 18:18:47.459 FileName : "2050601dsisetup20545952.exe",
2015-09-03 18:18:47.459 ThreatName : "Troj/Inject-BFS",
2015-09-03 18:18:47.459 Checksum : "a32d53c5558c207584b977ebc89e768e9345fad3eb87d0d2ea34faee02d87fd1",
2015-09-03 18:18:47.459 TimeStamp : "Thu Sep 03 13:18:34 2015"
2015-09-03 18:18:47.459 }
2015-09-03 18:18:48.582 Error level 0[/quote]
[quote="flacoroo"]aparte de la sugerencia que te dio MSC, haz lo siguiente, vamos a ver ahora que bicho hace eso:
baja este programa, lo ejecutas y nos pegas el resultado de log que se crea en C:[url=http://www.zonavirus.com/descargas/sproces.asp]Sproces [/url]
saludos[/quote]
[quote]Pues prueba lo que indican en este video: (despues de la publicidad, claro !)http://www.youtube.com/watch?v=Y9jDX7pcwPY
Espero que te sirva.
saludos
ms, 3-9-2015[/quote]