good afternoon everyone; i´ve caught a virus (maybe more than one ), detected by my Eset (smart 7) and sent to quarantine each time i turn on my computer.
the problem is i can´t eliminate them permanently…
leave u with a pic …
http://i58.tinypic.com/xbitsy.jpg
thanks…
Try this…
TFC - Temp file cleaner http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
Does that change anything?
if not, follow instructions in the guide Eddy gave link to and attach the requested logs
i´ll try this one and (in the meantime also using kaspersky recue ) … if not; i´ll come back again and do the largest process…
hope it works… thanks!
(in the meantime also using kaspersky recue )[b]NO[/b] .... follow instuctions in the guide Eddy posted if TFC does not work
report back
Hola Juan.
Por favor sigue las instrucciones dada por Eddy y Pondus
Primero ejecuta TFC: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/ si no resuelve tu problema, baja y ejecuta estos programas, los encuetras en la guia dada por Eddy; Malwarebytes’( MBAM ), Farbar Recovery Scan Tool, y aswMBR.exe y sus reportes los guardas y los anexas ( no copiar/pegar )
No ejecutes o analisis con nada mas que no se haya pedido.
ok , hago los pasos y comento… abrazo!
Done it. everything attached in order.
Just curious, why are you asking here for help while you are using Eset?
Don’t worry, we will try to help you.
I also see traces of Panda.
Do you have that installed as well (or did you had it installed)?
Let me know if this kills the alerts
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll () 2014-09-27 13:12 - 2014-09-27 13:12 - 00002992 _____ () C:\Windows\System32\Tasks\{DDBC7FD6-2C88-489B-82BC-C3DDF3479E35} 2014-09-27 13:12 - 2014-09-27 13:12 - 00002992 _____ () C:\Windows\System32\Tasks\{409E6C97-6BAA-47C9-BF04-F920D4E4E07E} AlternateDataStreams: C:\ProgramData\Microsoft:QeeXtw5oTbXgLI7IyKKrAzZl AlternateDataStreams: C:\ProgramData\Microsoft:ZH0AbYAgvPzTHADjHYH AlternateDataStreams: C:\ProgramData\Temp:1AAB2E68 AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 AlternateDataStreams: C:\Users\Juan Fran\Cookies:a6PwG0F5LWknVyoZ4cC AlternateDataStreams: C:\Users\Juan Fran\Cookies:xRRIbGuF2Uc1fp2mXCBTa AlternateDataStreams: C:\Users\Juan Fran\AppData\Local\Archivos temporales de Internet:Nf5XByHMZjq5rhOABup0ls C:\ProgramData\Microsoft\Secure EmptyTemp: CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
ok, to answer the previous question; i had avast long time ago; now i dont; And yes, i have also panda cloud cleaner.
now, i´ve done the fix:
results attached
thanks again…
Have the alerts now ceased ?
yes. i´ll keep watchingm and i will let u know. thanks a lot!
Once you are happy let me know and I will tidy up 