Hola a todos!!! mi disco externo tiene un virus que crea unas carpetas que tienen un ícono como si fuera una venta negra que adquiere el nombre de la carpeta que lo contiene además de copy fwd , además crea una carpeta con nombre fwgzfscwhtqtaapwzdsae que dentro tiene un ícono verde similar a una H con el mismo nombre de la carpeta o sea fwgzfscwhtqtaapwzdsae alguien me pudiera decir como lo puedo eliminar? Pues he usado varios antivirus y ninguno de ellos lo reconoce ni siquiera lo detecta y ya no sé que hacer. Gracias de antemano 
Hola @luci9503 bienvenida a Forospyware.
1.- Descarga y ejecuta USBFix
2.- Descarga y ejecuta FRST
Pega los reportes de UsbFix y FRST.
Un saludo
Hola, gracias por responder enseguida hago lo que me orienta
Este es el reporte del USBFix:
# ----------------------------------------------------
# UsbFix Antivirus Premium
# ----------------------------------------------------
# Versión : 11.031
# Base de datos :
# Contacto : https://www.usb-antivirus.com/es/contacto
# ----------------------------------------------------
# Tipo de escaneo : Full
# Usuario : mviton (Administrador)
# Dispositivo : 8504-GEO-MVITON
# Comenzó : 13/01/2021 11:49:58
# ----------------------------------------------------
------------ | Discos analizados |
C:\ NTFS (46GB/149GB) [Fixed]
D:\ NTFS (167GB/782GB) [Fixed]
H:\ NTFS (96GB/1863GB) [Fixed]
------------ | Elemento(s) infectado(s) |
~ Ningún elemento detectado ~
------------ | Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [OneDrive] "C:\Users\mviton\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKCU\..\Run : [ISUSPM] "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
04 - HKLM\..\Run : [Bonus.SSR.FR11] "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
04 - HKLM\..\Run : [ZapyaAdaptor] C:\Program Files (x86)\Zapya\ZapyaPC\ZapyaAdaptor.exe
04 - [x64] HKLM\..\Run : [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
04 - [x64] HKLM\..\Run : [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
04 - [x64] HKLM\..\Run : [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-21-1249944458-3703393581-1172090420-13288\..\Run : [OneDrive] "C:\Users\mvargas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-1249944458-3703393581-1172090420-13335\..\Run : [OneDrive] "C:\Users\andres\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-1249944458-3703393581-1172090420-1460\..\Run : [OneDrive] "C:\Users\emarrero\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-2292143448-103110773-2173756207-500\..\Run : [OneDrive] "C:\Users\Administrador\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-3709785240-1819934352-3605754092-1247\..\Run : [OneDrive] "C:\Users\pmblanco\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-3709785240-1819934352-3605754092-1248\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-21-3709785240-1819934352-3605754092-1250\..\Run : [OneDrive] "C:\Users\mviton\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-3709785240-1819934352-3605754092-1250\..\Run : [ISUSPM] "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
04 - HKU\S-1-5-21-3709785240-1819934352-3605754092-1294\..\Run : [OneDrive] "C:\Users\yuniercc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-3709785240-1819934352-3605754092-500\..\Run : [OneDrive] "C:\Users\administrator.CEINPET\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-82-271721585-897601226-2024613209-625570482-296978595\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-82-3876422241-1344743610-1729199087-774402673-2621913236\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04GS - Adobe Gamma Loader.lnk : C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
04GS - OCS Inventory NG Systray.lnk : C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe
------------ | Tasks |
Task - Adobe Flash Player PPAPI Notifier --> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
Task - Adobe Flash Player Updater --> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task - CCleaner Update --> C:\Program Files\CCleaner\CCUpdate.exe
Task - CreateExplorerShellUnelevatedTask --> C:\Windows\Explorer.EXE /NOUACCHECK
Task - Intel PTT EK Recertification --> "C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe"
Task - KMSAutoNet --> "C:\ProgramData\KMSAutoS\KMSAuto Net.exe" /win=act /off=act
Task - OneDrive Standalone Update Task v2 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - OneDrive Standalone Update Task-S-1-5-21-1249944458-3703393581-1172090420-13285 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - UsbFix Boot Scan --> "C:\Program Files (x86)\UsbFix\UsbFix.exe" -scanonstart
Task - UsbFix Monitor --> "C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe"
------------ | C:\ %SystemDrive% - Disco fijo (NTFS) |
[12/01/2021 - 08:23:48 | ASH | 2490368 Ko] - pagefile.sys
[12/01/2021 - 08:23:48 | ASH | 262144 Ko] - swapfile.sys
[13/01/2021 - 08:31:40 | ASH | 6622656 Ko] - hiberfil.sys
[03/11/2020 - 12:54:15 | HD] - System.sav
[12/01/2021 - 14:12:33 | RASHD] - autorun.inf
[08/04/2019 - 07:45:15 | SH | 0 Ko] - bootTel.dat
[17/12/2020 - 11:20:24 | SHD] - $Recycle.Bin
[23/05/2019 - 11:45:01 | D] - found.006
[08/04/2019 - 07:45:14 | D] - found.004
[27/03/2019 - 12:01:17 | D] - found.003
[27/03/2019 - 12:01:17 | D] - found.002
[01/07/2020 - 11:23:54 | D] - found.001
[09/01/2020 - 13:23:57 | D] - found.000
[11/04/2018 - 18:38:20 | D] - PerfLogs
[19/12/2018 - 16:33:42 | RHD] - MSOCache
[19/12/2018 - 16:34:13 | D] - SWSetup
[19/12/2018 - 18:17:13 | SHD] - Recovery
[09/01/2019 - 17:11:50 | D] - Temp
[02/05/2019 - 15:04:02 | D] - inetpub
[18/06/2019 - 14:49:29 | D] - Documents and Settings
[20/06/2019 - 12:54:37 | D] - Python30
[20/06/2019 - 12:55:29 | D] - Python35
[27/06/2019 - 08:07:09 | D] - Python27
[03/11/2020 - 13:20:28 | D] - Intel
[01/12/2020 - 15:48:24 | HD] - ProgramData
[04/12/2020 - 14:00:14 | RD] - Users
[04/12/2020 - 14:24:45 | RD] - Program Files
[12/01/2021 - 14:09:49 | RD] - Program Files (x86)
[12/01/2021 - 16:48:44 | D] - Windows
------------ | D:\ - Disco fijo (NTFS) |
[12/01/2021 - 14:12:33 | RASHD] - autorun.inf
[14/12/2014 - 23:00:00 | A | 784 Ko] - Profwiz.exe
[17/12/2020 - 11:20:43 | SHD] - $RECYCLE.BIN
[25/06/2019 - 11:13:50 | D] - Documentos
[12/12/2019 - 14:02:21 | D] - FFOutput
[10/11/2020 - 10:20:41 | RD] - Lucy
[04/12/2020 - 14:48:31 | D] - Petrel 2017
------------ | H:\ - Disco fijo (NTFS) |
[17/11/2020 - 12:57:56 | A | 0 Ko] - Transferencia de materia y energía avanzada.rar
[16/11/2020 - 19:50:25 | A | 0 Ko] - Arco Vólcanico Cretácico.pptx
[17/11/2020 - 08:41:43 | A | 0 Ko] - ~$Arco Vólcanico Cretácico.pptx
[04/02/2019 - 11:14:16 | A | 3033 Ko] - guia de la calculadora.pdf
[09/06/2020 - 10:00:17 | A | 3 Ko] - zopener_8a4800ea0a3f43f4bafd7706c1a4e7ee.log
[23/05/2018 - 20:19:23 | A | 4517 Ko] - spring_girl_5k.jpg
[11/01/2019 - 14:24:46 | N | 1 Ko] - ZentimoSettings.ini
[12/01/2021 - 14:12:33 | D] - AUTORUN.INF
[13/01/2021 - 11:49:07 | A | 1675 Ko] - Cómo deshabilitar temporalmente su Antivirus - Guías, manuales, tutoriales y más - ForoSpyware.htm
[13/01/2021 - 11:49:36 | A | 209 Ko] - Manual de UsbFix - Guías, manuales, tutoriales y más - ForoSpyware.htm
[11/05/2020 - 08:14:15 | A | 95477 Ko] - Teams_windows_x64.exe
[11/05/2020 - 10:46:02 | A | 10813 Ko] - connectify-hotspot-2019-1-2-40048.exe
[27/09/2020 - 07:21:50 | A | 4195 Ko] - AAAAA1PANDEMIA DIARIA.docx
[12/10/2020 - 11:10:27 | A | 0 Ko] - ~$AAA1PANDEMIA DIARIA.docx
[04/12/2018 - 16:17:00 | AS | 97 Ko] - Thumbs.db
[21/12/2020 - 07:37:11 | D] - $RECYCLE.BIN
[24/09/2020 - 10:16:07 | SHD] - found.001
[20/05/2019 - 09:01:37 | SHD] - found.000
[21/12/2020 - 13:34:14 | D] - !!!revistas
[21/12/2020 - 13:34:15 | D] - 11 de dic
[21/12/2020 - 13:34:15 | D] - ArcGis
[21/12/2020 - 13:34:15 | D] - Biblioteca
[21/12/2020 - 13:34:15 | D] - copia de seguridad tesis
[21/12/2020 - 13:34:15 | D] - COSAS MIAS
[21/12/2020 - 13:34:15 | D] - danay
[21/12/2020 - 13:34:15 | D] - descargas
[21/12/2020 - 13:34:16 | D] - Documentos
[21/12/2020 - 13:34:16 | D] - Games
[21/12/2020 - 13:34:16 | D] - Icons
[21/12/2020 - 13:34:16 | D] - Ideas en 5 min
[21/12/2020 - 13:34:16 | D] - Ingles
[21/12/2020 - 13:34:16 | D] - Ingles sin Barrera
[21/12/2020 - 13:34:16 | D] - Instalaciones
[21/12/2020 - 13:34:16 | D] - LUCIA
[21/12/2020 - 13:34:16 | D] - Maestria
[21/12/2020 - 13:34:16 | D] - MEMORIA LUCIA NO BORRARRR!!!!
[21/12/2020 - 13:34:17 | D] - mis mami
[21/12/2020 - 13:34:17 | D] - Modern Warfare 3 DLC
[21/12/2020 - 13:34:17 | D] - móvil
[21/12/2020 - 13:34:17 | D] - nana
[21/12/2020 - 13:34:17 | D] - salva
[21/12/2020 - 13:34:17 | D] - Trabajo!
[21/12/2020 - 13:34:18 | D] - Wallpepers
[27/12/2020 - 22:19:24 | D] - Videos
[01/01/2021 - 23:23:20 | RD] - Pictures
[05/01/2021 - 22:27:50 | D] - tareas de reordenamiento
[06/01/2021 - 12:29:19 | D] - Música
[06/01/2021 - 14:44:46 | D] - All My Life [2020] [863,94 Mb]
[06/01/2021 - 15:01:54 | D] - Hijra in Between [2020] [247,89 Mb]
[07/01/2021 - 14:17:00 | RD] - pieza
[11/01/2021 - 10:41:14 | D] - Cosas de Marco
[11/01/2021 - 13:26:37 | D] - Programas
Elemento(s) infectado(s) : 0
Elementos analizados : 124645 en 00h 00m 08s
# UsbFix-Report-01.txt [9948B]
------------ | E.O.F |Hola.
Falta el reporte de FRST.
Un saludo