@gallegoj
I will look at your logs.
This fix shall fix your problem:
Re-run
OTL.exe.
- Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.
:FILES
ipconfig /flushdns /c
C:\Users\Jonathan\AppData\Local\Temp\tsiVi032.dll
C:\Users\Jonathan\AppData\Local\Temp\iswizard
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimhlfnbjllicocigjdalpodkokffbmm
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\enadeelnincmhhilgbiphjbjnnagnhmh
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbpifhknilaflibiifjhhofddbbchmhh
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flogpfmjdekjoilcnmmchanikomlidie
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbabpaggdgcakhjllleobffeghmhjme
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbabpaggdgcakhjllleobffeghmhjme
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijecamokjmiajijbajfnlbkfknpplkdf
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdckejfnkaemompfjhecfmhjgnchmjg
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\loamdenijebhollnjgehcfbnpeelfhlk
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj
C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
:OTL
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-21-1365072474-943141896-2643588273-1000..\Run: [tsiVideo] C:\Users\Jonathan\AppData\Local\Temp\tsiVi032.dll ()
:COMMANDS
[CREATERESTOREPOINT]
[EMPTYTEMP]
- Then click the Run Fix button at the top.
- Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.
If the log doesn't appear, it can be found here:
c:\_OTL\MovedFiles\mmddyyyy_hhmmss.log
---- Next -----aswMBR shows traces of posible TDL rootkit. We shall re-check that.
Download
TDSSKiller and save it to your desktop
Execute
TDSSKiller.exe by doubleclicking on it, accept all pop-up on start.
- Press Start Scan
- If Suspicious object is detected, the default action will be Skip, click on Continue.
- If Malicious objects are found, select Cure.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example,
C:\TDSSKiller.<version_date_time>log.txtPlease post the contents of that log in your next reply.