Hola
Dejo el log del Autoruns, espero haber seguido bien las instrucciones. Si veis en él también algo del SpySweeper os agradecería que me lo dijerais para eliminarlo completamente del pc.
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ ATIPTA ATI Desktop Control Panel (Not verified) ATI Technologies, Inc. c:\archivos de programa\ati technologies\ati control panel\atiptaxx.exe
+ avast! avast! service GUI component (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashdisp.exe
+ COMODO Firewall Pro COMODO Firewall Pro (Verified) Comodo CA Limited c:\archivos de programa\comodo\firewall\cpf.exe
+ NeroFilterCheck NeroCheck (Not verified) Ahead Software Gmbh c:\windows\system32\nerocheck.exe
+ RemoteControl PowerDVD RC Service (Not verified) Cyberlink Corp. c:\archivos de programa\cyberlink\powerdvd\pdvdserv.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
+ Adobe Gamma Loader.lnk Adobe Gamma Loader (Not verified) Adobe Systems, Inc. c:\archivos de programa\archivos comunes\adobe\calibration\adobe gamma loader.exe
+ Inicio rápido de Adobe Reader.lnk Adobe Acrobat SpeedLauncher (Not verified) Adobe Systems Incorporated c:\archivos de programa\adobe\acrobat 7.0\reader\reader_sl.exe
C:\Documents and Settings\user\Menú Inicio\Programas\Inicio
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ msnmsgr MSN Messenger (Not verified) Microsoft Corporation c:\archivos de programa\msn messenger\msnmsgr.exe
+ updateMgr Adobe Update Manager (Verified) Adobe Systems, Incorporated c:\archivos de programa\adobe\acrobat 7.0\reader\adobeupdatemanager.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Classes\Protocols\Filter
HKLM\SOFTWARE\Classes\Protocols\Handler
+ ms-itss Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\archivos de programa\archivos comunes\microsoft shared\information retrieval\msitss.dll
+ msnim MSN Messenger Protocol Handler (Not verified) Microsoft Corporation c:\archivos de programa\msn messenger\msgrapp.dll
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
+ 0 File not found: About:Home
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ AVG Anti-Spyware 7.5 AVG Anti-Spyware shellexecutehook (Verified) GRISOFT LTD c:\archivos de programa\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ avast avast! Shell Extension (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashshell.dll
+ TuneUp Shredder Shell Extension TuneUp Shredder Shell Extension (Verified) TuneUp Software GmbH c:\archivos de programa\tuneup utilities 2007\sdshelex-win32.dll
+ TuneUp Theme Extension TuneUp Theme Extension (Verified) TuneUp Software GmbH c:\windows\system32\uxtuneup.dll
+ UnlockerShellExtension c:\archivos de programa\unlocker\unlockercom.dll
+ WinRAR shell extension c:\archivos de programa\winrar\rarext.dll
HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
+ PDF Shell Extension PDF Shell Extension (Not verified) Adobe Systems, Inc. c:\archivos de programa\adobe\acrobat 7.0\activex\pdfshell.dll
HKCU\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Ctf\LangBarAddin
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} File not found: __BHODemonDisabled
+ {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} File not found: __BHODemonDisabled
+ {D84BE649-FD34-4942-8250-66A4F13F5A61} File not found: __BHODemonDisabled
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
HKLM\Software\Microsoft\Internet Explorer\Toolbar
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Extensions
HKLM\Software\Microsoft\Internet Explorer\Extensions
Task Scheduler
+ 1-Click Maintenance.job TuneUp System Optimizer (Verified) TuneUp Software GmbH c:\archivos de programa\tuneup utilities 2007\systemoptimizer.exe
HKLM\System\CurrentControlSet\Services
+ aswUpdSv Brinda actualizaciones automáticas para el antivirus avast!. (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\aswupdsv.exe
+ ATI Smart ATI Smart c:\windows\system32\ati2sgag.exe
+ avast! Antivirus Administra e implementa los servicios de antivirus avast! para este ordenador/computador/PC. Esto incluye protección residente, el baúl de virus y el programador de tareas. (Verified) ALWIL Software c:\archivos de programa\alwil software\avast4\ashserv.exe
+ AVG Anti-Spyware Guard AVG Anti-Spyware guard (Verified) GRISOFT LTD c:\archivos de programa\grisoft\avg anti-spyware 7.5\guard.exe
+ CmdAgent COMODO Firewall Pro Application Agent (Verified) Comodo CA Limited c:\archivos de programa\comodo\firewall\cmdagent.exe
+ UxTuneUp Permite la utilización de estilo visual sin la firma de Microsoft. (Verified) TuneUp Software GmbH c:\windows\system32\uxtuneup.dll
HKLM\System\CurrentControlSet\Services
+ AC2003 AC2003 - ABIT AC2003 Device Driver (Not verified) ABIT Computer Corp. c:\windows\system32\drivers\ac2003.sys
+ AVG Anti-Spyware Driver (Verified) GRISOFT LTD c:\archivos de programa\grisoft\avg anti-spyware 7.5\guard.sys
+ AvgAsCln AVG7 Clean Driver (Not verified) GRISOFT, s.r.o. c:\windows\system32\drivers\avgascln.sys
+ CmdMon COMODO Firewall Pro Application Engine (Not verified) Comodo Research Lab., Inc. c:\windows\system32\drivers\cmdmon.sys
+ Inspect COMODO Firewall Pro Network Engine (Not verified) COMODO c:\windows\system32\drivers\inspect.sys
+ kl1 Kaspersky Unified Driver (Not verified) Kaspersky Lab c:\windows\system32\drivers\kl1.sys
+ klif spuper-ptor (Not verified) Kaspersky Lab c:\windows\system32\drivers\klif.sys
+ PxHelp20 Px Engine Device Driver for Windows 2000/XP (Not verified) Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys
+ Secdrv SafeDisc driver (Not verified) Macrovision Europe Ltd c:\windows\system32\drivers\secdrv.sys
+ SSFS0509 Spy Sweeper FileSystem Filter Driver (Not verified) Webroot Software Inc (
www.webroot.com) c:\windows\system32\drivers\ssfs0509.sys
+ SSHRMD Spy Sweeper Mini Driver (Not verified) Webroot Software Inc (
www.webroot.com) c:\windows\system32\drivers\sshrmd.sys
+ SSIDRV Spy Sweeper Interdiction Driver (Not verified) Webroot Software Inc (
www.webroot.com) c:\windows\system32\drivers\ssidrv.sys
+ SSKBFD Spy Sweeper Keyboard Filter Driver (Not verified) Webroot Software Inc (
www.webroot.com) c:\windows\system32\drivers\sskbfd.sys
+ TSP spuper-ptor (Not verified) Kaspersky Lab c:\windows\system32\drivers\klif.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute
HKLM\System\CurrentControlSet\Control\Session Manager\Execute
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\Software\Microsoft\Command Processor\Autorun
HKCU\Software\Microsoft\Command Processor\Autorun
HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ klogon Logon Visualizer (Not verified) Kaspersky Lab c:\windows\system32\klogon.dll
+ WRNotifier Spy Sweeper Engine (Not verified) Webroot Software, Inc. c:\windows\system32\wrlogonntf.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman
HKCU\Control Panel\Desktop\Scrnsave.exe
HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImageName
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Microsoft Document Imaging Writer Monitor Microsoft® Document Imaging (Not verified) Microsoft Corporation c:\windows\system32\mdimon.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
Comentar que, al final, conseguí borrar en "Modo seguro" y con el Unlocker, la libería shellex.dll. del Active Virus Shield. También borré numerosas entradas del registro que busqué con el RegSeeker, pero quedan unas pocas que no se borran ni a tiros.
También comento que, pese a que ya no queda en el pc ninguna carpeta, ni icono, ni nada que pueda ver a simple vista del Active, el Avast sigue poniendo el mensaje de que está activo.
Gracias por las respuestas. Un saludo.