• Registrarse
  • Iniciar sesión


  • Página 3 de 3 PrimeroPrimero 123
    Resultados 21 al 27 de 27

    Imposible eliminar virus doble tilde ´´

    Realiza lo siguiente: Descarga OTL.exe by OldTimer a tu escritorio. Cierra todos los programas y ventanas abiertas. Ejecuta OTL.exe haciendo doble clic sobre el icono. Configure lo siguiente dejando lo demas por defecto: Marque la ...

    1. #21
      Developer Avatar de Dany3j
      Registrado
      mar 2011
      Ubicación
      China
      Mensajes
      6.652

      Re: Imposible eliminar virus doble tilde ´´

      Realiza lo siguiente:

      Descarga OTL.exe by OldTimer a tu escritorio.
      • Cierra todos los programas y ventanas abiertas.

      • Ejecuta OTL.exe haciendo doble clic sobre el icono.

      • Configure lo siguiente dejando lo demas por defecto:

      • Marque la casilla Analizar Todos.

      • Cambie la opción Tipo de Análisis a Resultado Completo.

      • Marque las casillas:


        • Usar Listado de Compañías Reconocidas.
        • Omitir Archivos De Microsoft.
        • Buscar LOP.
        • Buscar Purity.


      • Copie y pegue el siguiente codigo en el recuadro

      • Código:
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
        
      • No modifique alguna otra configuración a menos que se le indique.

      • Presiona el botón No utilice el ordenador durante el análisis.

      • Cuando haya terminado, se abrirán dos (2) reportes:


      • OTL.Txt
      • Extras.Txt

      Nota: Los reportes quedan guardados en el mismo lugar donde OTL.exe fue ejecutado.
      Copia y pega únicamente el contenido del archivo OTL.txt en tu próxima respuesta.

      Me tope con un gato negro y tuve que desviarme por el camino largo.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    2. #22
      Usuario Avatar de YoNkor
      Registrado
      abr 2012
      Ubicación
      Sebastopol
      Mensajes
      14

      Re: Imposible eliminar virus doble tilde ´´

      OTL:

      OTL logfile created on: 12/09/2012 19:28:52 - Run 2
      OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Concha\Desktop
      64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7601.17514)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,75 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 76,27% Memory free
      7,50 Gb Paging File | 6,23 Gb Available in Paging File | 83,05% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 60,99 Gb Total Space | 8,64 Gb Free Space | 14,17% Space Free | Partition Type: NTFS
      Drive D: | 404,68 Gb Total Space | 61,83 Gb Free Space | 15,28% Space Free | Partition Type: NTFS

      Computer Name: CONCHA-PC | User Name: Concha | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - [2012/09/11 15:23:27 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Concha\Desktop\OTL.exe
      PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      PRC - [2012/07/20 15:17:14 | 012,218,904 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
      PRC - [2011/04/01 05:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
      PRC - [2010/05/07 18:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
      PRC - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
      PRC - [2010/05/07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
      PRC - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
      PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


      ========== Modules (No Company Name) ==========

      MOD - [2012/09/12 12:44:09 | 001,169,408 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\wx._core_.pyd
      MOD - [2012/09/12 12:44:09 | 001,056,256 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\wx._controls_.pyd
      MOD - [2012/09/12 12:44:09 | 001,018,368 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\windows._cacheinvalidation.pyd
      MOD - [2012/09/12 12:44:09 | 000,807,424 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\wx._windows_.pyd
      MOD - [2012/09/12 12:44:09 | 000,792,576 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\wx._gdi_.pyd
      MOD - [2012/09/12 12:44:09 | 000,731,136 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\wx._misc_.pyd
      MOD - [2012/09/12 12:44:09 | 000,645,120 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\_ssl.pyd
      MOD - [2012/09/12 12:44:09 | 000,585,728 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\unicodedata.pyd
      MOD - [2012/09/12 12:44:09 | 000,571,392 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\pysqlite2._sqlite.pyd
      MOD - [2012/09/12 12:44:09 | 000,354,304 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\pythoncom26.dll
      MOD - [2012/09/12 12:44:09 | 000,311,808 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\_hashlib.pyd
      MOD - [2012/09/12 12:44:09 | 000,263,168 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\win32com.shell.shell.pyd
      MOD - [2012/09/12 12:44:09 | 000,153,088 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\pyexpat.pyd
      MOD - [2012/09/12 12:44:09 | 000,121,856 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\wx._wizard.pyd
      MOD - [2012/09/12 12:44:09 | 000,111,104 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\win32file.pyd
      MOD - [2012/09/12 12:44:09 | 000,110,592 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\pywintypes26.dll
      MOD - [2012/09/12 12:44:09 | 000,096,256 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\win32api.pyd
      MOD - [2012/09/12 12:44:09 | 000,086,016 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\_elementtree.pyd
      MOD - [2012/09/12 12:44:09 | 000,073,728 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\_ctypes.pyd
      MOD - [2012/09/12 12:44:09 | 000,070,656 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\wx._html2.pyd
      MOD - [2012/09/12 12:44:09 | 000,040,448 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\_socket.pyd
      MOD - [2012/09/12 12:44:09 | 000,039,424 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\win32inet.pyd
      MOD - [2012/09/12 12:44:09 | 000,036,352 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\win32process.pyd
      MOD - [2012/09/12 12:44:09 | 000,022,528 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\win32pdh.pyd
      MOD - [2012/09/12 12:44:09 | 000,017,920 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\win32event.pyd
      MOD - [2012/09/12 12:44:09 | 000,011,776 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\win32crypt.pyd
      MOD - [2012/09/12 12:44:09 | 000,011,776 | ---- | M] () -- C:\Users\Concha\AppData\Local\Temp\_MEI28763\select.pyd
      MOD - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
      MOD - [2010/05/07 18:37:50 | 000,290,648 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
      MOD - [2010/05/07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
      MOD - [2010/05/07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
      MOD - [2010/05/07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
      MOD - [2010/05/07 18:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtNetwork4.dll
      MOD - [2010/05/07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
      MOD - [2010/05/07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
      MOD - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe


      ========== Services (SafeList) ==========

      SRV:64bit: - [2011/01/27 00:55:36 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
      SRV:64bit: - [2009/11/24 02:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
      SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
      SRV - [2012/09/08 03:07:56 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
      SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
      SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
      SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
      SRV - [2011/08/27 20:20:45 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
      SRV - [2011/04/01 05:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
      SRV - [2010/05/07 18:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Archivos de programa\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
      SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
      SRV - [2009/11/24 02:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Archivos de programa\WTouch\WTouchService.exe -- (WTouchService)
      SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - [2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
      DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
      DRV:64bit: - [2011/03/20 18:20:55 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
      DRV:64bit: - [2011/01/27 01:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
      DRV:64bit: - [2011/01/27 01:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
      DRV:64bit: - [2011/01/27 00:13:32 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
      DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
      DRV:64bit: - [2010/11/20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
      DRV:64bit: - [2010/11/20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
      DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
      DRV:64bit: - [2010/05/17 03:07:52 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
      DRV:64bit: - [2010/05/15 00:02:14 | 006,465,760 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
      DRV:64bit: - [2010/05/15 00:00:52 | 000,329,952 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
      DRV:64bit: - [2010/05/15 00:00:28 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
      DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
      DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
      DRV:64bit: - [2010/04/09 14:17:04 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
      DRV:64bit: - [2010/04/09 14:16:58 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
      DRV:64bit: - [2009/08/28 01:06:34 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
      DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
      DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
      DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
      DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
      DRV:64bit: - [2009/06/26 09:22:50 | 000,417,792 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTL8187)
      DRV:64bit: - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
      DRV:64bit: - [2009/06/10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
      DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
      DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
      DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
      DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
      DRV:64bit: - [2009/05/20 21:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
      DRV:64bit: - [2009/02/17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
      DRV:64bit: - [2007/02/16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
      DRV:64bit: - [2005/03/29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
      DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
      DRV - [2007/02/16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-887416047-875199164-1038058173-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
      IE - HKU\S-1-5-21-887416047-875199164-1038058173-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D4 AC 5F B1 20 EC CC 01 [binary data]
      IE - HKU\S-1-5-21-887416047-875199164-1038058173-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKU\S-1-5-21-887416047-875199164-1038058173-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-887416047-875199164-1038058173-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.useDBForOrder: ""


      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
      FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
      FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
      FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Concha\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/24 18:46:13 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/08 03:07:56 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/24 18:46:13 | 000,000,000 | ---D | M]

      [2011/03/19 21:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Concha\AppData\Roaming\mozilla\Extensions
      [2012/07/27 22:02:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Concha\AppData\Roaming\mozilla\Firefox\Profiles\17b3hhb0.default\extensions
      [2012/03/30 22:15:00 | 000,012,514 | ---- | M] () (No name found) -- C:\Users\Concha\AppData\Roaming\mozilla\firefox\profiles\17b3hhb0.default\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi
      [2012/07/27 22:02:11 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Concha\AppData\Roaming\mozilla\firefox\profiles\17b3hhb0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2011/05/28 02:48:02 | 000,002,065 | ---- | M] () -- C:\Users\Concha\AppData\Roaming\mozilla\firefox\profiles\17b3hhb0.default\searchplugins\bsqueda-de-vdeos-en-youtube.xml
      [2011/07/20 10:48:08 | 000,001,504 | ---- | M] () -- C:\Users\Concha\AppData\Roaming\mozilla\firefox\profiles\17b3hhb0.default\searchplugins\imdb.xml
      [2012/01/10 09:39:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/09/08 03:07:56 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/09/08 03:07:55 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/07/28 15:34:32 | 000,003,882 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/07/27 21:55:25 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2012/09/08 03:07:55 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/07/27 21:55:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/07/27 21:55:25 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://search.babylon.com/?affID=109730&tt=290312_29&babsrc=HP_ss&mntrId=8ad64180000000000000061d1a0c173a
      CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Concha\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Concha\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\Concha\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Concha\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
      CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
      CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
      CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
      CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
      CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
      CHR - plugin: Unity Player (Enabled) = C:\Users\Concha\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
      CHR - plugin: Default Plug-in (Enabled) = default_plugin
      CHR - Extension: YouTube = C:\Users\Concha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\Concha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
      CHR - Extension: Gmail = C:\Users\Concha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2012/09/10 20:19:02 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
      O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
      O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
      O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      O4 - HKU\S-1-5-21-887416047-875199164-1038058173-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4 - HKU\S-1-5-21-887416047-875199164-1038058173-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
      O4 - HKU\S-1-5-21-887416047-875199164-1038058173-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-887416047-875199164-1038058173-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-887416047-875199164-1038058173-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.42.230.24 62.42.63.52
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{389F0153-705C-471A-A241-4995E49A2A12}: DhcpNameServer = 62.42.230.24 62.42.63.52
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{394F873F-72F8-46B6-8C37-272265268918}: DhcpNameServer = 62.42.230.24 62.42.63.52
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD2FD67C-5F64-4E04-BD59-1BCC6744C00B}: DhcpNameServer = 62.42.230.24 62.42.63.52
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/09/12 14:21:27 | 000,000,000 | ---D | C] -- C:\Users\Concha\Desktop\Server
      [2012/09/12 02:25:56 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Concha\Desktop\aswMBR.exe
      [2012/09/11 15:53:04 | 000,000,000 | ---D | C] -- C:\_OTL
      [2012/09/11 15:23:25 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Concha\Desktop\OTL.exe
      [2012/09/11 02:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/09/11 02:49:20 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2012/09/11 02:49:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2012/09/10 20:24:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2012/09/10 20:23:28 | 000,000,000 | ---D | C] -- C:\Windows\temp
      [2012/09/10 20:18:48 | 000,000,000 | ---D | C] -- C:\Users\Concha\AppData\Roaming\WTouch
      [2012/09/10 15:51:39 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Concha\Desktop\TDSSKiller.exe
      [2012/09/10 14:50:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2012/09/10 14:50:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2012/09/10 14:50:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
      [2012/09/10 14:50:40 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2012/09/10 14:50:28 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
      [2012/09/10 14:48:57 | 004,747,716 | R--- | C] (Swearware) -- C:\Users\Concha\Desktop\ComboFix.exe
      [2012/09/10 13:43:07 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Users\Concha\Desktop\OTM.exe
      [2012/09/08 03:11:13 | 000,000,000 | ---D | C] -- C:\_DT-Kill
      [2012/09/07 23:23:25 | 000,000,000 | ---D | C] -- C:\Users\Concha\AppData\Roaming\Malwarebytes
      [2012/09/07 23:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/09/07 13:03:12 | 000,000,000 | --SD | C] -- C:\Users\Concha\Google Drive
      [2012/09/07 13:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
      [2012/09/01 23:58:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
      [2012/09/01 23:58:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
      [2012/08/24 17:54:55 | 000,000,000 | ---D | C] -- C:\Users\Concha\Documents\Mis escaneos
      [2012/08/23 14:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
      [2012/08/21 21:21:34 | 000,000,000 | ---D | C] -- C:\Users\Concha\AppData\Roaming\.minecraft
      [2012/08/18 16:21:11 | 000,000,000 | ---D | C] -- C:\Users\Concha\Desktop\Nueva carpeta (3)
      [2012/08/18 16:06:05 | 000,000,000 | ---D | C] -- C:\Users\Concha\Desktop\emitters
      [2012/08/18 16:04:10 | 000,000,000 | ---D | C] -- C:\Users\Concha\Desktop\Nueva carpeta (2)
      [2012/08/18 15:56:30 | 000,000,000 | ---D | C] -- C:\Users\Concha\Desktop\Work
      [2012/08/18 15:56:26 | 000,000,000 | ---D | C] -- C:\Users\Concha\Desktop\Nueva carpeta

      ========== Files - Modified Within 30 Days ==========

      [2012/09/12 18:58:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/09/12 17:15:16 | 001,530,068 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/09/12 17:15:16 | 000,694,148 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/09/12 17:15:16 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/09/12 17:15:16 | 000,134,242 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/09/12 17:15:16 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/09/12 17:09:36 | 000,000,240 | -H-- | M] () -- C:\Windows\tasks\UBHPjsB.job
      [2012/09/12 16:30:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/09/12 16:30:23 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
      [2012/09/12 12:51:16 | 000,013,456 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/09/12 12:51:16 | 000,013,456 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/09/12 12:43:51 | 3019,198,464 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/12 02:39:08 | 000,000,512 | ---- | M] () -- C:\Users\Concha\Desktop\MBR.dat
      [2012/09/12 02:26:09 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Concha\Desktop\aswMBR.exe
      [2012/09/11 20:58:29 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd904f6e9751d5.job
      [2012/09/11 15:56:37 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\UBHPjsB.exe
      [2012/09/11 15:53:18 | 000,059,392 | ---- | M] () -- C:\Windows\SysNative\UBHPjsB.exe
      [2012/09/11 15:23:27 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Concha\Desktop\OTL.exe
      [2012/09/11 02:50:05 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/09/10 20:19:02 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
      [2012/09/10 15:50:47 | 002,193,184 | ---- | M] () -- C:\Users\Concha\Desktop\tdsskiller.zip
      [2012/09/10 14:49:11 | 004,747,716 | R--- | M] (Swearware) -- C:\Users\Concha\Desktop\ComboFix.exe
      [2012/09/10 13:49:30 | 000,435,675 | ---- | M] () -- C:\Users\Concha\Desktop\DT-kill.exe
      [2012/09/10 13:43:09 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Users\Concha\Desktop\OTM.exe
      [2012/09/10 13:26:39 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
      [2012/09/10 12:34:23 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/09/08 22:43:04 | 001,557,956 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2012/09/07 13:03:12 | 000,001,676 | ---- | M] () -- C:\Users\Concha\Desktop\Google Drive.lnk
      [2012/09/01 23:58:18 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
      [2012/08/24 18:56:57 | 000,000,132 | ---- | M] () -- C:\Users\Concha\AppData\Roaming\Adobe BMP Format CS5 Prefs
      [2012/08/24 13:28:40 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Concha\Desktop\TDSSKiller.exe
      [2012/08/21 21:21:20 | 000,263,186 | ---- | M] () -- C:\Users\Concha\Desktop\Minecraft.exe
      [2012/08/21 12:54:36 | 000,001,318 | ---- | M] () -- C:\Users\Concha\AppData\Roaming\MPQEditor.ini
      [2012/08/18 13:18:17 | 005,406,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

      ========== Files Created - No Company Name ==========

      [2012/09/12 02:39:08 | 000,000,512 | ---- | C] () -- C:\Users\Concha\Desktop\MBR.dat
      [2012/09/11 20:58:29 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd904f6e9751d5.job
      [2012/09/11 20:58:23 | 000,000,240 | -H-- | C] () -- C:\Windows\tasks\UBHPjsB.job
      [2012/09/11 15:56:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\UBHPjsB.exe
      [2012/09/11 15:53:18 | 000,059,392 | ---- | C] () -- C:\Windows\SysNative\UBHPjsB.exe
      [2012/09/11 02:49:21 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/09/10 15:50:44 | 002,193,184 | ---- | C] () -- C:\Users\Concha\Desktop\tdsskiller.zip
      [2012/09/10 14:50:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2012/09/10 14:50:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2012/09/10 14:50:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2012/09/10 14:50:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2012/09/10 14:50:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2012/09/10 08:19:42 | 000,164,943 | ---- | C] () -- C:\Users\Concha\Desktop\SSA40197.JPG
      [2012/09/08 22:46:07 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
      [2012/09/08 22:43:04 | 001,557,956 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2012/09/08 02:01:56 | 000,435,675 | ---- | C] () -- C:\Users\Concha\Desktop\DT-kill.exe
      [2012/09/07 13:03:12 | 000,001,676 | ---- | C] () -- C:\Users\Concha\Desktop\Google Drive.lnk
      [2012/09/04 11:43:30 | 032,388,608 | ---- | C] () -- C:\Users\Concha\Desktop\Preparación secuencial de cavidades terapéuticas en dientes 2008.pps
      [2012/08/24 18:55:38 | 000,000,132 | ---- | C] () -- C:\Users\Concha\AppData\Roaming\Adobe BMP Format CS5 Prefs
      [2012/08/21 21:21:20 | 000,263,186 | ---- | C] () -- C:\Users\Concha\Desktop\Minecraft.exe
      [2012/08/18 15:55:22 | 000,001,318 | ---- | C] () -- C:\Users\Concha\AppData\Roaming\MPQEditor.ini
      [2012/08/18 15:54:29 | 001,607,680 | ---- | C] () -- C:\Users\Concha\Desktop\MPQEditor.exe
      [2012/01/21 14:58:29 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
      [2011/11/03 23:38:53 | 000,000,000 | ---- | C] () -- C:\Windows\scummvm.ini
      [2011/05/06 16:04:47 | 000,049,152 | ---- | C] () -- C:\Windows\Domino.exe
      [2011/03/24 18:43:08 | 000,179,102 | ---- | C] () -- C:\Windows\hpoins44.dat
      [2011/03/24 18:43:08 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat
      [2011/03/19 20:17:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
      [2010/12/21 04:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

      ========== LOP Check ==========

      [2012/09/12 14:22:08 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\.minecraft
      [2012/03/30 19:25:21 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [2011/11/13 19:56:51 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\Crayon Physics Deluxe
      [2011/07/10 22:14:52 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\DAEMON Tools Lite
      [2012/09/08 14:14:12 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\FileZilla
      [2011/11/29 19:14:47 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\FotoPrix
      [2011/05/14 20:20:54 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\Leadertech
      [2011/06/30 19:16:58 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\Megaupload
      [2011/03/20 22:34:11 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\PACE Anti-Piracy
      [2011/03/22 21:23:16 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      [2012/02/15 22:52:48 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\Unity
      [2012/09/10 13:36:53 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\uTorrent
      [2012/09/10 20:24:56 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\WTouch
      [2011/10/12 17:50:55 | 000,000,000 | ---D | M] -- C:\Users\Concha\AppData\Roaming\Youtube Downloader HD
      [2012/09/12 17:08:37 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
      [2012/09/12 17:09:36 | 000,000,240 | -H-- | M] () -- C:\Windows\Tasks\UBHPjsB.job

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/09/10 20:23:26 | 000,021,422 | ---- | M] () -- C:\ComboFix.txt
      [2012/09/10 13:50:50 | 000,007,378 | ---- | M] () -- C:\DT-kill.txt
      [2012/09/12 12:43:51 | 3019,198,464 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/12 12:43:53 | 4025,602,048 | -HS- | M] () -- C:\pagefile.sys
      [2012/09/10 15:53:24 | 000,136,236 | ---- | M] () -- C:\TDSSKiller.2.8.8.0_10.09.2012_15.52.04_log.txt

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 1091 bytes -> C:\Users\Concha\AppData\Local\Temp:JJ4h7akKIXfUMJub2GM4THJv

      < End of report >

    3. #23
      Usuario Avatar de YoNkor
      Registrado
      abr 2012
      Ubicación
      Sebastopol
      Mensajes
      14

      Re: Imposible eliminar virus doble tilde ´´

      Hola de nuevo. Viendo que no hay manera de quitarme los virus de encima he pensao en formatear el disco duro, pero tengo archivos de gran tamaño que necesito conservar. ¿Hay alguna manera de copiarlos asegurandome de que el virus no "salte" a los discos duros?. Gracias

    4. #24
      Usuario Avatar de RLLAVANE
      Registrado
      sep 2012
      Ubicación
      San Antonio, Miranda, Venezuela
      Mensajes
      4

      Alegria Re: Imposible eliminar virus doble tilde ´´

      Estimado YonKor, buenas tardes.
      Estuve leyendo este foro y otros sobre el Virus Doble Tilde.
      Al efecto, y sin menospreciar la diligente ayuda que puedan prestarte aquí, te informo:
      Si tienes instalado el Malwarebytes Anti-Spyware en tu PC, (el gratuito), dirígete al SOPORTE de esa gente.
      Ellos en varios pasos eliminaron ese virus de mi PC y voilá, ahora puedo escribir camión y otras palabras con acentos sin problema. Pero lo más importante es que NO TENGO ya ese inconveniente, que es un problema bastante serio, ya que roba contraseñas y números de tarjetas de crédito y débito. Lo del acento es un defecto que algo les salió mal y los descubre.
      Me atendieron excelente y en dos días, listo.
      Un cordial saludo y por favor, a todos los que intervinieron, se les agradece verdaderamente la atención prestada.
      RLLAVANE

    5. #25
      Developer Avatar de Dany3j
      Registrado
      mar 2011
      Ubicación
      China
      Mensajes
      6.652

      Re: Imposible eliminar virus doble tilde ´´

      @YoNkor coméntame como va el problema y si te sirvio lo que comenta RLLAVANE

      Salu2.

      Me tope con un gato negro y tuve que desviarme por el camino largo.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #26
      Usuario Avatar de YoNkor
      Registrado
      abr 2012
      Ubicación
      Sebastopol
      Mensajes
      14

      Re: Imposible eliminar virus doble tilde ´´

      Imposible de los imposibles, ni el servicio tecnico de Malwarebites consigue quitar el virus, supongo que al final tendre que formatear y punto. Gracias por toda la ayuda!

    7. #27
      Developer Avatar de Dany3j
      Registrado
      mar 2011
      Ubicación
      China
      Mensajes
      6.652

      Re: Imposible eliminar virus doble tilde ´´

      No te des por vencido tan pronto. todavía hay ganas de luchar. Ademas se trata de una nueva variante que acabamos de detectar por lo cual ya podrás librarte de ella.

      Realiza lo siguiente de nuevo:

      Descarga OTL.exe by OldTimer a tu escritorio.
      • Cierra todos los programas y ventanas abiertas.

      • Ejecuta OTL.exe haciendo doble clic sobre el icono.

      • Configure lo siguiente dejando lo demas por defecto:

      • Marque la casilla Analizar Todos.

      • Cambie la opción Tipo de Análisis a Resultado Mínimo.

      • Marque las casillas:


        • Usar Listado de Compañías Reconocidas.
        • Omitir Archivos De Microsoft.
        • Buscar LOP.
        • Buscar Purity.


      • Copie y pegue el siguiente codigo en el recuadro

      • Código:
        msconfig
        %SYSTEMDRIVE%\*.*
        %TEMP%\*.*
        CREATERESTOREPOINT
        
      • No modifique alguna otra configuración a menos que se le indique.

      • Presiona el botón No utilice el ordenador durante el análisis.

      • Cuando haya terminado, se abrirán dos (2) reportes:


      • OTL.Txt
      • Extras.Txt

      Nota: Los reportes quedan guardados en el mismo lugar donde OTL.exe fue ejecutado.
      Copia y pega únicamente el contenido del archivo OTL.txt en tu próxima respuesta.
      Última edición por Dany3j fecha: 24/09/12 a las 11:54:05

      Me tope con un gato negro y tuve que desviarme por el camino largo.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 3 de 3 PrimeroPrimero 123