• Registrarse
  • Iniciar sesión


  • Resultados 1 al 9 de 9

    Virus doble tilde insistente.

    Hola amigos, les quiero comentar que tengo la pc infectada por el virus mencionado en el titulo. Pase ya el DT-Kill, Superantyspyware y el Malwarebytes, segui la guia que hay aqui, y no hay caso. ...

    1. #1
      Usuario Avatar de Km3Lx
      Registrado
      sep 2010
      Ubicación
      Argentina
      Mensajes
      44

      Sonrisa Virus doble tilde insistente.

      Hola amigos, les quiero comentar que tengo la pc infectada por el virus mencionado en el titulo. Pase ya el DT-Kill, Superantyspyware y el Malwarebytes, segui la guia que hay aqui, y no hay caso. Espero puedan ayudarme.

    2. #2
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Virus doble tilde insistente.

      Descargá OTL By OldTimer a Tu escritorio

      Ejecutá OTL

      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo hasta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.



      Debido al accionar de las infecciones, que impide la ejecución de Todo lo relacionado a Antimalwares, vas a descargar OTL con su Extensión modificada desde cualquiera de los enlaces de abajo, para que este pueda correr.



      Nota:
      Cuando utilice estos enlaces, use Internet Explorer.

      Si utiliza Firefox, haga un clic derecho y seleccione "Guardar enlace como", de lo contrario, en algunos sistemas, cuando se intenta abrir el archivo, aparecería como una secuéncia de comandos y sólo verás muchas líneas de código en la pantalla.

      Una vez descargado OTL con su extensión cambiada, ejecútelo tal cual está explicado anteriormente.


      Nos traes el reporte de OTL.

      Saludos.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Km3Lx
      Registrado
      sep 2010
      Ubicación
      Argentina
      Mensajes
      44

      Sonrisa Re: Virus doble tilde insistente.

      Aqui esta el log:
      OTL logfile created on: 17/09/2012 14:14:07 - Run 1
      OTL by OldTimer - Version 3.2.61.5 Folder = E:\Downloads\Programs
      Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7600.16385)
      Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

      3,25 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 68,89% Memory free
      6,50 Gb Paging File | 4,84 Gb Available in Paging File | 74,49% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 74,53 Gb Total Space | 50,51 Gb Free Space | 67,77% Space Free | Partition Type: NTFS
      Drive D: | 1,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
      Drive E: | 931,51 Gb Total Space | 198,55 Gb Free Space | 21,31% Space Free | Partition Type: NTFS
      Drive F: | 2,28 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

      Computer Name: KAMIYAN-PC | User Name: Kamiyan | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - E:\Downloads\Programs\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
      PRC - C:\Archivos de programa\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
      PRC - C:\Archivos de programa\uTorrent\uTorrent.exe (BitTorrent, Inc.)
      PRC - C:\Archivos de programa\Internet Download Manager\IDMan.exe (Tonec Inc.)
      PRC - C:\Archivos de programa\Unified Remote\RemoteServer.exe (Unified Intents AB)
      PRC - C:\Windows\System32\atieclxx.exe (AMD)
      PRC - C:\Windows\System32\atiesrxx.exe (AMD)
      PRC - C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      PRC - C:\Archivos de programa\Ares\Ares.exe (Ares Development Group)
      PRC - C:\Archivos de programa\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
      PRC - C:\Archivos de programa\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Sidebar\sidebar.exe (Microsoft Corporation)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
      MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
      MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
      MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
      MOD - C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll ()
      MOD - C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll ()
      MOD - C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll ()
      MOD - C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll ()
      MOD - C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll ()
      MOD - C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll ()
      MOD - C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll ()
      MOD - C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\40f4f298c3c655b834c73b5046a9cd0b\System.ServiceModel.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\30ed505f7ea7d6139128d4a6d9981dc0\System.Runtime.Serialization.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\0a5fb7acbda333f46ef269b56b063562\System.Xml.Linq.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f3cdd09fc0acc85c7febbd2e2ef9c4e5\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\2fe09cc54a8390b20e380239db34228f\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\c12e10c218be4be353975af6abb072d9\System.Data.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\2d7c29ad77c15abfa6a8fe6d24840a91\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac2cd19f2159d48684e17cbdecfaa3b7\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\85693dfd9ba4905b0fd947fdb51446d5\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\161c6f80ad93b0505054d244f1c6243c\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4ff1f12a08d455f195ba996fe77497c6\mscorlib.ni.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
      MOD - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
      MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_es_31bf3856ad364e35\PresentationFramework.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_es_b77a5c561934e089\System.Windows.Forms.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\System.resources.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\de8525cc2e6327337e1c6917352bfe16\WindowsFormsIntegration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\1762137638019a091020b3baf52f6de3\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\39f5a71b5185d267b0f55cd4cea26d6b\PresentationFramework.Aero.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\3871fc2b96345aa6f3be81d9e3c97160\System.Web.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\68e5eeb3c6ef18ba2dc1ad70eb74aeee\PresentationFramework.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\7ce9d463a5d343fe74d6f181f9226cab\UIAutomationProvider.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b459c5815af8123e4bf30d4e05bba65\PresentationCore.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c2f9dd7db911053edcaaadf5fefc500a\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll ()


      ========== Services (SafeList) ==========

      SRV - (!SASCORE) -- C:\Archivos de programa\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
      SRV - (MozillaMaintenance) -- C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (SkypeUpdate) -- C:\Archivos de programa\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
      SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
      SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (catchme) -- C:\Users\Kamiyan\AppData\Local\Temp\catchme.sys File not found
      DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV - (IDMWFP) -- C:\Windows\System32\drivers\idmwfp.sys (Tonec Inc.)
      DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV - (AODDriver4.1) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys (Advanced Micro Devices)
      DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
      DRV - (SASDIFSV) -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (SASKUTIL) -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Almico Software)
      DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
      DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
      DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (giveio) -- C:\Windows\System32\giveio.sys ()


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ar.msn.com/?ocid=iehp
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ar
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 EF 12 32 97 8B CD 01 [binary data]
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..extensions.enabledAddons: [email protected]:7.3.25
      FF - prefs.js..extensions.enabledAddons: [email protected]:0.7.14.20120803
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kamiyan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kamiyan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kamiyan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/09 16:58:27 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Kamiyan\AppData\Roaming\IDM\idmmzcc5 [2012/08/12 03:12:39 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Kamiyan\AppData\Roaming\IDM\idmmzcc5 [2012/08/12 03:12:39 | 000,000,000 | ---D | M]

      [2012/09/05 16:03:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamiyan\AppData\Roaming\mozilla\Extensions
      [2012/09/08 02:33:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamiyan\AppData\Roaming\mozilla\Firefox\Profiles\izs4ctdm.default\extensions
      [2012/09/08 02:33:33 | 000,122,171 | ---- | M] () (No name found) -- C:\Users\Kamiyan\AppData\Roaming\mozilla\firefox\profiles\izs4ctdm.default\extensions\[email protected]
      [2012/09/05 22:27:33 | 000,066,269 | ---- | M] () (No name found) -- C:\Users\Kamiyan\AppData\Roaming\mozilla\firefox\profiles\izs4ctdm.default\extensions\[email protected]
      [2012/09/09 16:58:25 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2012/08/12 03:12:39 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\KAMIYAN\APPDATA\ROAMING\IDM\IDMMZCC5
      [2012/09/09 16:58:27 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
      [2012/08/25 01:21:43 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
      [2012/08/25 01:21:43 | 000,003,882 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
      [2012/08/25 01:21:43 | 000,001,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
      [2012/08/25 01:21:43 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
      [2012/08/25 01:21:43 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/08/25 01:21:42 | 000,001,102 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - homepage: http://start.facemoods.com/?a=ddrnw
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
      CHR - homepage: http://start.facemoods.com/?a=ddrnw
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kamiyan\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
      CHR - plugin: Google Update (Enabled) = C:\Users\Kamiyan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
      CHR - Extension: BackUP Cookies Premium = C:\Users\Kamiyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbapkdkkdiagoekedlglccfpcobfnfb\2.7_0\
      CHR - Extension: Grooveshark Lyrics = C:\Users\Kamiyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdglmbncdokgafcinbjgjhnobhmfmkma\2.4_0\
      CHR - Extension: The Dark Knight Rises Teaser = C:\Users\Kamiyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlahilebkbfmfkajjfddecjmlgbnikjk\1.1_0\
      CHR - Extension: Redirect adf.ly = C:\Users\Kamiyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfffmkcdjljajeggjoecedpnepochcfm\0.1_0\
      CHR - Extension: BugMeNot Lite = C:\Users\Kamiyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\0.3.9_0\
      CHR - Extension: MuteTab = C:\Users\Kamiyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc\2.0.0_0\

      O1 HOSTS File: ([2012/09/16 01:59:45 | 000,000,904 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
      O1 - Hosts: 127.0.0.1 license.superantispyware.com
      O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Archivos de programa\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
      O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
      O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
      O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4 - HKCU..\Run: [Facebook Update] C:\Users\Kamiyan\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
      O4 - HKCU..\Run: [Steam] E:\Program Files\Steam\Steam.exe (Valve Corporation)
      O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Archivos de programa\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
      O4 - HKCU..\Run: [Unified Remote v2] C:\Archivos de programa\Unified Remote\RemoteServer.exe (Unified Intents AB)
      O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: Descargar con IDM - C:\Archivos de programa\Internet Download Manager\IEExt.htm ()
      O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Archivos de programa\Internet Download Manager\IEGetAll.htm ()
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EABBB2E1-1446-4001-B76D-8AC0C9032497}: DhcpNameServer = 10.0.0.2
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2012/09/02 08:37:00 | 000,000,037 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
      O32 - AutoRun File - [2009/07/14 08:13:58 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ UDF ]
      O33 - MountPoints2\{db2d539e-e637-11e1-9dfe-20cf30943d74}\Shell - "" = AutoRun
      O33 - MountPoints2\{db2d539e-e637-11e1-9dfe-20cf30943d74}\Shell\AutoRun\command - "" = D:\I_am_Alive_Setup.exe -- [2012/09/02 08:37:00 | 2098,070,304 | R--- | M] (Ubisoft)
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/09/16 20:33:41 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\Desktop\TUBO
      [2012/09/16 02:01:19 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\SUPERAntiSpyware.com
      [2012/09/16 02:01:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
      [2012/09/16 02:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
      [2012/09/16 02:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
      [2012/09/16 02:00:40 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\Desktop\SUP3RAntiSpywar3.Professional.v5.5.1012
      [2012/09/15 01:30:57 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2012/09/15 01:30:10 | 000,000,000 | --SD | C] -- C:\ComboFix
      [2012/09/15 01:28:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2012/09/15 01:28:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2012/09/15 01:28:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
      [2012/09/15 01:28:18 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2012/09/15 01:28:03 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
      [2012/09/15 00:52:03 | 000,000,000 | ---D | C] -- C:\_DT-Kill
      [2012/09/14 20:24:29 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
      [2012/09/14 20:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
      [2012/09/14 20:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
      [2012/09/11 18:59:56 | 000,000,000 | ---D | C] -- C:\Windows\RazorDOX
      [2012/09/10 15:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piano Electrónico 2.5
      [2012/09/10 15:16:18 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Piano 2.5
      [2012/09/09 21:42:32 | 000,000,000 | ---D | C] -- C:\Program Files\Lame For Audacity
      [2012/09/09 16:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
      [2012/09/07 01:09:38 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\GlarySoft
      [2012/09/07 00:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
      [2012/09/07 00:45:50 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
      [2012/09/06 1627 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Local\ElevatedDiagnostics
      [2012/09/05 22:18:44 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\Macromedia
      [2012/09/05 22:18:44 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Local\Macromedia
      [2012/09/05 22:18:44 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\Adobe
      [2012/09/05 20:55:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
      [2012/09/05 16:02:33 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\Mozilla
      [2012/09/05 16:02:33 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Local\Mozilla
      [2012/09/05 16:02:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
      [2012/09/05 16:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
      [2012/09/05 16:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      [2012/09/05 16:01:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2012/09/05 15:56:49 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\Malwarebytes
      [2012/09/05 15:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/09/05 15:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/09/05 15:56:35 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2012/09/05 15:56:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2012/09/04 21:17:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun
      [2012/09/04 15:27:15 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\Audacity
      [2012/09/04 15:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
      [2012/09/03 23:27:27 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\Documents\IAmAlive
      [2012/09/02 04:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
      [2012/09/02 03:18:17 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Local\Facebook
      [2012/09/02 02:27:06 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo
      [2012/09/02 02:27:06 | 000,000,000 | ---D | C] -- C:\Program Files\MediaInfo
      [2012/08/28 00:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
      [2012/08/27 2311 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\Documents\NBGI
      [2012/08/27 23:07:33 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Local\NBGI
      [2012/08/27 00:39:31 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
      [2012/08/27 00:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
      [2012/08/27 00:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
      [2012/08/26 23:53:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
      [2012/08/26 23:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
      [2012/08/26 23:53:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
      [2012/08/26 17:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
      [2012/08/26 17:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
      [2012/08/26 16:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
      [2012/08/26 16:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
      [2012/08/26 16:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
      [2012/08/26 16:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
      [2012/08/26 16:46:26 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
      [2012/08/26 16:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
      [2012/08/26 16:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
      [2012/08/26 16:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
      [2012/08/26 16:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
      [2012/08/26 16:44:37 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Local\Microsoft Help
      [2012/08/26 16:44:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
      [2012/08/26 16:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
      [2012/08/26 16:44:25 | 000,000,000 | RH-D | C] -- C:\MSOCache
      [2012/08/25 14:09:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
      [2012/08/25 14:08:29 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
      [2012/08/25 14:08:26 | 000,000,000 | ---D | C] -- C:\Program Files\MSI Afterburner
      [2012/08/20 17:00:37 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\AppData\Roaming\mkvtoolnix
      [2012/08/20 17:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
      [2012/08/20 17:00:22 | 000,000,000 | ---D | C] -- C:\Program Files\MKVToolNix
      [2012/08/19 01:59:49 | 000,000,000 | ---D | C] -- C:\Users\Kamiyan\Desktop\Programas

      ========== Files - Modified Within 30 Days ==========

      [2012/09/17 13:46:21 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000UA.job
      [2012/09/17 13:42:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/09/17 13:12:02 | 000,016,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/09/17 13:12:02 | 000,016,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/09/17 13:04:57 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/09/17 13:04:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/09/17 13:04:42 | 2616,594,432 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/17 00:23:03 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000UA.job
      [2012/09/16 20:24:46 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 30bfc9fd-492a-4992-becb-8a395409e68b.job
      [2012/09/16 20:24:46 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 04095eba-a3dd-4a28-9c01-c2fd511e6854.job
      [2012/09/16 03:23:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000Core.job
      [2012/09/15 01:19:39 | 000,050,176 | ---- | M] () -- C:\Windows\System32\pSOrwZr.exe
      [2012/09/15 00:24:52 | 000,146,796 | ---- | M] () -- C:\Users\Kamiyan\Desktop\Sin título.png
      [2012/09/14 19:46:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000Core.job
      [2012/09/10 15:16:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2012/09/10 15:16:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2012/09/09 21:50:43 | 000,748,346 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2012/09/09 21:50:43 | 000,654,354 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/09/09 21:50:43 | 000,158,416 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2012/09/09 21:50:43 | 000,121,226 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2012/08/27 00:39:31 | 000,000,969 | ---- | M] () -- C:\Users\Kamiyan\Desktop\SpeedFan.lnk
      [2012/08/27 00:39:31 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
      [2012/08/26 2227 | 000,406,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2012/08/26 02:16:00 | 000,522,119 | ---- | M] () -- C:\Users\Kamiyan\Desktop\Dark-Knight-Rises-Wallpaper-061.jpg

      ========== Files Created - No Company Name ==========

      [2012/09/16 02:01:21 | 000,000,514 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 30bfc9fd-492a-4992-becb-8a395409e68b.job
      [2012/09/16 02:01:20 | 000,000,514 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 04095eba-a3dd-4a28-9c01-c2fd511e6854.job
      [2012/09/15 01:28:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2012/09/15 01:28:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2012/09/15 01:28:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2012/09/15 01:28:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2012/09/15 01:28:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2012/09/15 01:19:39 | 000,050,176 | ---- | C] () -- C:\Windows\System32\pSOrwZr.exe
      [2012/09/15 00:24:26 | 000,146,796 | ---- | C] () -- C:\Users\Kamiyan\Desktop\Sin título.png
      [2012/09/10 15:16:19 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
      [2012/09/10 15:16:19 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
      [2012/09/07 00:45:52 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/09/05 20:55:52 | 000,000,838 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/09/05 16:02:22 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2012/09/04 15:27:13 | 000,000,981 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
      [2012/09/02 03:18:18 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000UA.job
      [2012/09/02 03:18:18 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000Core.job
      [2012/08/27 00:39:31 | 000,000,969 | ---- | C] () -- C:\Users\Kamiyan\Desktop\SpeedFan.lnk
      [2012/08/27 00:39:25 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
      [2012/08/26 23:53:48 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
      [2012/08/26 02:16:03 | 000,522,119 | ---- | C] () -- C:\Users\Kamiyan\Desktop\Dark-Knight-Rises-Wallpaper-061.jpg
      [2012/08/14 15:07:40 | 000,230,912 | ---- | C] () -- C:\Windows\System32\Zipit.dll
      [2012/08/14 15:07:40 | 000,099,840 | ---- | C] ( ) -- C:\Windows\System32\Zipdll.dll
      [2012/08/14 15:07:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\Unzdll.dll
      [2012/08/13 23:50:01 | 000,001,790 | ---- | C] () -- C:\Users\Kamiyan\AppData\Roaming\System Monitor II_CPU0_Settings.ini
      [2012/08/09 19:33:36 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
      [2012/08/09 19:29:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
      [2012/08/09 18:55:21 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
      [2012/08/09 18:55:18 | 000,033,707 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
      [2012/07/23 09:31:38 | 004,428,800 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
      [2012/07/02 20:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
      [2012/06/11 13:50:42 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
      [2012/06/11 13:41:48 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
      [2012/06/11 13:41:48 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
      [2012/06/09 19:21:56 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
      [2012/05/21 18:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\System32\mlc.dll
      [2012/05/10 16:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
      [2012/04/12 16:30:10 | 000,637,743 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
      [2011/12/07 23:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
      [2011/09/19 10:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
      [2011/09/12 19:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
      [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

      ========== LOP Check ==========

      [2012/09/12 00:43:06 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\Audacity
      [2012/08/27 18:05:20 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\BSplayer
      [2012/08/09 20:00:47 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\BSplayer Pro
      [2012/09/05 16:05:53 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\DAEMON Tools Lite
      [2012/09/17 00:49:23 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\DMCache
      [2012/09/07 01:09:38 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\GlarySoft
      [2012/09/15 01:26:35 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\IDM
      [2012/08/20 17:00:37 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\mkvtoolnix
      [2012/08/12 17:21:43 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\Unified Remote
      [2012/09/17 14:17:29 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\uTorrent
      [2012/08/09 19:59:56 | 000,000,000 | ---D | M] -- C:\Users\Kamiyan\AppData\Roaming\Win7codecs
      [2012/09/16 03:23:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000Core.job
      [2012/09/17 00:23:03 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000UA.job
      [2012/09/17 13:04:57 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
      [2009/07/14 01:53:46 | 000,025,100 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
      [2012/09/16 20:24:46 | 000,000,514 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 04095eba-a3dd-4a28-9c01-c2fd511e6854.job
      [2012/09/16 20:24:46 | 000,000,514 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 30bfc9fd-492a-4992-becb-8a395409e68b.job

      ========== Purity Check ==========



      < End of report >
      Muchas gracias por la ayuda.

    4. #4
      Usuario Avatar de Km3Lx
      Registrado
      sep 2010
      Ubicación
      Argentina
      Mensajes
      44

      Re: Virus doble tilde insistente.

      Alguien puede hecharme una mano ? necesito solucionarlo pronto. Muchas gracias Disculpen el doble post y si parezco apurado,.

    5. #5
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Virus doble tilde insistente.

      Buenas


      Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.



      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.Comentando como esta funcionado tu sistema.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de Km3Lx
      Registrado
      sep 2010
      Ubicación
      Argentina
      Mensajes
      44

      Sonrisa Re: Virus doble tilde insistente.

      Aqui esta el log del Combofix
      ComboFix 12-09-20.02 - Kamiyan 20/09/2012 20:44:31.2.2 - x86
      Microsoft Windows 7 Ultimate 6.1.7600.0.1252.54.3082.18.3327.2383 [GMT -3:00]
      Running from: e:\downloads\Programs\ComboFix_2.exe
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\windows\RazorDOX
      c:\windows\RazorDOX\RazorDOX.dll
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-20 to 2012-09-20 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-20 23:49 . 2012-09-20 23:49 -------- d-----w- c:\users\Kamiyan\AppData\Local\temp
      2012-09-20 23:49 . 2012-09-20 23:49 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-09-19 01:13 . 2012-09-19 01:13 50176 ----a-w- c:\windows\system32\DPetHQe.exe
      2012-09-16 05:01 . 2012-09-16 05:01 -------- d-----w- c:\users\Kamiyan\AppData\Roaming\SUPERAntiSpyware.com
      2012-09-16 05:01 . 2012-09-16 23:24 -------- d-----w- c:\program files\SUPERAntiSpyware
      2012-09-16 05:01 . 2012-09-16 05:01 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
      2012-09-15 03:52 . 2012-09-15 03:52 -------- d-----w- C:\_DT-Kill
      2012-09-14 23:24 . 2012-09-14 23:24 -------- d-----w- c:\program files\AviSynth 2.5
      2012-09-10 18:16 . 2012-09-10 18:16 -------- d-----w- c:\program files\Electronic Piano 2.5
      2012-09-10 00:42 . 2012-09-10 00:42 -------- d-----w- c:\program files\Lame For Audacity
      2012-09-07 04:09 . 2012-09-07 04:09 -------- d-----w- c:\users\Kamiyan\AppData\Roaming\GlarySoft
      2012-09-07 03:45 . 2012-09-07 03:45 -------- d-----w- c:\program files\Glary Utilities
      2012-09-06 19:10 . 2012-09-14 23:06 -------- d-----w- c:\users\Kamiyan\AppData\Local\ElevatedDiagnostics
      2012-09-06 01:18 . 2012-09-06 01:18 -------- d-----w- c:\users\Kamiyan\AppData\Local\Macromedia
      2012-09-05 23:55 . 2012-09-05 23:55 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-09-05 23:55 . 2012-09-05 23:55 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2012-09-05 23:55 . 2012-09-05 23:55 -------- d-----w- c:\windows\system32\Macromed
      2012-09-05 19:02 . 2012-09-05 19:02 -------- d-----w- c:\users\Kamiyan\AppData\Local\Mozilla
      2012-09-05 19:02 . 2012-09-10 16:51 -------- d-----w- c:\program files\Mozilla Maintenance Service
      2012-09-05 19:01 . 2012-09-05 19:01 -------- d-----w- c:\program files\CCleaner
      2012-09-05 18:56 . 2012-09-05 18:56 -------- d-----w- c:\users\Kamiyan\AppData\Roaming\Malwarebytes
      2012-09-05 18:56 . 2012-09-05 18:56 -------- d-----w- c:\programdata\Malwarebytes
      2012-09-05 18:56 . 2012-09-15 03:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2012-09-05 18:56 . 2012-09-07 20:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-09-05 00:17 . 2012-09-05 00:17 -------- d-----w- c:\windows\Sun
      2012-09-04 18:27 . 2012-09-12 03:43 -------- d-----w- c:\users\Kamiyan\AppData\Roaming\Audacity
      2012-09-04 18:27 . 2012-09-04 18:27 -------- d-----w- c:\program files\Audacity
      2012-09-02 07:33 . 2012-09-02 07:33 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
      2012-09-02 06:18 . 2012-09-02 06:18 -------- d-----w- c:\users\Kamiyan\AppData\Local\Facebook
      2012-09-02 05:27 . 2012-09-02 05:27 -------- d-----w- c:\program files\MediaInfo
      2012-08-28 03:45 . 2012-08-28 03:45 -------- d-----w- c:\program files\NVIDIA Corporation
      2012-08-28 02:07 . 2012-08-28 02:07 -------- d-----w- c:\users\Kamiyan\AppData\Local\NBGI
      2012-08-27 03:39 . 2012-09-20 19:57 -------- d-----w- c:\program files\SpeedFan
      2012-08-27 02:53 . 2012-08-27 02:53 -------- d-----w- c:\windows\system32\xlive
      2012-08-27 02:53 . 2012-08-27 02:53 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
      2012-08-26 20:34 . 2012-08-26 20:34 -------- d-----w- c:\program files\Microsoft Silverlight
      2012-08-26 19:46 . 2012-08-26 19:46 -------- d-----w- c:\program files\Microsoft Synchronization Services
      2012-08-26 19:46 . 2012-08-26 19:46 -------- d-----w- c:\windows\PCHEALTH
      2012-08-26 19:46 . 2012-08-26 19:46 -------- d-----w- c:\program files\Microsoft Sync Framework
      2012-08-26 19:46 . 2012-08-26 19:46 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
      2012-08-26 19:45 . 2012-08-26 19:45 -------- d-----w- c:\program files\Microsoft Visual Studio 8
      2012-08-26 19:45 . 2012-08-26 19:45 -------- d-----w- c:\program files\Microsoft Analysis Services
      2012-08-26 19:44 . 2012-08-26 19:44 -------- d-----w- c:\users\Kamiyan\AppData\Local\Microsoft Help
      2012-08-26 19:44 . 2012-08-26 19:49 -------- d-----w- c:\programdata\Microsoft Help
      2012-08-26 19:44 . 2012-08-26 19:44 -------- d-----r- C:\MSOCache
      2012-08-25 17:08 . 2012-08-25 17:09 -------- d-----w- c:\program files\MSI Afterburner
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-08-14 18:57 . 2012-08-14 18:57 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
      2012-08-02 00:23 . 2012-08-03 09:30 97632 ----a-w- c:\windows\system32\drivers\idmwfp.sys
      2012-07-26 02:09 . 2012-07-26 02:09 1345536 ----a-w- c:\windows\system32\VSFilter.dll
      2012-07-23 12:31 . 2012-07-23 12:31 4428800 ----a-w- c:\windows\system32\x264vfw.dll
      2012-07-21 15:54 . 2012-07-21 15:54 122880 ----a-w- c:\windows\system32\ac3acm.acm
      2012-07-21 15:53 . 2012-07-21 15:53 294912 ----a-w- c:\windows\system32\AACACM.acm
      2012-07-16 05:41 . 2012-08-09 22:47 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E79BA362-58A2-40F2-AE0F-D342A0159BFE}\mpengine.dll
      2012-07-06 15:12 . 2012-08-13 02:34 81768 ----a-w- c:\windows\system32\xinput1_3.dll
      2012-07-06 15:12 . 2012-08-13 02:34 81768 ----a-w- c:\windows\system\xinput1_3.dll
      2012-07-06 01:06 . 2012-08-12 21:42 772544 ----a-w- c:\windows\system32\npDeployJava1.dll
      2012-07-06 01:06 . 2012-08-12 21:42 687544 ----a-w- c:\windows\system32\deployJava1.dll
      2012-07-02 23:28 . 2012-07-02 23:28 112640 ----a-w- c:\windows\system32\ff_vfw.dll
      2012-09-09 19:58 . 2012-09-09 19:58 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
      @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
      [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
      2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ares"="c:\program files\Ares\Ares.exe" [2012-02-02 3209216]
      "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2012-08-12 3519936]
      "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
      "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-08-12 896400]
      "Unified Remote v2"="c:\program files\Unified Remote\RemoteServer.exe" [2012-07-08 280160]
      "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
      "Steam"="e:\program files\Steam\Steam.exe" [2012-08-14 1353080]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
      "Facebook Update"="c:\users\Kamiyan\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-09-02 138096]
      "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-09-16 4780928]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
      "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-05-20 8555040]
      "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableLUA"= 0 (0x0)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
      2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
      start AMD Accelerated Video Transcoding device initialization [X]
      .
      R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
      R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
      R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
      R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
      R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
      S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
      S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
      S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
      S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x]
      S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
      S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
      S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
      S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-05 23:55]
      .
      2012-09-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000Core.job
      - c:\users\Kamiyan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-02 06:18]
      .
      2012-09-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000UA.job
      - c:\users\Kamiyan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-02 06:18]
      .
      2012-09-20 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files\Glary Utilities\initialize.exe [2012-09-07 11:46]
      .
      2012-09-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000Core.job
      - c:\users\Kamiyan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-09 22:35]
      .
      2012-09-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3630778225-2131922901-1388521640-1000UA.job
      - c:\users\Kamiyan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-09 22:35]
      .
      .
      ------- Supplementary Scan -------
      .
      IE: &Enviar a OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
      IE: Descargar con IDM - c:\program files\Internet Download Manager\IEExt.htm
      IE: Descargar con IDM todos los enlaces - c:\program files\Internet Download Manager\IEGetAll.htm
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
      TCP: DhcpNameServer = 10.0.0.2
      FF - ProfilePath - c:\users\Kamiyan\AppData\Roaming\Mozilla\Firefox\Profiles\izs4ctdm.default\
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
      @="?????????????????? v1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
      @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
      @="?????????????????? v2"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
      @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-09-20 20:51:15
      ComboFix-quarantined-files.txt 2012-09-20 23:51
      .
      Pre-Run: 53.260.840.960 bytes libres
      Post-Run: 53.035.253.760 bytes libres
      .
      - - End Of File - - 8BB0C2ACC8BCB5BAAB024EE6522430B7
      [/CODE]

    7. #7
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Virus doble tilde insistente.

      Buenas

      Como funciona todo?
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de Km3Lx
      Registrado
      sep 2010
      Ubicación
      Argentina
      Mensajes
      44

      Re: Virus doble tilde insistente.

      Todo continua igual, la carga de paginas es lenta y la doble tilde persiste.. Gracias por tu colaboracion :D espero podamos solucionarlo.

    9. #9
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Virus doble tilde insistente.

      Buenas.


      Descarga UsbFix By Chiquitine29.

      *Nota* Para ejecutar UsbFix.exe, siga estos pasos:

      • Conecte todos sus dispositivos extraibles, Pendrive\Micro SD, etc.
      • Haga doble Click sobre USBFix
      • Seguido teclee la opción Supresión
      • El proceso de desinfección se iniciará, el ordenador se reiniciará si es necesario.
      • Cuando Windows inicie, USBFix, arrancará en automático, para complementar el proceso de desinfección y vacunación.
      • USBFix, genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt

      Nota: UsbFix creará una carpeta oculta llamada "$RECYCLE.BIN" "autorun.inf" en cada partición y cada unidad USB que se encuentre conectado al momento de ejecutar este. No elimine esta carpeta ... eso le ayudará a proteger sus dispositivos USB de futuras infecciones.

      Cuando el equipo haya sido desinfectado y se encuentre funcionando en optimas condiciones: Ejecute USBFix y utilice la opción Desinstalar, Para desinstalar el programa y sus carpetas.

      Nos cuentas y nos pegas el reporte-

      Saludos
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.