• Registrarse
  • Iniciar sesión


  • Resultados 1 al 10 de 10

    Avast detecta: trkjmp.com URL:Mal

    Hola necesito ayuda Llevo toda la tarde con mensajes de mi antivirus tipo este: [IMG]http://i47.*******.com/2wcgz6h.png[/IMG] El "objeto" va variando solo se mantiene el inicio de la URL i.trkjmp.com. He pasado el CCleaner, el Malwarebytes Anti-Malware ...

    1. #1
      Usuario Avatar de Trottileta
      Registrado
      feb 2011
      Ubicación
      Barna
      Mensajes
      47

      Malware Avast detecta: trkjmp.com URL:Mal

      Hola necesito ayuda
      Llevo toda la tarde con mensajes de mi antivirus tipo este:
      [IMG]http://i47.*******.com/2wcgz6h.png[/IMG]

      El "objeto" va variando solo se mantiene el inicio de la URL i.trkjmp.com.
      He pasado el CCleaner, el Malwarebytes Anti-Malware y el adwcleaner pero sigue igual, sobretodo me pasa cuando estoy en internet con el navegador Google Chrome con el resto no me fijado si pasa o no.

      ¿Que he de hacer ahora para eliminarlo completamente sea lo que sea?

      Muchas gracias por la atención!

      ----------------------------------------------------------------------------------
      Informe Malwarebytes:
      Malwarebytes Anti-Malware 1.65.0.1400
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.09.17.08

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Celsa :: TANIA-PC [administrador]

      17/09/2012 22:17:28
      mbam-log-2012-09-17 (22-17-28).txt

      Tipos de Análisis: Análisis Rápido
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 263236
      Tiempo transcurrido: 4 minuto(s), 53 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)

      --------------------------------------------------------------------------------------

    2. #2
      Usuario Avatar de Trottileta
      Registrado
      feb 2011
      Ubicación
      Barna
      Mensajes
      47

      Re: Avast detecta: trkjmp.com URL:Mal

      Buenas Camus83,
      no estoy segura que sea un problema de avast, no tendría sentido que solo pasara con Chrome y no con el resto... No se que puede ser pero debe haber alguna manera de eliminarlo.

      Aun así... gracias por comentar ^^

      Seguiré esperando a que alguien de con una solución

    3. #3
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Avast detecta: trkjmp.com URL:Mal

      Hola Trottileta:


      Moví los otros comentarios a sus temas propios, pues mirando por los foros de Avast hay muchos casos y parece no ser un Falso Positivo al menos hasta ahora:

      http://forum.avast.com/index.php?topic=105794.0


      It is not a false positive, a new Chrome/Firefox malware add on has just started doing the rounds..
      No es un falso positivo, un nuevo malware de Chrome/Firefox add en acaba de empezar haciendo las rondas...

      Realiza lo siguiente:


      Realiza lo siguiente:


      Paso 1.-




      Paso 2.- Descarga instala y/o actualiza pero no ejecutes aún:




      Paso 3.- Ejecutas en Modo Normal :

      AT-Destroyer
      • La ejecuta como Administrador.
        Nota: Si usa Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador."
      • Aparecerá el Disclaimer de la herramienta. Presione Sí.
      • Presione la opción 1 (Buscar y Destruir)
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya detectado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrá volver a ver el escritorio y se le abrirá un reporte, que deberá copiar en su próxima respuesta comentando cómo funciona el sistema.
      • Si algún programa no inicia, reiniciar la PC.


      Malwarebytes' Anti-Malware;

      • Realizas un Scan Completo.
      • Marcar la opción "Quitar lo Seleccionado".
      • Su Reporte se encuentra en la Pestaña Registro.


      Paso 3.- Ejecutas Ccleaner.

      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
      • Despues usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).



      Paso 4.-:


      Descarga OTL By OldTimer


      >>> Para Ejecutar OTL

      • Cerrar todos programas que tenga abiertos y hacer doble clic en el ícono de OTL.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando aparezca el menú, solo debe cambiar debajo de: "Tipo de Análisis" seleccionando Resultado Mínimo.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Cita.
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambiar el resto de la configuración a menos que se lo solicitemos.




      • Presionar el botón >>
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en su próxima respuesta.









      En tu próximo post pegas los reportes.

      Nos olvides comentar como sigue el equipo.


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #4
      Usuario Avatar de sfb26
      Registrado
      sep 2012
      Ubicación
      c/sanjose de calasanz sin n
      Mensajes
      1

      Re: Avast detecta: trkjmp.com URL:Mal

      Cita Originalmente publicado por Trottileta Ver Mensaje
      Buenas Camus83,
      no estoy segura que sea un problema de avast, no tendría sentido que solo pasara con Chrome y no con el resto... No se que puede ser pero debe haber alguna manera de eliminarlo.

      Aun así... gracias por comentar ^^

      Seguiré esperando a que alguien de con una solución
      aver a mi me pasaba lo mismo me volvi loco y si a mi por ejemplo con el navegador firefox no me pasaba, desintale google chrome y lo volvi a instalar y listo a mi me fue bien asi tampoco soy un experto pero yo tambien le pase mi antivirus y montones de programas de malware y nada hize solo esto y listo

    5. #5
      Usuario Avatar de Trottileta
      Registrado
      feb 2011
      Ubicación
      Barna
      Mensajes
      47

      Re: Avast detecta: trkjmp.com URL:Mal

      Aquí van los reportes:

      AT Destroyer:
      -----------

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis 21/09/2012
      Hora iniciada en el analisis 20:09:55,83
      Usuario Actual : [C:\Users\Celsa]
      Sistema Operativo: Windows 7 Home Premium
      Arquitectura: Sistema operativo de 32 bits
      Versión Internet Explorer: 9.0.8112.16421
      Modo Actual: Modo Normal.
      Privilegios: [Celsa-Administrador]
      Versión Google Chrome: 21.0.1180.89
      Versión Mozilla Firefox: 11.0

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======


      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2EF17083-57D4-4D64-AE4F-55F32A2C4571}
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2EF17083-57D4-4D64-AE4F-55F32A2C4571}
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\tutoriales100_RASAPI32
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\tutoriales100_RASAPI32
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\tutoriales100_RASMANCS
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\tutoriales100_RASMANCS
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\UpdateTutoriales100_RASAPI32
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\UpdateTutoriales100_RASAPI32


      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\codec-info\codec_info.html
      "C:\codec-info"
      C:\ProgramData\CodecC\background.html
      C:\ProgramData\CodecC\content.js
      C:\ProgramData\CodecC\ppjemjejnnojomfekgbpbbnecicblllf.crx
      C:\ProgramData\CodecC\settings.ini
      "C:\ProgramData\CodecC"
      C:\Users\Celsa\Appdata\Local\GDIPFONTCACHEV1.DAT


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\system32\blank.htm

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\SysWOW64\blank.htm
      Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL == http://go.microsoft.com/fwlink/?LinkId=69157


      "HKEY_USERS\S-1-5-21-1637445229-889022500-1864624756-1004\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\system32\blank.htm


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,
      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("browser.startup.homepage", "http://google.com");


      -_-_-_-_-_-_-_-_ Configuraciones de Opera-_-_-_-_-_-_-_-_
      URL Fav Menu Dialog=650,19,201,92,0


      ======= EOF =======
      ----------------------------------------------------------------------------------------------



      Malwarebytes:

      ---------------------------------------------------------------------------------------
      Malwarebytes Anti-Malware 1.65.0.1400
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.09.17.08

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Celsa :: TANIA-PC [administrador]

      21/09/2012 20:59:59
      mbam-log-2012-09-21 (20-59-59).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 689136
      Tiempo transcurrido: 2 hora(s), 5 minuto(s), 24 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)

      ------------------------------------------


      OTL:

      OTL Extras logfile created on: 21/09/2012 23:26:04 - Run 1
      OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\Celsa\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      4,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 37,89% Memory free
      8,00 Gb Paging File | 5,57 Gb Available in Paging File | 69,66% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 465,66 Gb Total Space | 197,45 Gb Free Space | 42,40% Space Free | Partition Type: NTFS
      Drive D: | 621,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
      Unable to calculate disk information.

      Computer Name: TANIA-PC | User Name: Celsa | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Extra Registry (SafeList) ==========


      ========== File Associations ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
      .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
      .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

      ========== Shell Spawning ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
      https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
      InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
      Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
      Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
      Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
      Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
      Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [explore] -- Reg Error: Value error.

      -----------------------------------------------------
      OTL logfile created on: 21/09/2012 23:26:04 - Run 1
      OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\Celsa\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      4,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 37,89% Memory free
      8,00 Gb Paging File | 5,57 Gb Available in Paging File | 69,66% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 465,66 Gb Total Space | 197,45 Gb Free Space | 42,40% Space Free | Partition Type: NTFS
      Drive D: | 621,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
      Unable to calculate disk information.

      Computer Name: TANIA-PC | User Name: Celsa | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - File not found
      PRC - C:\Users\Celsa\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Users\Tania\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
      PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
      PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
      PRC - C:\Users\Celsa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
      PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
      PRC - C:\Program Files (x86)\Soda PDF\ConversionService.exe (LULU Software)
      PRC - C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Panda Security)
      PRC - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (ASUSTeK Computer Inc.)
      PRC - C:\Program Files (x86)\Winamp\winampa.exe ()
      PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)


      ========== Modules (No Company Name) ==========

      MOD - C:\Users\Celsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\2.3.15.10_0\sqlite3.dll ()
      MOD - C:\Users\Celsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\2.3.15.10_0\ch20UPD.dll ()
      MOD - C:\Users\Celsa\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll ()
      MOD - C:\Users\Celsa\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll ()
      MOD - C:\Users\Celsa\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll ()
      MOD - C:\Users\Celsa\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll ()
      MOD - C:\Users\Celsa\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll ()
      MOD - C:\Users\Tania\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
      MOD - C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll ()
      MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll ()
      MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll ()
      MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll ()
      MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll ()
      MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll ()
      MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll ()
      MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll ()
      MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll ()
      MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll ()
      -----------------------------------------------------------


      Han dejado de salir las advertencias, parece que todo a vuelto a la normalidad ¿puede ser?

      Muchas gracias SanMar

    6. #6
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Avast detecta: trkjmp.com URL:Mal

      Hola:


      Si puede ser pero aun puede haber restos.


      El reporte de OTL esta incompleto vuelve a pegarlo en tu próxima respuesta.




      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de Trottileta
      Registrado
      feb 2011
      Ubicación
      Barna
      Mensajes
      47

      Re: Avast detecta: trkjmp.com URL:Mal

      OTL:




      OTL logfile created on: 25/09/2012 10:23:23 - Run 3
      OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\Celsa\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      4,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 47,24% Memory free
      8,00 Gb Paging File | 5,53 Gb Available in Paging File | 69,17% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 465,66 Gb Total Space | 198,86 Gb Free Space | 42,71% Space Free | Partition Type: NTFS

      Computer Name: TANIA-PC | User Name: Tania | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - File not found
      PRC - C:\Users\Celsa\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Users\Tania\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
      PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
      PRC - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
      PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
      PRC - C:\Users\Tania\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
      PRC - C:\Program Files (x86)\Soda PDF\ConversionService.exe (LULU Software)
      PRC - C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Panda Security)
      PRC - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (ASUSTeK Computer Inc.)
      PRC - C:\Program Files (x86)\Winamp\winampa.exe ()
      PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)


      ========== Modules (No Company Name) ==========

      MOD - C:\Users\Tania\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Spelling.ESP ()
      MOD - C:\Users\Tania\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.ESP ()
      MOD - C:\Users\Tania\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.ESP ()
      MOD - C:\Users\Tania\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.ESP ()
      MOD - C:\Users\Tania\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.ESP ()
      MOD - C:\Users\Tania\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.ESP ()
      MOD - C:\Users\Tania\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.ESP ()
      MOD - C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll ()
      MOD - C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll ()
      MOD - C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll ()
      MOD - C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll ()
      MOD - C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll ()
      MOD - C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll ()
      MOD - C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll ()
      MOD - C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll ()
      MOD - C:\Users\Tania\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.esp ()
      MOD - C:\Users\Tania\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll ()
      MOD - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll ()
      MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
      MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Program Files (x86)\Winamp\winampa.exe ()
      MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll ()
      MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll ()
      MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
      MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
      MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
      MOD - C:\Windows\SysWOW64\AsIO.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe /service File not found
      SRV:64bit: - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe /service File not found
      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (Crypkey License) -- C:\Windows\SysNative\Crypserv.exe (CrypKey (Canada) Ltd.)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
      SRV - (Soda PDF Helper Service) -- C:\Program Files (x86)\Soda PDF\HelperService.exe (LULU Software)
      SRV - (Soda PDF Service) -- C:\Program Files (x86)\Soda PDF\ConversionService.exe (LULU Software)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (BDVEDISK) -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys File not found
      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
      DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
      DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
      DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
      DRV:64bit: - (rt61x64) -- C:\Windows\SysNative\drivers\netr6164.sys (Ralink Technology, Corp.)
      DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
      DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
      DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
      DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
      DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (RT61) -- C:\Windows\SysNative\drivers\rt61.sys (Ralink Technology, Corp.)
      DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
      DRV:64bit: - (NetworkX) -- C:\Windows\SysNative\Ckldrv.sys ()
      DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=112555&tt=bandext_3312_4&babsrc=HP_ss&mntrId=c645f1070000000000000022b0644f79
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112555&tt=bandext_3312_4&babsrc=HP_ss&mntrId=c645f1070000000000000022b0644f79
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?ocid=iehp
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 B5 1D 08 C2 97 CC 01 [binary data]
      IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=bandext_3312_4&babsrc=SP_ss&mntrId=c645f1070000000000000022b0644f79
      IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=chr-panda&q={searchTerms}&ei=UTF-8&type=PCAFSI1138
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
      FF - prefs.js..network.proxy.autoconfig_url: "http://www.bib.ub.edu/pac/proxy.pac"
      FF - prefs.js..network.proxy.http: "http://www.bib.ub.edu/pac/proxy.pac"
      FF - prefs.js..network.proxy.type: 0
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tania\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tania\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/07/06 12:00:33 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/27 10:01:51 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/03 13:24:00 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/20 21:43:13 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/16 07:27:23 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension

      [2012/01/05 12:18:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tania\AppData\Roaming\mozilla\Extensions
      [2012/01/05 12:18:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tania\AppData\Roaming\mozilla\Extensions\[email protected]
      [2012/09/17 22:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tania\AppData\Roaming\mozilla\Firefox\Profiles\k9gx6h8r.default\extensions
      [2012/01/07 1140 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      File not found (No name found) -- C:\USERS\TANIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K9GX6H8R.DEFAULT\EXTENSIONS\[email protected]
      [2012/03/27 21:48:44 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/03/01 08:15:45 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/03/01 08:15:45 | 000,003,996 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/03/01 08:15:45 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2012/03/01 08:15:45 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/03/01 08:15:45 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/03/01 08:15:45 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tania\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
      CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Tania\AppData\Local\Google\Chrome\User Data\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
      CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
      CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
      CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
      CHR - plugin: RocketLife Secure Plug-In Layer (Enabled) = C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
      CHR - plugin: Google Update (Enabled) = C:\Users\Tania\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
      CHR - Extension: avast! WebRep = C:\Users\Tania\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
      CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Users\Tania\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

      O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Soda PDF Helper) - {5CFCAFF6-5BB0-4864-B626-021C99ED82E5} - C:\Program Files (x86)\Soda PDF\PDFIEHelper.dll (LULU Software)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (Soda PDF Toolbar) - {980EB9EC-6EB5-4258-BDDB-EFE25C5F99EF} - C:\Program Files (x86)\Soda PDF\PDFIEPlugin.dll (LULU Software)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
      O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
      O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
      O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
      O4 - HKCU..\Run: [HP Photosmart 6510 series (NET)] C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
      O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
      O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
      O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Tania\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
      O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
      O4 - Startup: C:\Users\Tania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tania\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
      O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C48F2A82-90AD-406A-ACAC-A60C9DC4F0DF}: DhcpNameServer = 192.168.1.1
      O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/09/25 08:04:31 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{3A4E13BA-A470-4222-9B39-CCC6964342BC}
      [2012/09/24 20:00:46 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{98D61BC5-F533-46A3-A5DC-BD9516B3B0A7}
      [2012/09/23 18:44:33 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{394CEF05-3A4F-4058-A5E5-CEB206A65B4B}
      [2012/09/22 13:52:27 | 000,000,000 | ---D | C] -- C:\Users\Tania\Desktop\mariona
      [2012/09/22 11:36:51 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{284EFDBB-9304-4855-B375-9C8F26700F3B}
      [2012/09/22 11:30:41 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{519EE5A8-7053-4BEA-881B-83B49009E384}
      [2012/09/21 20:09:14 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/09/21 13:55:54 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{C0B577DB-7CD1-490C-8014-3278C0E9128A}
      [2012/09/20 07:58:57 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{B896BB12-1D58-46B3-BEB0-4DBA05E5D0E6}
      [2012/09/19 19:58:32 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{92907F93-E3F3-435F-8811-C5BBC310C5AB}
      [2012/09/19 07:54:53 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{78A15283-004F-4450-A662-1AAA5B6E26C6}
      [2012/09/18 19:05:02 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{25B8526A-FA97-441C-BE98-4155C7C00973}
      [2012/09/17 21:46:08 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{C20E31D7-A813-4124-903A-02A73417CDDA}
      [2012/09/17 07:52:17 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{29AD6D4F-5131-4BCC-B39A-444F1C9576B6}
      [2012/09/16 10:50:36 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{F91A2433-F11D-4034-8E4C-8EF7BF527533}
      [2012/09/15 11:29:40 | 000,000,000 | ---D | C] -- C:\Users\Tania\Desktop\Galicia Myheritage 2012
      [2012/09/15 10:15:13 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{928531DE-3AE6-46FC-AC88-B2EE14A52385}
      [2012/09/14 13:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
      [2012/09/14 13:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
      [2012/09/14 13:45:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
      [2012/09/14 13:45:50 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
      [2012/09/14 12:54:37 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{E3767742-4973-423F-97DD-C18937408E2C}
      [2012/09/13 22:30:29 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{FA6CFA32-68C7-40C3-9A2B-DAEE91CAAC36}
      [2012/09/13 09:19:42 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{ACBCA454-BD35-4015-BC40-399FC8662B45}
      [2012/09/12 2030 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{22A2F162-FC41-4746-8413-E0BE83E01193}
      [2012/09/12 0805 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{0A36BA9E-4714-4637-8577-D05A7A9159DA}
      [2012/09/11 13:07:20 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{5A9575A4-604D-4FBC-8E34-B98CDC3654E6}
      [2012/09/06 1224 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{39D4A6A1-22C0-4B36-9A31-2EC5141BA229}
      [2012/09/05 13:43:26 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{01A2C114-55C1-428C-A1BB-A89FB4287E72}
      [2012/09/05 11:30:47 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{BDB299CC-F6CB-41A4-AA9C-1F845BCC89D6}
      [2012/09/04 18:14:17 | 000,000,000 | ---D | C] -- C:\Users\Tania\Documents\HP Photosmart Projects
      [2012/09/04 08:22:54 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{EF57CD53-A7CF-4648-B737-F71554211EC6}
      [2012/09/03 15:33:25 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{01BE2D48-C38C-4171-BBC1-5848D2861410}
      [2012/09/03 13:21:29 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{2038C0B9-9F1E-47CB-B285-6719F5B1A34D}
      [2012/09/02 23:06:37 | 000,000,000 | ---D | C] -- C:\Users\Tania\AppData\Local\{08B10B11-8681-4F9D-8B2B-8DAA3ADEC59D}

      ========== Files - Modified Within 30 Days ==========

      [2012/09/25 10:06:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1637445229-889022500-1864624756-1000UA.job
      [2012/09/25 10:01:00 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
      [2012/09/25 09:54:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/09/25 09:42:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1637445229-889022500-1864624756-1005UA.job
      [2012/09/25 09:37:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1637445229-889022500-1864624756-1004UA.job
      [2012/09/25 0822 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/09/25 0822 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/09/25 08:03:19 | 000,001,966 | ---- | M] () -- C:\Users\Tania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Photosmart 6510 series (Red).lnk
      [2012/09/25 08:02:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/09/25 08:02:32 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/24 20:17:47 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1637445229-889022500-1864624756-1000Core.job
      [2012/09/24 00:00:00 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\NeroLiveEpgUpdate-Tania-PC_Tania.job
      [2012/09/23 23:37:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1637445229-889022500-1864624756-1004Core.job
      [2012/09/22 19:36:17 | 001,555,882 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/09/22 19:36:17 | 000,703,824 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/09/22 19:36:17 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/09/22 19:36:17 | 000,137,822 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/09/22 19:36:17 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/09/22 16:27:38 | 000,001,468 | ---- | M] () -- C:\Users\Tania\.recently-used.xbel
      [2012/09/21 23:23:35 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
      [2012/09/16 11:33:57 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
      [2012/09/15 10:42:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1637445229-889022500-1864624756-1005Core.job
      [2012/09/14 13:46:42 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
      [2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2012/09/03 13:25:37 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

      ========== Files Created - No Company Name ==========

      [2012/09/22 16:27:38 | 000,001,468 | ---- | C] () -- C:\Users\Tania\.recently-used.xbel
      [2012/09/21 20:09:14 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/09/21 20:09:14 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/09/21 20:09:14 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/09/14 13:46:42 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
      [2012/08/17 11:59:55 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
      [2012/08/14 16:59:06 | 000,000,061 | ---- | C] () -- C:\Users\Tania\.gtk-bookmarks
      [2012/07/30 14:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
      [2012/07/30 14:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
      [2012/07/30 14:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
      [2012/07/30 14:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
      [2012/07/30 14:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
      [2012/07/18 12:11:43 | 008,539,426 | ---- | C] () -- C:\Users\Tania\Music.mp3
      [2012/07/08 22:35:35 | 000,000,040 | ---- | C] () -- C:\Users\Tania\AppData\Roaming\cdr.ini
      [2012/02/15 09:34:32 | 000,000,000 | ---- | C] () -- C:\Users\Tania\AppData\Roaming\downloads.m3u
      [2011/12/08 15:14:36 | 000,005,632 | ---- | C] () -- C:\Users\Tania\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2011/11/18 12:08:23 | 000,000,004 | ---- | C] () -- C:\Windows\vx86036.dat
      [2011/11/18 12:04:54 | 000,000,068 | ---- | C] () -- C:\Windows\spwdr.INI
      [2011/11/18 12:04:41 | 000,000,077 | ---- | C] () -- C:\Windows\Crypkey.ini
      [2011/11/18 12:04:38 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe
      [2011/11/18 12:04:38 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
      [2011/11/18 12:04:38 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe
      [2011/10/06 10:39:11 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
      [2011/10/06 10:39:10 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
      [2011/10/06 10:39:07 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
      [2011/10/06 10:39:07 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
      [2011/10/06 10:39:06 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
      [2011/08/22 14:09:32 | 000,000,168 | ---- | C] () -- C:\Windows\MyHeritage.INI
      [2011/08/22 14:07:17 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
      [2011/08/18 15:46:06 | 000,000,151 | ---- | C] () -- C:\Users\Tania\AppData\Roaming\default.rss
      [2011/07/07 11:35:15 | 001,584,450 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2011/07/06 11:57:02 | 000,244,423 | ---- | C] () -- C:\Windows\hpoins19.dat
      [2011/07/06 11:57:02 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
      [2011/07/06 11:37:50 | 000,244,354 | ---- | C] () -- C:\Windows\hpoins19.dat.temp
      [2011/07/06 11:37:50 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
      [2011/07/06 11:29:09 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
      [2011/07/06 11:29:09 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
      [2011/07/06 11:29:05 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
      [2011/07/06 11:29:05 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
      [2011/07/06 11:25:05 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
      [2011/07/06 11:25:03 | 000,033,619 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
      [2011/07/06 10:24:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
      [2011/07/06 10:17:02 | 000,002,011 | ---- | C] () -- C:\Windows\hphmdl15.dat.temp

      ========== LOP Check ==========

      [2012/09/25 09:07:40 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\Dropbox
      [2012/09/22 16:27:38 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\gtk-2.0
      [2012/04/02 12:51:41 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\MakeMusic
      [2012/08/19 19:43:05 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\MyHeritage
      [2012/01/06 13:33:39 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\Opera
      [2011/07/26 20:49:42 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\Panda Security
      [2012/09/19 07:53:20 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\PDF Software
      [2011/07/07 1913 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\QuickScan
      [2012/05/31 21:44:16 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\RibbonSoft
      [2011/10/19 23:16:40 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\Rovio
      [2012/08/12 20:51:12 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\Samsung
      [2012/09/24 20:27:06 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\Spotify
      [2011/08/22 14:07:16 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\The Complete Genealogy Reporter - FTB
      [2012/01/05 12:18:09 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\TomTom
      [2012/08/20 22:21:16 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\uTorrent
      [2012/08/17 12:19:29 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\Visan
      [2012/08/18 17:35:09 | 000,000,000 | ---D | M] -- C:\Users\Tania\AppData\Roaming\YourFileDownloader
      [2012/07/14 11:14:28 | 000,032,642 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2011/07/28 00:00:14 | 000,000,000 | ---- | M] () -- C:\0x0304A000.sfl
      [2012/09/17 22:09:35 | 000,009,419 | ---- | M] () -- C:\AdwCleaner[S1].txt
      [2012/09/17 22:13:56 | 000,002,523 | ---- | M] () -- C:\AdwCleaner[S2].txt
      [2012/09/23 18:41:56 | 000,004,949 | ---- | M] () -- C:\AdwCleaner[S3].txt
      [2012/09/21 20:11:20 | 000,003,407 | ---- | M] () -- C:\AT-Destroyer.txt
      [2011/11/18 12:08:11 | 000,000,132 | ---- | M] () -- C:\CKINFO.TXT
      [2012/09/25 08:02:32 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
      [2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
      [2012/09/25 08:02:36 | 4294,103,040 | -HS- | M] () -- C:\pagefile.sys
      [2012/09/21 22:41:47 | 000,000,000 | ---- | M] () -- C:\perflog.txt
      [2012/09/21 20:09:56 | 000,000,120 | ---- | M] () -- C:\prueba.txt
      [2012/03/10 22:12:47 | 000,001,047 | ---- | M] () -- C:\rkill.log
      [2012/03/15 17:12:44 | 000,000,510 | ---- | M] () -- C:\settings.ini

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34

      < End of report >

    8. #8
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Avast detecta: trkjmp.com URL:Mal

      Hola Trottileta:


      Aun quedaron unos restos.




      Realiza lo siguiente:






      1.-Ejecutar OTL.exe
      • Pegue el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:
        • NOTA: No copiar la palabra codigo.

        Código:
        :OTL
        SRV:64bit: - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe /service File not found
        SRV:64bit: - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe /service File not found
        DRV:64bit: - (BDVEDISK) -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys File not found
        IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=112555&tt=bandext_3312_4&babsrc=HP_ss&mntrId=c645f1070000000000000022b0644f79
        IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112555&tt=bandext_3312_4&babsrc=HP_ss&mntrI d=c645f1070000000000000022b0644f79
        IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=bandext_3312_4&ba bsrc=SP_ss&mntrId=c645f1070000000000000022b0644f79
        FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensi ons\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
        O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
        O4 - HKLM..\Run: [] File not found
        O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
        O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
        O1364bit: - gopher Prefix: missing
        O13 - gopher Prefix: missing
        O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
        O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
        O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
        O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
        O18:64bit: - Protocol\Handler\livecall - No CLSID value found
        O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
        O18:64bit: - Protocol\Handler\msnim - No CLSID value found
        O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
        O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
        O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
        @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
        
        :files
        ipconfig /flushdns /c
        ipconfig /renew /c
        
        :commands
        [resethosts]
        [emptyflash]
        [emptytemp]
        [emptyjava]
        [Reboot]
      • Luego haga clic en el botón Reparar en la parte superior.
      • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
      • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.




      Nos comentas los resultados.

      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de Trottileta
      Registrado
      feb 2011
      Ubicación
      Barna
      Mensajes
      47

      Re: Avast detecta: trkjmp.com URL:Mal

      Aquí está el reporte:


      All processes killed
      ========== OTL ==========
      Service VSSERV stopped successfully!
      Service VSSERV deleted successfully!
      File C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe /service File not found not found.
      Service LIVESRV stopped successfully!
      Service LIVESRV deleted successfully!
      File C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe /service File not found not found.
      Service BDVEDISK stopped successfully!
      Service BDVEDISK deleted successfully!
      File C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys File not found not found.
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\BrowserMngr Start Page| /E : value set successfully!
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry key HKEY_CURRENT_USER\software\mozilla\Firefox\Extensi ons not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b64982b1-d112-42b5-b1e4-d3867c4533f8}\ not found.
      File C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer not found.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
      File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
      File Protocol\Handler\livecall - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
      File Protocol\Handler\ms-help - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
      File Protocol\Handler\msnim - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
      File Protocol\Handler\wlpg - No CLSID value found not found.
      64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      ADS C:\ProgramData\TEMP:5C321E34 deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Celsa\Downloads\cmd.bat deleted successfully.
      C:\Users\Celsa\Downloads\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : Home
      V¡nculo: direcci¢n IPv6 local. . . : fe80::18e:a7c8:d3a4:6736%13
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.110
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1
      Adaptador de Ethernet Conexi¢n de red Bluetooth:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.Home:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : Home
      Adaptador de t£nel Reusable ISATAP Interface {A77CEFC6-DAB2-42CF-84D6-BA25161867B5}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{D7A0821E-7603-4876-9B95-23897354FEA6}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 4:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Reusable ISATAP Interface {B46CE482-F9B6-4B69-BFA9-1B3E736017B7}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 14:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Reusable ISATAP Interface {AE13A460-38D8-4EE2-9121-83AE0B521A6A}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:5ef5:79fb:1061:e73:acc4:25f7
      V¡nculo: direcci¢n IPv6 local. . . : fe80::1061:e73:acc4:25f7%23
      Puerta de enlace predeterminada . . . . . : ::
      C:\Users\Celsa\Downloads\cmd.bat deleted successfully.
      C:\Users\Celsa\Downloads\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: All Users

      User: Celsa
      ->Flash cache emptied: 647 bytes

      User: Default

      User: Default User

      User: Desi
      ->Flash cache emptied: 3763 bytes

      User: Public

      User: Ruth
      ->Flash cache emptied: 30119 bytes

      User: Tania
      ->Flash cache emptied: 743 bytes

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: Celsa
      ->Temp folder emptied: 73539422 bytes
      ->Temporary Internet Files folder emptied: 3035191 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 32656195 bytes
      ->Google Chrome cache emptied: 192359160 bytes
      ->Apple Safari cache emptied: 0 bytes
      ->Opera cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Desi
      ->Temp folder emptied: 2110854 bytes
      ->Temporary Internet Files folder emptied: 270229273 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 89612120 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      User: Ruth
      ->Temp folder emptied: 7963931 bytes
      ->Temporary Internet Files folder emptied: 75106415 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 168059520 bytes
      ->Google Chrome cache emptied: 402218001 bytes
      ->Flash cache emptied: 0 bytes

      User: Tania
      ->Temp folder emptied: 58331022 bytes
      ->Temporary Internet Files folder emptied: 238529882 bytes
      ->Java cache emptied: 258140 bytes
      ->FireFox cache emptied: 54554003 bytes
      ->Google Chrome cache emptied: 379323345 bytes
      ->Apple Safari cache emptied: 11042816 bytes
      ->Opera cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 819158 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68042 bytes
      RecycleBin emptied: 313808817 bytes

      Total Files Cleaned = 2.264,00 mb


      [EMPTYJAVA]

      User: All Users

      User: Celsa
      ->Java cache emptied: 0 bytes

      User: Default

      User: Default User

      User: Desi
      ->Java cache emptied: 0 bytes

      User: Public

      User: Ruth
      ->Java cache emptied: 0 bytes

      User: Tania
      ->Java cache emptied: 0 bytes

      Total Java Files Cleaned = 0,00 mb


      OTL by OldTimer - Version 3.2.61.5 log created on 09272012_123539

      Files\Folders moved on Reboot...
      File\Folder C:\Users\Tania\AppData\Local\Temp\etilqs_cbaXWpm5gAtAMCj not found!
      File\Folder C:\Users\Tania\AppData\Local\Temp\etilqs_nWWp1Pgff0Y1Gwf not found!
      File move failed. C:\Users\Tania\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
      File\Folder C:\Users\Tania\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{F6F2EECB-9D98-458F-B7D5-2182717EB7C5}.tmp not found!
      File\Folder C:\Users\Tania\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{7F2E7946-A68A-46E9-9629-CD96ADFFBB3E}.tmp not found!
      File\Folder C:\Users\Tania\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{9D16BED5-C98D-4524-99ED-80052A802C4D}.tmp not found!
      File\Folder C:\Users\Tania\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{C9147100-A9C4-4E34-B426-DBF53BFAD532}.tmp not found!
      File\Folder C:\Users\Tania\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{F29E1D38-3427-4545-A2E2-2FD268CA8CE0}.tmp not found!
      File\Folder C:\Users\Tania\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\5439572A.emf not found!
      File\Folder C:\Users\Tania\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\6D7B3E94.emf not found!
      File\Folder C:\Users\Tania\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\8D52E5C2.emf not found!
      File\Folder C:\Users\Tania\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\C7708C8.emf not found!
      File\Folder C:\Users\Tania\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\E5961216.emf not found!
      C:\Users\Tania\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
      C:\Users\Tania\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
      C:\Users\Tania\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
      C:\Users\Tania\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
      C:\Users\Tania\AppData\Local\Google\Chrome\User Data\Default\Cache\data_4 moved successfully.
      C:\Users\Tania\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
      File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...


      Muchas gracias SanMar por todo.

      ¿crees que ahora ya está?

      Repito que mil grácias

    10. #10
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Avast detecta: trkjmp.com URL:Mal

      Hola Trottileta:


      Para terminar:


      1.-Ejecute OTL.exe:
      1. Haga click en el botón Limpiar.
      2. Se desintalarán las herramientas usadas durante el proceso de desinfección.
      3. Sea paciente mientras se realiza la desinstalación.
      4. Al terminar reinicie el sistema



      Nos comentas si todo esta en orden para dar por resuelto el tema...



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.