• Registrarse
  • Iniciar sesión


  • Resultados 1 al 6 de 6

    Re: Doble tilde

    Hola. Yo tambien volvi a encontrarme hoy con este problema. ¿Podria pedir ayuda en este post, o deberia crear uno nuevo? A mi tampoco me funciono ni Malwarebytes , ni Kaspersky anti-virus online, ni Panda ...

    1. #1
      Usuario Avatar de Huntersthompson
      Registrado
      abr 2012
      Ubicación
      Argentina
      Mensajes
      3

      Re: Doble tilde

      Hola. Yo tambien volvi a encontrarme hoy con este problema. ¿Podria pedir ayuda en este post, o deberia crear uno nuevo?

      A mi tampoco me funciono ni Malwarebytes, ni Kaspersky anti-virus online, ni Panda anti-virus pro, ni DT-Killer, CCleaner, Regseeker.
      Vi que tenia un nombre raro en mi arranque de windows, un tal WWYNCGC.exe que nunca antes habia visto y que se ubica dentro de la carpeta de System32, y el Spy-hunter lo detecto como un troyano, aunque no me dejo eliminarlo porque no tenia la licencia del programa, sino que estaba bajo modo de prueba. Casi que tengo la certeza de que ese WWYNCGC.EXE es mi problema, pues luego desaparecio y aparecio con el de WWYNCZQ.EXE.

      Ojala alguien pueda darme un mano.

    2. #2
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: Doble tilde

      Bienvenido a InfoSpyware, Huntersthompson


      Realiza lo siguiente:


      • Descarga la herramienta OTL by OldTimer en tu escritorio.
      • Cierre todas las ventanas y programas abiertos. Haga doble clic sobre OTL.exe para ejecutarlo.
      • En Tipo de Análisis marque la casilla "Resultado Mínimo". Por ultimo seleccione las siguientes opciones:
        • Usar listado de Compañías Reconocidas
        • Omitir Archivos de Microsoft
      • Copie el siguiente código: (Se excluye la palabra "Código:")

      Código:
      msconfig
      netsvcs
      safebootminimal
      %systemdrive%\*.*
      %temp%\*.exe /15
      %windir%\system32\*.exe /15
      %windir%\SysWow64\*.exe /15
      %windir%\SysNative\*.exe /15
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run /s
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run /s
      HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce /s
      HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce /s
      CREATERESTOREPOINT
      • Pegue el código sobre el área Análisis Personalizados / Código de Reparación.


      • Haga clic en el botón Analizar y espere paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos, OTL.txt y Extras.txt. Éstos aparecerán grabados en donde OTL fue ejecutado.



      Para terminar abra el archivo OTL.txt, copie y pegue todo su contenido en la siguiente respuesta para revisarlo.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Huntersthompson
      Registrado
      abr 2012
      Ubicación
      Argentina
      Mensajes
      3

      Re: Doble tilde

      OTL logfile created on: 04/10/2012 13:35:31 - Run 1
      OTL by OldTimer - Version 3.2.70.2 Folder = C:\Documents and Settings\Usuario\Escritorio
      Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.6001.18702)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      2,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 78,07% Memory free
      3,16 Gb Paging File | 2,88 Gb Available in Paging File | 91,16% Paging File free
      Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
      Drive C: | 298,09 Gb Total Space | 122,59 Gb Free Space | 41,12% Space Free | Partition Type: NTFS

      Computer Name: PC | User Name: Usuario | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Documents and Settings\Usuario\Escritorio\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\Winamp\winampa.exe (Nullsoft, Inc.)
      PRC - C:\Archivos de programa\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)
      PRC - C:\Archivos de programa\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
      PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Huawei Technologies\Huawei SmartAX MT810\DSLMON.exe ()


      ========== Modules (No Company Name) ==========

      MOD - C:\Archivos de programa\WinRAR\RarExt.dll ()
      MOD - C:\Archivos de programa\NVIDIA Corporation\nView\nvShell.dll ()
      MOD - C:\Archivos de programa\DeviceVM\Browser Configuration Utility\sqlite3.dll ()
      MOD - C:\Archivos de programa\Huawei Technologies\Huawei SmartAX MT810\languages\Spanish.dll ()
      MOD - C:\Archivos de programa\Huawei Technologies\Huawei SmartAX MT810\DSLMON.exe ()


      ========== Services (SafeList) ==========

      SRV - (AVP) -- C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (AppleChargerSrv) -- C:\WINDOWS\system32\AppleChargerSrv.exe ()
      SRV - (BCUService) -- C:\Archivos de programa\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)
      SRV - (odserv) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (WDICA) -- File not found
      DRV - (PDRFRAME) -- File not found
      DRV - (PDRELI) -- File not found
      DRV - (PDFRAME) -- File not found
      DRV - (PDCOMP) -- File not found
      DRV - (PCIDump) -- File not found
      DRV - (lbrtfdc) -- File not found
      DRV - (i2omgmt) -- File not found
      DRV - (ECSIoDriver_1_1_0_0) -- E:\ECSIoDriver.sys File not found
      DRV - (Changer) -- File not found
      DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
      DRV - (klkbdflt) -- C:\WINDOWS\system32\drivers\klkbdflt.sys (Kaspersky Lab)
      DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
      DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
      DRV - (kneps) -- C:\WINDOWS\system32\drivers\kneps.sys (Kaspersky Lab)
      DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab ZAO)
      DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab ZAO)
      DRV - (kltdi) -- C:\WINDOWS\system32\drivers\kltdi.sys (Kaspersky Lab)
      DRV - (ddsxeiservice) -- C:\Archivos de programa\sXe Injected\ddsxei.sys ()
      DRV - (cpuz135) -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys (CPUID)
      DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
      DRV - (IDMTDI) -- C:\WINDOWS\system32\drivers\idmtdi.sys (Tonec Inc.)
      DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
      DRV - (AppleCharger) -- C:\WINDOWS\system32\drivers\AppleCharger.sys ()
      DRV - (nvgts) -- C:\WINDOWS\system32\drivers\nvgts.sys (NVIDIA Corporation)
      DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
      DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
      DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
      DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
      DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
      DRV - (ADILOADER) -- C:\WINDOWS\system32\drivers\adildr.sys (Analog Deivces)
      DRV - (adiusbaw) -- C:\WINDOWS\system32\drivers\adiusbaw.sys (Analog Devices Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://find.localstrike.net/
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://find.localstrike.net/
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://find.localstrike.net/
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://find.localstrike.net/
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
      IE - HKLM\..\SearchScopes,DefaultScope = {ef80d754-fb77-4a7f-be75-489beebb20c9}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      IE - HKLM\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm634YYar&ptnrS=RGxdm634YYar&ptb=4806A708-4B98-4069-A065-5EA7433A3F83&ind=2012051222&n=77ed7716&psa=&st=sb&searchfor={searchTerms}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://find.localstrike.net/
      IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Archivos de programa\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
      IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
      IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
      IE - HKCU\..\SearchScopes\{33D59858-89D9-4AC2-A956-93875EB02323}: "URL" = http://find.localstrike.net/?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
      IE - HKCU\..\SearchScopes\{9F65B9C9-450B-455a-8A04-C06A5661B1FA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
      IE - HKCU\..\SearchScopes\{C3419EB6-5D6F-4e0e-82F7-86A15E5F6853}: "URL" = http://es.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
      IE - HKCU\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm634YYar&ptnrS=RGxdm634YYar&ptb=4806A708-4B98-4069-A065-5EA7433A3F83&ind=2012051222&n=77ed7716&psa=&st=sb&searchfor={searchTerms}
      IE - HKCU\..\SearchScopes\{F3E27FF9-A77E-40f7-A273-08945A5F3422}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.startup.homepage: "www.google.com.ar"
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Archivos de programa\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Archivos de programa\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Archivos de programa\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Archivos de programa\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Archivos de programa\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Archivos de programa\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Archivos de programa\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2012/10/04 11:46:49 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2012/10/04 11:46:50 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2012/10/04 11:46:34 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2012/10/04 11:46:33 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2012/10/04 11:46:41 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2012/09/07 03:29:11 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2012/10/04 12:21:34 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Usuario\Datos de programa\IDM\idmmzcc3 [2012/10/04 10:18:49 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\Usuario\Datos de programa\IDM\idmmzcc3 [2012/10/04 10:18:49 | 000,000,000 | ---D | M]

      [2012/10/04 09:05:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Usuario\Datos de programa\Mozilla\Extensions
      [2012/09/07 03:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2012/09/07 03:29:05 | 000,000,000 | ---D | M] (GameTap) -- C:\Archivos de programa\Mozilla Firefox\extensions\[email protected]
      [2012/09/07 03:29:05 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Archivos de programa\Mozilla Firefox\extensions\[email protected]_bak2
      [2012/09/07 03:29:11 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Archivos de programa\mozilla firefox\components\browsercomps.dll
      [2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\mozilla firefox\plugins\npdeployJava1.dll
      [2012/06/20 13:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Archivos de programa\mozilla firefox\plugins\npwachk.dll
      [2012/09/01 10:43:21 | 000,002,465 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\bing.xml
      [2012/09/01 10:43:21 | 000,003,882 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\drae.xml
      [2012/09/01 10:43:21 | 000,001,143 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\eBay-es.xml
      [2011/09/19 02:55:30 | 000,002,048 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\fcmdSrch.xml
      [2012/09/01 10:43:21 | 000,002,253 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\twitter.xml
      [2012/09/01 10:43:21 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/09/01 10:43:21 | 000,001,102 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\yahoo-es.xml

      O1 HOSTS File: ([2012/10/04 13:27:36 | 000,000,859 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: 127.0.0.1 foro.inexinferis.com.ar
      O1 - Hosts: 127.0.0.1 foro.inexinferis.com
      O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Archivos de programa\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
      O2 - BHO: (Aplicación auxiliar de vínculos de Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
      O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
      O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
      O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
      O4 - HKLM..\Run: [AVP] C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
      O4 - HKLM..\Run: [BCU] C:\Archivos de programa\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
      O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
      O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
      O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
      O4 - HKLM..\Run: [nwiz] C:\Archivos de programa\NVIDIA Corporation\nView\nwiz.exe ()
      O4 - HKLM..\Run: [WinampAgent] C:\Archivos de programa\Winamp\winampa.exe (Nullsoft, Inc.)
      O4 - HKCU..\Run: [ccleaner] C:\Archivos de programa\CCleaner\CCleaner.exe (Piriform Ltd)
      O4 - HKCU..\Run: [IDMan] C:\Archivos de programa\Internet Download Manager\IDMan.exe (Tonec Inc.)
      O4 - HKCU..\Run: [WwYNcZQ] C:\WINDOWS\system32\WwYNcZQ.exe ()
      O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\DSLMON.lnk = C:\Archivos de programa\Huawei Technologies\Huawei SmartAX MT810\DSLMON.exe ()
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8 - Extra context menu item: &Search - http://tbedits.retrogamer.com/one-toolbaredits/menusearch.jhtml?s=206140027&p=RGxdm634YYar&a=4806A708-4B98-4069-A065-5EA7433A3F83&n=2012051222 File not found
      O8 - Extra context menu item: Descargar con IDM - C:\Archivos de programa\Internet Download Manager\IEExt.htm ()
      O8 - Extra context menu item: Descargar con IDM el contenido de video FLV - C:\Archivos de programa\Internet Download Manager\IEGetVL.htm ()
      O8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Archivos de programa\Internet Download Manager\IEGetAll.htm ()
      O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
      O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
      O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} Reg Error: Unable to open value key (GameTap Player)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
      O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73C239BA-91AC-4072-8781-B60185EF9BD4}: NameServer = 200.45.191.35 200.45.48.233
      O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
      O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
      O24 - Desktop WallPaper: C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O24 - Desktop BackupWallPaper: C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/03/17 13:15:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
      O33 - MountPoints2\{b961a122-1310-11de-978e-817544b3377e}\Shell\explore\Command - "" = E:\vxsscl.exe
      O33 - MountPoints2\{b961a122-1310-11de-978e-817544b3377e}\Shell\open\Command - "" = E:\vxsscl.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

      MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Archivos de programa\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: BCU - hkey= - key= - C:\Archivos de programa\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
      MsConfig - StartUpReg: BitTorrent - hkey= - key= - C:\Archivos de programa\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
      MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
      MsConfig - StartUpReg: IDMan - hkey= - key= - Reg Error: Value error. File not found
      MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
      MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Archivos de programa\Messenger\msmsgs.exe (Microsoft Corporation)
      MsConfig - StartUpReg: MsnMsgr - hkey= - key= - C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
      MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
      MsConfig - StartUpReg: Retrogamer Search Scope Monitor - hkey= - key= - Reg Error: Value error. File not found
      MsConfig - StartUpReg: Retrogamer_4w Browser Plugin Loader - hkey= - key= - Reg Error: Value error. File not found
      MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
      MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      MsConfig - StartUpReg: WwYNcgC - hkey= - key= - Reg Error: Value error. File not found
      MsConfig - StartUpReg: {840B8C26-4785-AD7E-D143-B820C8269B32} - hkey= - key= - Reg Error: Value error. File not found
      MsConfig - State: "system.ini" - 0
      MsConfig - State: "win.ini" - 0
      MsConfig - State: "bootini" - 0
      MsConfig - State: "services" - 0
      MsConfig - State: "startup" - 2

      NetSvcs: 6to4 - File not found
      NetSvcs: Ias - File not found
      NetSvcs: Iprip - File not found
      NetSvcs: Irmon - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: WmdmPmSp - File not found

      SafeBootMin: Base - Driver Group
      SafeBootMin: Boot Bus Extender - Driver Group
      SafeBootMin: Boot file system - Driver Group
      SafeBootMin: File system - Driver Group
      SafeBootMin: Filter - Driver Group
      SafeBootMin: PCI Configuration - Driver Group
      SafeBootMin: PNP Filter - Driver Group
      SafeBootMin: Primary disk - Driver Group
      SafeBootMin: SCSI Class - Driver Group
      SafeBootMin: sermouse.sys - Driver
      SafeBootMin: System Bus Extender - Driver Group
      SafeBootMin: vga.sys - Driver
      SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
      SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
      SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
      SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
      SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
      SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
      SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
      SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
      SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
      SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
      SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
      SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
      SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/10/04 13:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Menú Inicio\Programas\sXe Injected
      [2012/10/04 13:25:04 | 000,373,440 | ---- | C] (Softonic) -- C:\Documents and Settings\Usuario\Escritorio\SoftonicDownloader_para_sxe-injected.exe
      [2012/10/04 12:39:25 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Usuario\Escritorio\OTL.exe
      [2012/10/04 12:22:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Winamp
      [2012/10/04 12:22:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
      [2012/10/04 12:21:34 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Winamp Detect
      [2012/10/04 12:21:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Menú Inicio\Programas\Aplicación para detectar Winamp
      [2012/10/04 12:20:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Datos de programa\Winamp
      [2012/10/04 12:11:08 | 000,373,432 | ---- | C] (Softonic) -- C:\Documents and Settings\Usuario\Escritorio\SoftonicDownloader_para_winamp.exe
      [2012/10/04 11:56:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Datos de programa\vlc
      [2012/10/04 11:47:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Kaspersky Internet Security 2013
      [2012/10/04 11:46:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Kaspersky Lab
      [2012/10/04 11:46:32 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Kaspersky Lab
      [2012/10/04 11:46:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
      [2012/10/04 11:46:21 | 000,584,536 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
      [2012/10/04 11:46:21 | 000,074,072 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klflt.sys
      [2012/10/04 11:43:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Usuario\Recent
      [2012/10/04 10:18:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Datos de programa\IDM
      [2012/10/04 10:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Datos de programa\DMCache
      [2012/10/04 10:02:51 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Wise Installation Wizard
      [2012/10/04 09:31:42 | 169,850,464 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Usuario\Escritorio\kis13.0.1.4190en_trial.exe
      [2012/10/04 09:28:26 | 000,725,440 | ---- | C] (Enigma Software Group USA, LLC.) -- C:\Documents and Settings\Usuario\Escritorio\SpyHunter-Installer.exe
      [2012/10/04 09:27:33 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Usuario\Escritorio\HijackThis.exe
      [2012/10/04 09:15:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Usuario\Datos de programa\Microsoft
      [2012/10/04 09:07:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Datos de programa\Macromedia
      [2012/10/04 09:07:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Datos de programa\Adobe
      [2012/10/04 09:05:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Datos de programa\Mozilla
      [2012/10/04 09:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Datos de programa\Malwarebytes
      [2012/10/04 09:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Datos de programa
      [2012/10/04 08:04:34 | 000,000,000 | ---D | C] -- C:\DTRToll
      [2012/09/29 06:31:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Escritorio\Mis documentos\GTA Vice City User Files
      [2012/09/29 06:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\DAEMON Tools Lite
      [2012/09/20 03:32:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Usuario\Escritorio\COLERIDGE
      [2012/09/07 03:29:04 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Mozilla Firefox
      [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
      [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/10/04 13:27:36 | 000,000,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
      [2012/10/04 13:27:11 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\sXe Injected.lnk
      [2012/10/04 13:26:49 | 006,708,467 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\sXeInjectedSetup.12.3.Fix.3.exe
      [2012/10/04 13:25:06 | 000,373,440 | ---- | M] (Softonic) -- C:\Documents and Settings\Usuario\Escritorio\SoftonicDownloader_para_sxe-injected.exe
      [2012/10/04 12:39:35 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Usuario\Escritorio\OTL.exe
      [2012/10/04 12:22:37 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Winamp.lnk
      [2012/10/04 12:22:26 | 000,000,189 | ---- | M] () -- C:\WINDOWS\wininit.ini
      [2012/10/04 12:12:27 | 000,024,920 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klmouflt.sys
      [2012/10/04 12:12:26 | 000,024,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klkbdflt.sys
      [2012/10/04 12:12:25 | 000,584,536 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
      [2012/10/04 12:11:13 | 000,373,432 | ---- | M] (Softonic) -- C:\Documents and Settings\Usuario\Escritorio\SoftonicDownloader_para_winamp.exe
      [2012/10/04 11:43:22 | 000,000,426 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
      [2012/10/04 11:43:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2012/10/04 11:00:18 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
      [2012/10/04 10:25:39 | 000,916,968 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\PandaAP13.exe
      [2012/10/04 10:17:52 | 000,043,008 | ---- | M] () -- C:\WINDOWS\System32\WwYNcZQ.exe
      [2012/10/04 09:57:57 | 169,850,464 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Usuario\Escritorio\kis13.0.1.4190en_trial.exe
      [2012/10/04 09:28:35 | 000,725,440 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Documents and Settings\Usuario\Escritorio\SpyHunter-Installer.exe
      [2012/10/04 09:27:38 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Usuario\Escritorio\HijackThis.exe
      [2012/10/04 08:02:44 | 000,000,223 | RHS- | M] () -- C:\boot.ini
      [2012/10/04 07:18:23 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
      [2012/10/04 03:09:19 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/10/03 21:09:34 | 2385,108,445 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\Eyes Wide Shut - 1997 - (Kubrick).mkv
      [2012/09/29 05:58:33 | 702,814,208 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\GTA_Vice_City.iso
      [2012/09/29 05:58:32 | 692,432,896 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\Vice_City_Play.iso
      [2012/09/23 11:13:09 | 012,048,983 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\Richard Burton reads S_T_ Coleridge_s _The Rime of the ancient Mariner_ - Upload 3_3-[www_flvto_com].mp3
      [2012/09/23 11:08:41 | 011,139,922 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\Richard Burton reads S_T_ Coleridge_s _The Rime of the ancient Mariner_ - Upload 2_3-[www_flvto_com].mp3
      [2012/09/23 10:54:11 | 001,857,048 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\300 OST - Tonight We Dine In Hell (HD Stereo)-[www_flvto_com].mp3
      [2012/09/23 10:52:00 | 003,717,802 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\300- Message for the Queen-[www_flvto_com].mp3
      [2012/09/23 10:47:23 | 004,898,955 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\BSO-300-Goodbye My Love-[www_flvto_com].mp3
      [2012/09/23 10:42:47 | 015,889,191 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\Richard Burton reads S_T_ Coleridge_s _The Rime of the ancient Mariner_ - Upload 1_3-[www_flvto_com].mp3
      [2012/09/23 09:36:31 | 004,239,415 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\-Kubla Khan- by Samuel Taylor Coleridge (poetry reading)-[www_flvto_com].mp3
      [2012/09/17 03:42:29 | 011,511,905 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\Marc Romboy & Stephan Bodzin - Io (Original Mix)-[www_flvto_com].mp3
      [2012/09/16 07:33:48 | 006,186,060 | ---- | M] () -- C:\Documents and Settings\Usuario\Escritorio\Bob Dylan - I Pity The Poor Immigrant-[www_flvto_com].mp3
      [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
      [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/10/04 13:27:11 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\sXe Injected.lnk
      [2012/10/04 13:25:54 | 006,708,467 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\sXeInjectedSetup.12.3.Fix.3.exe
      [2012/10/04 12:22:37 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Winamp.lnk
      [2012/10/04 12:22:26 | 000,000,189 | ---- | C] () -- C:\WINDOWS\wininit.ini
      [2012/10/04 10:41:55 | 000,008,627 | ---- | C] () -- C:\WINDOWS\System32\PAV_FOG.OPC
      [2012/10/04 10:25:33 | 000,916,968 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\PandaAP13.exe
      [2012/10/04 10:17:52 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\WwYNcZQ.exe
      [2012/10/04 07:01:06 | 000,069,135 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Apocalypse Now CD 22.srt
      [2012/10/04 07:01:05 | 000,094,393 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Apocalypse Now CD 11.srt
      [2012/10/04 03:13:14 | 000,091,139 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Eyes Wide Shut - 1997 - (Kubrick).srt
      [2012/10/03 09:24:48 | 2385,108,445 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Eyes Wide Shut - 1997 - (Kubrick).mkv
      [2012/09/30 07:47:21 | 001,964,281 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Pseudo Longino - De Lo Sublime.PDF
      [2012/09/23 11:11:27 | 012,048,983 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Richard Burton reads S_T_ Coleridge_s _The Rime of the ancient Mariner_ - Upload 3_3-[www_flvto_com].mp3
      [2012/09/23 11:06:59 | 011,139,922 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Richard Burton reads S_T_ Coleridge_s _The Rime of the ancient Mariner_ - Upload 2_3-[www_flvto_com].mp3
      [2012/09/23 10:53:55 | 001,857,048 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\300 OST - Tonight We Dine In Hell (HD Stereo)-[www_flvto_com].mp3
      [2012/09/23 10:51:26 | 003,717,802 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\300- Message for the Queen-[www_flvto_com].mp3
      [2012/09/23 10:46:41 | 004,898,955 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\BSO-300-Goodbye My Love-[www_flvto_com].mp3
      [2012/09/23 10:40:31 | 015,889,191 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Richard Burton reads S_T_ Coleridge_s _The Rime of the ancient Mariner_ - Upload 1_3-[www_flvto_com].mp3
      [2012/09/23 09:35:54 | 004,239,415 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\-Kubla Khan- by Samuel Taylor Coleridge (poetry reading)-[www_flvto_com].mp3
      [2012/09/22 08:14:22 | 702,814,208 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\GTA_Vice_City.iso
      [2012/09/22 08:13:51 | 692,432,896 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Vice_City_Play.iso
      [2012/09/17 07:11:11 | 000,774,401 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\SINCLAIR MAY - Donde Su Fuego Nunca Se Apaga.RTF
      [2012/09/17 03:34:26 | 011,511,905 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Marc Romboy & Stephan Bodzin - Io (Original Mix)-[www_flvto_com].mp3
      [2012/09/16 07:32:42 | 006,186,060 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Bob Dylan - I Pity The Poor Immigrant-[www_flvto_com].mp3
      [2012/09/08 19:13:08 | 1048,559,616 | ---- | C] () -- C:\Documents and Settings\Usuario\Escritorio\Flowers of war.avi
      [2012/07/21 12:04:03 | 000,157,672 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat
      [2012/06/06 04:44:50 | 000,268,218 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-S-1-5-21-861567501-1960408961-725345543-1003-0.dat
      [2012/06/04 13:46:38 | 000,268,218 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\WPFFontCache_v0400-System.dat
      [2012/06/04 03:47:23 | 000,169,912 | ---- | C] () -- C:\Archivos de programa\4wres.dll
      [2012/04/01 11:17:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
      [2012/04/01 11:17:31 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\PALMDB.DLL
      [2012/01/17 03:58:43 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\WebpageIcons.db
      [2011/09/30 16:23:01 | 000,050,176 | ---- | C] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2011/09/24 16:52:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
      [2011/09/18 21:28:58 | 000,000,430 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
      [2011/09/18 12:11:44 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini
      [2011/09/18 12:11:41 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\IPDETECT.EXE
      [2011/09/18 12:11:41 | 000,036,864 | ---- | C] () -- C:\WINDOWS\adiras.exe
      [2011/09/18 12:11:41 | 000,000,401 | ---- | C] () -- C:\WINDOWS\adiras.ini
      [2011/09/18 12:11:40 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
      [2011/09/18 12:11:39 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin
      [2011/09/17 18:56:34 | 000,257,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
      [2011/09/17 18:56:34 | 000,257,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
      [2011/09/17 18:56:34 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
      [2011/09/17 18:56:23 | 002,294,442 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
      [2011/09/17 18:52:01 | 000,031,272 | ---- | C] () -- C:\WINDOWS\System32\AppleChargerSrv.exe
      [2011/09/17 18:52:01 | 000,019,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\AppleCharger.sys
      [2011/09/17 18:46:08 | 000,010,084 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
      [2011/09/17 18:39:25 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
      [2011/09/17 18:39:25 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
      [2011/05/24 08:03:24 | 000,276,232 | ---- | C] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\ConduitInstaller.exe
      [2011/03/27 16:43:08 | 000,096,768 | ---- | C] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Bloson.exe
      [2011/03/21 08:36:30 | 000,026,456 | ---- | C] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\bloson.bmp
      [2010/11/13 07:14:46 | 000,062,648 | ---- | C] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\toolbar3.bmp
      [2010/11/12 07:09:56 | 000,195,108 | ---- | C] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\lateral3.bmp
      [2010/11/12 06:44:14 | 000,193,744 | ---- | C] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\lateral1.bmp
      [2010/11/12 0658 | 000,193,744 | ---- | C] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\lateral2.bmp
      [2009/03/17 13:29:33 | 000,001,905 | -H-- | C] () -- C:\Documents and Settings\Usuario\Configuración local\Datos de programa\guov.liu

      ========== ZeroAccess Check ==========

      [2011/09/17 18:44:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 09:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:52:53 | 000,473,600 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 09:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== Custom Scans ==========

      < %systemdrive%\*.* >
      [2006/05/30 18:38:28 | 000,000,883 | ---- | M] () -- C:\0000.000
      [2009/03/17 13:15:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
      [2012/10/04 08:02:44 | 000,000,223 | RHS- | M] () -- C:\boot.ini
      [2008/04/14 09:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
      [2009/03/17 13:15:30 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
      [2009/03/17 13:15:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2009/03/17 13:15:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2008/04/14 09:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
      [2008/04/14 09:00:00 | 000,251,168 | RHS- | M] () -- C:\ntldr
      [2012/10/04 11:43:13 | 1409,286,144 | -HS- | M] () -- C:\pagefile.sys
      [2012/10/04 09:04:18 | 000,001,780 | ---- | M] () -- C:\R_TKill.txt

      < %temp%\*.exe /15 >
      [2012/10/04 10:02:42 | 034,654,360 | ---- | M] () -- C:\DOCUME~1\Usuario\CONFIG~1\Temp\SHSetup.exe
      [2012/10/04 13:24:43 | 000,196,608 | ---- | M] () -- C:\DOCUME~1\Usuario\CONFIG~1\Temp\uninstall-1.exe
      [26 C:\DOCUME~1\Usuario\CONFIG~1\Temp\*.tmp files -> C:\DOCUME~1\Usuario\CONFIG~1\Temp\*.tmp -> ]

      < %windir%\system32\*.exe /15 >
      [2012/10/04 10:17:52 | 000,043,008 | ---- | M] () -- C:\WINDOWS\system32\WwYNcZQ.exe
      [4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

      < %windir%\SysWow64\*.exe /15 >

      < %windir%\SysNative\*.exe /15 >

      < HKCU\Software\Microsoft\Windows\CurrentVersion\Run /s >
      "ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008/04/14 09:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
      "ccleaner" = "C:\Archivos de programa\CCleaner\CCleaner.exe" /AUTO -- [2008/02/20 11:15:26 | 000,816,368 | ---- | M] (Piriform Ltd)
      "IDMan" = C:\Archivos de programa\Internet Download Manager\IDMan.exe /onboot -- [2012/06/04 10:08:02 | 003,270,040 | ---- | M] (Tonec Inc.)
      "WwYNcZQ" = C:\WINDOWS\system32\WwYNcZQ.exe -- [2012/10/04 10:17:52 | 000,043,008 | ---- | M] ()

      < HKLM\Software\Microsoft\Windows\CurrentVersion\Run /s >
      "NvMediaCenter" = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit -- [2008/04/14 09:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation)
      "NvCplDaemon" = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup -- [2008/04/14 09:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation)
      "nwiz" = C:\Archivos de programa\NVIDIA Corporation\nView\nwiz.exe /installquiet -- [2011/01/26 12:29:20 | 001,753,192 | ---- | M] ()
      "BCU" = "C:\Archivos de programa\DeviceVM\Browser Configuration Utility\BCU.exe" -- [2009/10/15 14:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.)
      "KernelFaultCheck" = %systemroot%\system32\dumprep 0 -k
      "AVP" = "C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" -- [2012/08/17 21:43:06 | 000,218,880 | ---- | M] (Kaspersky Lab ZAO)
      "WinampAgent" = "C:\Archivos de programa\Winamp\winampa.exe" -- [2012/06/20 13:13:12 | 000,074,752 | ---- | M] (Nullsoft, Inc.)
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
      "" =
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
      "Installed" = 1
      "" =
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
      "NoChange" = 1
      "Installed" = 1
      "" =
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
      "Installed" = 1
      "" =

      < HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce /s >

      < HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce /s >

      < End of report >

    4. #4
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: Doble tilde

      Es indispensable que el siguiente paso lo hagas en Modo seguro:



      Realiza lo siguiente:


      • Cierre todas las ventanas y programas abiertos. Haga doble clic sobre OTL.exe para ejecutarlo.
      • Copie todo el siguiente código: (Se excluye la palabra "Código:")


      Código:
      :OTL
      [26 C:\DOCUME~1\Usuario\CONFIG~1\Temp\*.tmp files -> C:\DOCUME~1\Usuario\CONFIG~1\Temp\*.tmp -> ]
      [4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
      O33 - MountPoints2\{b961a122-1310-11de-978e-817544b3377e}\Shell\explore\Command - "" = E:\vxsscl.exe
       O33 - MountPoints2\{b961a122-1310-11de-978e-817544b3377e}\Shell\open\Command - "" = E:\vxsscl.exe
      
      :Files
       C:\WINDOWS\system32\WwYNcZQ.exe
      
      :Reg 
      [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
      "WwYNcZQ" =-
      
      :Commands
      [Reboot]
      [EmptyTemp]
      [EmptyJava]
      • Pegue el código sobre el área Análisis Personalizados / Código de Reparación.





      • Haga clic en el botón rojo Reparar para comenzar la reparación. OTL reiniciara el ordenador, haga clic en Aceptar.
      • Tras el reinicio se abrirá un reporte con los resultados, ese reporte también quedara guardado en un archivo de texto sobre C:\_OTL\MovedFiles\



      Para terminar copia y pega el reporte generado tras el reinicio en tu siguiente respuesta comentando si persiste el problema inicial.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Huntersthompson
      Registrado
      abr 2012
      Ubicación
      Argentina
      Mensajes
      3

      Re: Doble tilde

      All processes killed
      ========== OTL ==========
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nscB7.tmp\execDos.dll deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nscB7.tmp\inetc.dll deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nscB7.tmp\System.dll deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nscB7.tmp\xbundle.catalog deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nscB7.tmp\xbundle.journal deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nscB7.tmp\xbundle_offer.exe deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nscB7.tmp folder deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsfBB.tmp\d3dx9_31_42_x86\DXSETUP.exe deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsfBB.tmp\d3dx9_31_42_x86 folder deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsfBB.tmp folder deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsj2B.tmp\InstallOptions.dll deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsj2B.tmp\ioSpecial.ini deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsj2B.tmp\modern-wizard.bmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsj2B.tmp folder deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp\corebases.cab deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp\corebasesx64.cab deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp\corebasesx86.cab deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp\ipm.cab deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp\kavkis.cab deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp\kavkis.msi deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp\kleaner.cab deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp\productbases.cab deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp\setup.exe deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp\x64.cab deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz3.tmp folder deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz4.tmp\ioSpecial.ini deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz4.tmp\modern-wizard.bmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\nsz4.tmp folder deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\SET5A.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\Set88.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\tmp10.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\VGX9.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\VGXA.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WAS99.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\wdl12.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\wdl125.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\wdlC3.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\wdlC4.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\wdlC5.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\wdlC6.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\wdlC7.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\wdlC8.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\Winamp.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\auth.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\burnlib.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\dsp_sc.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\dsp_sps.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\enc_aacplus.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\enc_fhgaac.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\enc_flac.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\enc_flake.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\enc_lame.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\enc_vorbis.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\enc_wav.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\enc_wma.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_classicart.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_crasher.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_dropbox.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_ff.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_find_on_disk.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_hotkeys.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_jumpex.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_ml.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_nopro.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_orgler.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_skinmanager.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_timerestore.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_tray.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\gen_undo.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_avi.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_cdda.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_dshow.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_flac.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_flv.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_linein.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_midi.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_mkv.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_mod.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_mp3.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_mp4.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_nsv.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_swf.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_vorbis.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_wav.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_wave.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_wm.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\in_wv.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_addons.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_autotag.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_bookmarks.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_dash.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_devices.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_disc.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_downloads.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_enqplay.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_history.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_impex.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_local.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_nowplaying.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_online.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_orb.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_playlists.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_plg.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_pmp.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_rg.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_transcode.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ml_wire.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\ombrowser.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\out_disk.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\out_ds.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\out_wave.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\playlist.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\pmp_activesync.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\pmp_android.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\pmp_ipod.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\pmp_njb.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\pmp_p4s.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\pmp_usb.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\pmp_wifi.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\tagz.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\vis_avs.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\vis_milk2.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\vis_nsfs.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\winamp.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp\winampa.lng deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ7938.tmp folder deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\WLZ9A.tmp deleted successfully.
      C:\DOCUME~1\Usuario\CONFIG~1\Temp\~DFDFB9.tmp deleted successfully.
      C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
      C:\WINDOWS\system32\NEW181.tmp deleted successfully.
      C:\WINDOWS\system32\NEW189.tmp deleted successfully.
      C:\WINDOWS\system32\NEW18A.tmp deleted successfully.
      ========== FILES ==========
      C:\WINDOWS\system32\WwYNcZQ.exe moved successfully.
      ========== REGISTRY ==========
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WwYNcZQ deleted successfully.
      ========== COMMANDS ==========

      [EMPTYTEMP]

      User: Administrador
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes
      ->FireFox cache emptied: 5264684 bytes

      User: All Users

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: LocalService
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: NetworkService
      ->Temp folder emptied: 20266 bytes
      ->Temporary Internet Files folder emptied: 33237 bytes

      User: Usuario
      ->Temp folder emptied: 88106111 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes
      ->FireFox cache emptied: 92982021 bytes
      ->Flash cache emptied: 492 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 3812492 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\dllcache .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 20824064 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 201,00 mb


      [EMPTYJAVA]

      User: Administrador

      User: All Users

      User: Default User

      User: LocalService

      User: NetworkService

      User: Usuario

      Total Java Files Cleaned = 0,00 mb


      OTL by OldTimer - Version 3.2.70.2 log created on 10042012_152519

      Files\Folders moved on Reboot...

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...


      ¡Problema solucionado! ¡Muchísimas gracias!

      PD: ¿Tendría que hacer alguna cosa más, o con eso es suficiente?

    6. #6
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: Doble tilde

      Perfecto

      Para terminar ejecuta OTL. presiona Cleanup (Lipmiar) esto desinstalara OTL.

      Nos confirmas que todo esta en orden y lo cerramos.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.