• Registrarse
  • Iniciar sesión


  • Resultados 1 al 4 de 4

    Re: Doble tilde

    Tengo el mismo problema desde hace d´´ias, he corrido de todo tipo de antivirus y antispyware y sigo sin poder elimarlo, nada lo detecta. Los pasos que realiz´´o lachu son solo para su maquina? muchas ...

    1. #1
      Usuario Avatar de suscribimegrati
      Registrado
      sep 2012
      Ubicación
      test
      Mensajes
      2

      Re: Doble tilde

      Tengo el mismo problema desde hace d´´ias, he corrido de todo tipo de antivirus y antispyware y sigo sin poder elimarlo, nada lo detecta. Los pasos que realiz´´o lachu son solo para su maquina?

      muchas gracias

    2. #2
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: Doble tilde

      Bienvenido a InfoSpyware, suscribimegrati


      Realiza lo siguiente:


      • Descarga la herramienta OTL by OldTimer en tu escritorio.
      • Cierre todas las ventanas y programas abiertos. Haga doble clic sobre OTL.exe para ejecutarlo.
      • En Tipo de Análisis marque la casilla "Resultado Mínimo". Por ultimo seleccione las siguientes opciones:
        • Usar listado de Compañías Reconocidas
        • Omitir Archivos de Microsoft
      • Copie el siguiente código: (Se excluye la palabra "Código:")

      Código:
      msconfig
      netsvcs
      safebootminimal
      %systemdrive%\*.*
      %temp%\*.exe /15
      %windir%\system32\*.exe /15
      %windir%\SysWow64\*.exe /15
      %windir%\SysNative\*.exe /15
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run /s
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run /s
      HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce /s
      HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce /s
      CREATERESTOREPOINT
      • Pegue el código sobre el área Análisis Personalizados / Código de Reparación.


      • Haga clic en el botón Analizar y espere paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos, OTL.txt y Extras.txt. Éstos aparecerán grabados en donde OTL fue ejecutado.



      Para terminar abra el archivo OTL.txt, copie y pegue todo su contenido en la siguiente respuesta para revisarlo.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de suscribimegrati
      Registrado
      sep 2012
      Ubicación
      test
      Mensajes
      2

      Re: Doble tilde

      aqu´´i va el contenido.

      OTL logfile created on: 05/10/2012 23:06:20 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\usuarioname\Desktop
      64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00002c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

      3,80 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 51,94% Memory free
      7,60 Gb Paging File | 5,39 Gb Available in Paging File | 70,85% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 297,99 Gb Total Space | 149,75 Gb Free Space | 50,25% Space Free | Partition Type: NTFS
      Drive E: | 372,61 Gb Total Space | 29,80 Gb Free Space | 8,00% Space Free | Partition Type: NTFS

      Computer Name: GLBCBA029 | User Name: usuarioname | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\usuarioname\Desktop\OTL (1).exe (OldTimer Tools)
      PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe ()
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
      PRC - C:\Program Files (x86)\Inventec\InvGate.net Client\InvGate-ED.exe (InvGate)
      PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
      PRC - C:\Program Files (x86)\XoftSpySE6\XoftSpySE.exe (ParetoLogic Inc.)
      PRC - C:\Program Files (x86)\Common Files\XoftSpySE\6\xoftspyservice.exe (ParetoLogic Inc.)
      PRC - C:\Program Files (x86)\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe ()
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
      PRC - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe (Trend Micro Inc.)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files\TortoiseSVN\bin\libsasl32.dll ()
      MOD - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
      MOD - C:\Program Files (x86)\Common Files\XoftSpySE\6\xoftspyservicePS.dll ()
      MOD - C:\Program Files (x86)\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
      SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
      SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
      SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
      SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (MoboroboDeviceService) -- C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe ()
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (dsNcService) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
      SRV - (InvClient) -- C:\Program Files (x86)\Inventec\InvGate.net Client\InvGate-ED.exe (InvGate)
      SRV - (XoftSpyService) -- C:\Program Files (x86)\Common Files\XoftSpySE\6\xoftspyservice.exe (ParetoLogic Inc.)
      SRV - (OpenVPNService) -- C:\Program Files (x86)\Astaro\Astaro SSL VPN Client\bin\openvpnserv.exe ()
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (tmlisten) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe (Trend Micro Inc.)
      SRV - (TmProxy) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe (Trend Micro Inc.)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ntrtscan) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe (Trend Micro Inc.)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
      DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
      DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
      DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
      DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
      DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
      DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
      DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
      DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (dsNcAdpt) -- C:\Windows\SysNative\drivers\dsNcAdpt.sys (Juniper Networks)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Accelern.sys (ST Microelectronics)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics)
      DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
      DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
      DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
      DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
      DRV:64bit: - (ZTEusbvoice) -- C:\Windows\SysNative\drivers\ZTEusbvoice.sys (ZTE Incorporated)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
      DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
      DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
      DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
      DRV - (TmFilter) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmxpflt.sys (Trend Micro Inc.)
      DRV - (TmPreFilter) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmpreflt.sys (Trend Micro Inc.)
      DRV - (VSApiNt) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\VsapiNT.sys (Trend Micro Inc.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ar.msn.com/?ocid=iehp
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-AR
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 B8 22 04 79 8B CD 01 [binary data]
      IE - HKCU\..\SearchScopes,DefaultScope = {11B8B301-A846-43F6-9527-88E9C960BB11}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{11B8B301-A846-43F6-9527-88E9C960BB11}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *corporar.com*;<local>
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 198.26.99.001:3128

      ========== FireFox ==========

      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..extensions.enabledAddons: [email protected]:4.0.1
      FF - prefs.js..keyword.URL: "http://google.com"
      FF - prefs.js..network.proxy.backup.ftp: "198.26.99.001"
      FF - prefs.js..network.proxy.backup.ftp_port: 3128
      FF - prefs.js..network.proxy.backup.socks: "198.26.99.001"
      FF - prefs.js..network.proxy.backup.socks_port: 3128
      FF - prefs.js..network.proxy.backup.ssl: "198.26.99.001"
      FF - prefs.js..network.proxy.backup.ssl_port: 3128
      FF - prefs.js..network.proxy.ftp: "proxy.corp.empresa.com"
      FF - prefs.js..network.proxy.ftp_port: 3128
      FF - prefs.js..network.proxy.http: "proxy.corp.empresa.com"
      FF - prefs.js..network.proxy.http_port: 3128
      FF - prefs.js..network.proxy.share_proxy_settings: true
      FF - prefs.js..network.proxy.socks: "proxy.corp.empresa.com"
      FF - prefs.js..network.proxy.socks_port: 3128
      FF - prefs.js..network.proxy.ssl: "proxy.corp.empresa.com"
      FF - prefs.js..network.proxy.ssl_port: 3128
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
      FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\usuarioname\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\usuarioname\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 11:22:50 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/08/22 23:46:58 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 11:22:50 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2012/08/22 10:16:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\usuarioname\AppData\Roaming\mozilla\Extensions
      [2012/10/04 08:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\usuarioname\AppData\Roaming\mozilla\Firefox\Profiles\4k3ceiy6.default\extensions
      [2012/10/04 08:39:38 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\usuarioname\AppData\Roaming\mozilla\Firefox\Profiles\4k3ceiy6.default\extensions\[email protected]
      [2012/09/07 11:22:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
      [2012/09/07 11:22:50 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/08/29 18:38:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/08/29 18:38:38 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

      ========== Chrome ==========

      CHR - homepage: http://www.google.com/
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com/
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\usuarioname\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\usuarioname\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\usuarioname\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
      CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 7 U6 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: Java Deployment Toolkit 7.0.60.24 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

      O1 HOSTS File: ([2012/09/27 22:33:54 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: ::1 localhost
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
      O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.)
      O4 - HKLM..\Run: [openvpn-gui] C:\Program Files (x86)\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe ()
      O4 - HKLM..\Run: [XoftSpySE] C:\Program Files (x86)\XoftSpySE6\XoftSpySE.exe (ParetoLogic Inc.)
      O4 - HKCU..\Run: [X-Lite] C:\Program Files (x86)\CounterPath\X-Lite\X-Lite.exe (CounterPath)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNTSecurity = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDisconnect = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonType = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 600
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SQM present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 1
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
      O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
      O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
      O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
      O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
      O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP12-14923/webex/ieatgpc1.cab (GpcContainer Class)
      O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://mydesktop.corporar.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.50.131.55 200.50.40.299
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = empresa.com
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DAD9CA2-E618-4039-BE18-1EE612E695ED}: DhcpNameServer = 10.60.2.250
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEC1D258-7E91-48A4-91FF-C6176F9F01FE}: DhcpNameServer = 200.50.131.55 200.50.40.299
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18 - Protocol\Handler\ms-help - No CLSID value found
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

      SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SafeBootMin:64bit: Base - Driver Group
      SafeBootMin:64bit: Boot Bus Extender - Driver Group
      SafeBootMin:64bit: Boot file system - Driver Group
      SafeBootMin:64bit: File system - Driver Group
      SafeBootMin:64bit: Filter - Driver Group
      SafeBootMin:64bit: HelpSvc - Service
      SafeBootMin:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      SafeBootMin:64bit: PCI Configuration - Driver Group
      SafeBootMin:64bit: PNP Filter - Driver Group
      SafeBootMin:64bit: Primary disk - Driver Group
      SafeBootMin:64bit: sacsvr - Service
      SafeBootMin:64bit: SCSI Class - Driver Group
      SafeBootMin:64bit: System Bus Extender - Driver Group
      SafeBootMin:64bit: vmms - Service
      SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
      SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
      SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
      SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
      SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
      SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
      SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
      SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
      SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
      SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
      SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
      SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
      SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
      SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
      SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
      SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
      SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
      SafeBootMin: Base - Driver Group
      SafeBootMin: Boot Bus Extender - Driver Group
      SafeBootMin: Boot file system - Driver Group
      SafeBootMin: File system - Driver Group
      SafeBootMin: Filter - Driver Group
      SafeBootMin: HelpSvc - Service
      SafeBootMin: PCI Configuration - Driver Group
      SafeBootMin: PNP Filter - Driver Group
      SafeBootMin: Primary disk - Driver Group
      SafeBootMin: sacsvr - Service
      SafeBootMin: SCSI Class - Driver Group
      SafeBootMin: System Bus Extender - Driver Group
      SafeBootMin: vmms - Service
      SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
      SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
      SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
      SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
      SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
      SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
      SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
      SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
      SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
      SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
      SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
      SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
      SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
      SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
      SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
      SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
      SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/10/05 23:01:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\usuarioname\Desktop\OTL (1).exe
      [2012/10/04 20:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
      [2012/10/03 08:47:58 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/09/29 17:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
      [2012/09/29 17:27:59 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\AppData\Roaming\uTorrent
      [2012/09/29 17:16:56 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\AppData\Roaming\vlc
      [2012/09/29 17:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
      [2012/09/29 17:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
      [2012/09/28 16:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XoftSpySE
      [2012/09/28 16:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
      [2012/09/28 16:09:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ParetoLogic
      [2012/09/28 16:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\XoftSpySE
      [2012/09/28 16:08:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\XoftSpySE
      [2012/09/28 16:08:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XoftSpySE6
      [2012/09/28 00:49:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
      [2012/09/28 00:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
      [2012/09/27 13:27:12 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\AppData\Roaming\Malwarebytes
      [2012/09/27 13:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/09/21 19:37:48 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbvoice.sys
      [2012/09/21 19:37:48 | 000,119,680 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys
      [2012/09/21 19:37:48 | 000,119,680 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys
      [2012/09/21 19:37:48 | 000,119,680 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys
      [2012/09/21 19:37:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SupportAppXL
      [2012/09/21 19:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Claro Internet
      [2012/09/21 19:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro Internet
      [2012/09/13 11:37:50 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\Documents\My Received Files
      [2012/09/13 11:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
      [2012/09/13 11:26:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
      [2012/09/13 11:24:02 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\AppData\Local\Windows Live
      [2012/09/12 23:45:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
      [2012/09/10 23:57:43 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\.freemind
      [2012/09/10 14:57:36 | 000,000,000 | ---D | C] -- C:\Windows\wlansvc
      [2012/09/10 00:22:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
      [2012/09/10 00:22:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeMind
      [2012/09/09 23:50:13 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\AppData\Local\Microsoft Games
      [2012/09/07 12:33:21 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\AppData\Local\TSVNCache
      [2012/09/07 11:22:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2012/09/07 10:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cygwin
      [2012/09/07 10:43:31 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\AppData\Roaming\TortoiseSVN
      [2012/09/07 10:38:40 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\Proyectos
      [2012/09/07 10:38:07 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\AppData\Roaming\Subversion
      [2012/09/07 10:27:10 | 000,000,000 | ---D | C] -- C:\cygwin
      [2012/09/07 10:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
      [2012/09/07 10:25:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TortoiseOverlays
      [2012/09/07 10:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\TortoiseSVN
      [2012/09/07 10:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TortoiseOverlays
      [2012/09/06 23:37:40 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\Desktop\FotosSeguro
      [2012/09/06 09:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Juniper Networks
      [2012/09/06 09:09:36 | 000,589,896 | ---- | C] (Juniper Networks) -- C:\Windows\SysNative\dsNcSmartCardProv.dll
      [2012/09/06 09:09:36 | 000,421,448 | ---- | C] (Juniper Networks) -- C:\Windows\SysNative\dsNcCredProv.dll
      [2012/09/06 09:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Juniper Networks
      [2012/09/06 09:08:36 | 000,000,000 | ---D | C] -- C:\Users\usuarioname\AppData\Roaming\Juniper Networks
      [2012/09/06 0832 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix

      ========== Files - Modified Within 30 Days ==========

      [2012/10/05 23:01:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\usuarioname\Desktop\OTL (1).exe
      [2012/10/05 22:33:01 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/10/05 22:27:03 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4240589779-2681227299-139461318-10869UA.job
      [2012/10/05 21:06:41 | 000,745,204 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/10/05 21:06:41 | 000,629,906 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/10/05 21:06:41 | 000,110,714 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/10/05 21:02:26 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/10/05 21:02:26 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/10/05 20:56:47 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/10/05 20:56:46 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
      [2012/10/05 20:54:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/10/05 20:54:02 | 3062,812,672 | -HS- | M] () -- C:\hiberfil.sys
      [2012/10/05 18:00:00 | 000,000,480 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
      [2012/10/05 08:27:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4240589779-2681227299-139461318-10869Core.job
      [2012/10/03 09:17:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\TbSsKdy.exe
      [2012/10/03 08:31:57 | 000,047,616 | ---- | M] () -- C:\Windows\SysNative\TbSsKdy.exe
      [2012/09/29 17:16:32 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
      [2012/09/29 12:16:15 | 000,000,454 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
      [2012/09/28 21:15:17 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\XoftSpySE.job
      [2012/09/28 16:09:09 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\XoftSpySE.lnk
      [2012/09/28 00:49:44 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
      [2012/09/27 22:33:54 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
      [2012/09/27 13:30:13 | 000,002,479 | ---- | M] () -- C:\Users\usuarioname\Desktop\Google Chrome.lnk
      [2012/09/26 10:48:15 | 000,040,603 | RHS- | M] () -- C:\ProgramData\ntuser.pol
      [2012/09/26 09:43:46 | 000,016,110 | ---- | M] () -- C:\Windows\cfgall.ini
      [2012/09/25 10:12:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\TxcxTWy.exe
      [2012/09/21 19:37:44 | 000,001,674 | ---- | M] () -- C:\Users\Public\Desktop\Claro Internet.lnk
      [2012/09/19 10:11:11 | 000,000,146 | ---- | M] () -- C:\Users\usuarioname\Desktop\Proxy.lnk
      [2012/09/10 00:22:21 | 000,001,889 | ---- | M] () -- C:\Users\usuarioname\Desktop\FreeMind.lnk
      [2012/09/07 10:52:44 | 000,000,579 | ---- | M] () -- C:\Users\Public\Desktop\Cygwin Terminal.lnk
      [2012/09/06 23:35:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

      ========== Files Created - No Company Name ==========

      [2012/10/03 09:17:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\TbSsKdy.exe
      [2012/10/03 08:47:59 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/10/03 08:31:56 | 000,047,616 | ---- | C] () -- C:\Windows\SysNative\TbSsKdy.exe
      [2012/09/29 17:16:32 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
      [2012/09/28 16:09:41 | 000,000,480 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job
      [2012/09/28 16:09:09 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\XoftSpySE.lnk
      [2012/09/28 16:09:08 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
      [2012/09/28 16:09:07 | 000,000,454 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
      [2012/09/28 16:09:05 | 000,000,412 | ---- | C] () -- C:\Windows\tasks\XoftSpySE.job
      [2012/09/28 00:49:44 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
      [2012/09/28 00:49:31 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
      [2012/09/25 10:13:26 | 000,000,075 | ---- | C] () -- C:\Program Files\Mozilla Firefox
      [2012/09/25 10:12:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\TxcxTWy.exe
      [2012/09/21 19:37:37 | 000,001,674 | ---- | C] () -- C:\Users\Public\Desktop\Claro Internet.lnk
      [2012/09/19 10:11:11 | 000,000,146 | ---- | C] () -- C:\Users\usuarioname\Desktop\Proxy.lnk
      [2012/09/13 11:28:58 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
      [2012/09/13 11:28:47 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
      [2012/09/10 00:22:21 | 000,001,889 | ---- | C] () -- C:\Users\usuarioname\Desktop\FreeMind.lnk
      [2012/09/07 10:52:44 | 000,000,579 | ---- | C] () -- C:\Users\Public\Desktop\Cygwin Terminal.lnk
      [2012/09/06 23:35:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      [2012/09/03 16:57:31 | 000,016,110 | ---- | C] () -- C:\Windows\cfgall.ini
      [2012/08/25 00:02:04 | 000,007,597 | ---- | C] () -- C:\Users\usuarioname\AppData\Local\resmon.resmoncfg
      [2012/08/23 23:57:21 | 000,000,218 | ---- | C] () -- C:\Users\usuarioname\.recently-used.xbel
      [2012/08/22 09:34:25 | 000,036,946 | RHS- | C] () -- C:\Users\usuarioname\ntuser.pol
      [2012/08/21 20:29:59 | 000,040,603 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2012/08/21 20:03:18 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
      [2012/08/21 20:03:18 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
      [2012/08/21 20:03:18 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
      [2012/08/21 20:03:18 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
      [2012/08/21 20:03:17 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin

      ========== ZeroAccess Check ==========

      [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== Custom Scans ==========

      < %systemdrive%\*.* >
      [2012/10/03 09:00:22 | 000,000,569 | ---- | M] () -- C:\AT-Destroyer.txt
      [2012/10/05 20:54:02 | 3062,812,672 | -HS- | M] () -- C:\hiberfil.sys
      [2012/10/05 20:54:05 | 4083,752,960 | -HS- | M] () -- C:\pagefile.sys
      [2012/10/03 09:00:21 | 000,000,288 | ---- | M] () -- C:\prueba.txt
      [2012/08/22 13:29:18 | 001,835,008 | ---- | M] () -- C:\TrueCrypt Rescue Disk.iso

      < %temp%\*.exe /15 >

      < %windir%\system32\*.exe /15 >
      [2012/10/03 09:17:00 | 000,000,000 | ---- | M] () -- C:\Windows\system32\TbSsKdy.exe
      [2012/09/25 10:12:22 | 000,000,000 | ---- | M] () -- C:\Windows\system32\TxcxTWy.exe

      < %windir%\SysWow64\*.exe /15 >
      [2012/10/03 09:17:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\TbSsKdy.exe
      [2012/09/25 10:12:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\TxcxTWy.exe

      < %windir%\SysNative\*.exe /15 >
      [2012/10/03 08:31:57 | 000,047,616 | ---- | M] () -- C:\Windows\SysNative\TbSsKdy.exe

      < HKCU\Software\Microsoft\Windows\CurrentVersion\Run /s >
      "Google Update" = "C:\Users\usuarioname\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012/08/22 10:12:42 | 000,116,648 | ---- | M] (Google Inc.)
      "Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 10:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
      "X-Lite" = "C:\Program Files (x86)\CounterPath\X-Lite\X-Lite.exe" -bootload -- [2012/06/22 16:51:04 | 005,070,760 | ---- | M] (CounterPath)

      < HKLM\Software\Microsoft\Windows\CurrentVersion\Run /s >
      "OfficeScanNT Monitor" = "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow -- [2009/09/08 03:32:46 | 001,340,720 | ---- | M] (Trend Micro Inc.)
      "Adobe ARM" = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -- [2012/07/27 17:51:26 | 000,919,008 | ---- | M] (Adobe Systems Incorporated)
      "openvpn-gui" = C:\Program Files (x86)\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe -- [2010/05/07 04:12:42 | 000,265,216 | ---- | M] ()
      "XoftSpySE" = "C:\Program Files (x86)\XoftSpySE6\XoftSpySE.exe" -NM -hidesplash -- [2010/09/29 15:43:26 | 004,861,720 | ---- | M] (ParetoLogic Inc.)

      < HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce /s >

      < HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce /s >

      < End of report >

    4. #4
      Ex-Colaborador Avatar de @Fabian_Dres
      Registrado
      ago 2008
      Ubicación
      Chile
      Mensajes
      15.103

      Re: Doble tilde

      Es indispensable que el siguiente paso lo hagas en Modo seguro:



      Realiza lo siguiente:


      • Cierre todas las ventanas y programas abiertos. Haga doble clic sobre OTL.exe para ejecutarlo.
      • Copie todo el siguiente código: (Se excluye la palabra "Código:")

      Código:
      :OTL
      [2012/10/03 09:17:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\TbSsKdy.exe
      [2012/10/03 08:31:57 | 000,047,616 | ---- | M] () -- C:\Windows\SysNative\TbSsKdy.exe
      [2012/09/25 10:12:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\TxcxTWy.exe
      [2012/10/03 09:17:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\TbSsKdy.exe
      [2012/10/03 08:31:56 | 000,047,616 | ---- | C] () -- C:\Windows\SysNative\TbSsKdy.exe
      [2012/09/25 10:12:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\TxcxTWy.exe
      [2012/10/03 09:17:00 | 000,000,000 | ---- | M] () -- C:\Windows\system32\TbSsKdy.exe
      [2012/09/25 10:12:22 | 000,000,000 | ---- | M] () -- C:\Windows\system32\TxcxTWy.exe
      [2012/10/03 09:17:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\TbSsKdy.exe
      [2012/10/03 08:31:57 | 000,047,616 | ---- | M] () -- C:\Windows\SysNative\TbSsKdy.exe
      
      
      
      :Commands
      [Reboot]
      [EmptyTemp]
      [EmptyJava]
      • Pegue el código sobre el área Análisis Personalizados / Código de Reparación.





      • Haga clic en el botón rojo Reparar para comenzar la reparación. OTL reiniciara el ordenador, haga clic en Aceptar.
      • Tras el reinicio se abrirá un reporte con los resultados, ese reporte también quedara guardado en un archivo de texto sobre C:\_OTL\MovedFiles\



      Para terminar copia y pega el reporte generado tras el reinicio en tu siguiente respuesta comentando si persiste el problema inicial.
      Anoika


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.