Foro Spyware
> Foro Spyware > Seguridad informatica > Logs de HijackThis > No puedo contra la doble tilde
Etiquetas Registrarse Ayuda Miembros Calendario Marcar Foros Como Leídos

No puedo contra la doble tilde

Este es un debate sobre No puedo contra la doble tilde escrito en el foro Logs de HijackThis, parte de la categoria Seguridad informatica ; He pasado todos los anti-espías que mencionáis en varios post de personas con el mismo problema y ninguno me encuentra ...

Logs de HijackThis Analizamos logs de HijackThis para eliminar Hijackers, Spyware, Adware, ToolBars, Virus, Troyanos y Malwares en general.

Respuesta
Página 1 de 2 1 2

 

Herramientas Desplegado
  #1  
Antiguo 21-ene-2010, 11:03
Junior Member
  
Fecha de Ingreso: enero-2010
Mensajes: 8
Predeterminado No puedo contra la doble tilde
He pasado todos los anti-espías que mencionáis en varios post de personas con el mismo problema y ninguno me encuentra nada, pero cada vez que voy a poner una tilde ahí sale la puñetera doble tilde y ya no se que hacer, por eso os dejo mi log por aquí a ver si ustedes me pudiesen ayudar.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:00:16, on 21/01/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Logitech\G35\G35.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint II\SetpointII.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Users\Alvaro\AppData\Local\Apps\2.0\A39X5JP7.QY 1\JT40LL0R.CQE\curs..tion_eee711038731a406_0004.00 00_1430d97334050788\CurseClient.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe
C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDYT.exe
C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDPictureViewer.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\System32\dvmurl.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\s wg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Logitech G35] C:\Program Files\Logitech\G35\G35.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A 57F0B9B89E2E.dll/cmsidewiki.html
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 7493 bytes
Última edición por Albaco; 21-ene-2010 a las 11:20.
Responder Citando
  #2  
Antiguo 21-ene-2010, 11:17
Avatar de jbex
Administrador
  
Fecha de Ingreso: octubre-2007
Ubicación: Enkarterri - Las Encartaciones
Mensajes: 2.341
Predeterminado Respuesta: No puedo contra la doble tilde
Prueba a bajar la demo por 30 días del programa Troyan Remove, lo descargas instalas, actualizas y ejecutas.

Un saludo
__________________
Recuerda que antes de crear un tema o responder, debes leer las normas de uso de foro, para hacer un uso correcto del mismo.
¡Esto es un foro y no un móvil, cuida la escritura.!
Responder Citando
  #3  
Antiguo 21-ene-2010, 11:27
Junior Member
  
Fecha de Ingreso: enero-2010
Mensajes: 8
Predeterminado Respuesta: No puedo contra la doble tilde
Ese mismo fue el ultimo programa que me descargue antes de postear, el programa no me encuentra nada, pero el fallo lo sigo teniendo, por eso ya mi ultima opción ha sido escribiros.
Responder Citando
  #4  
Antiguo 21-ene-2010, 11:30
Avatar de jbex
Administrador
  
Fecha de Ingreso: octubre-2007
Ubicación: Enkarterri - Las Encartaciones
Mensajes: 2.341
Predeterminado Respuesta: No puedo contra la doble tilde
Bien entonces descarga y ejecuta ComboFix. Nos pones su log acá.
Un saludo
__________________
Recuerda que antes de crear un tema o responder, debes leer las normas de uso de foro, para hacer un uso correcto del mismo.
¡Esto es un foro y no un móvil, cuida la escritura.!
Responder Citando
  #5  
Antiguo 21-ene-2010, 13:22
Junior Member
  
Fecha de Ingreso: enero-2010
Mensajes: 8
Predeterminado Respuesta: No puedo contra la doble tilde
ComboFix 10-01-20.05 - Alvaro 21/01/2010 13:16:12.1.8 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.34.3082.18.3070.1766 [GMT 1:00]
Running from: c:\users\Alvaro\Desktop\combofix\ComboFix.exe
SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
.

((((((((((((((((((((((((( Files Created from 2009-12-21 to 2010-01-21 )))))))))))))))))))))))))))))))
.

2010-01-21 12:19 . 2010-01-21 12:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-21 10:33 . 2010-01-21 10:33 -------- d-----w- c:\program files\ESET
2010-01-21 09:50 . 2010-01-21 09:59 -------- d-----w- C:\HijackThis
2010-01-21 09:32 . 2006-06-19 11:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-01-21 09:32 . 2006-05-25 13:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-01-21 09:32 . 2005-08-25 23:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-01-21 09:32 . 2003-02-02 18:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-01-21 09:32 . 2002-03-05 23:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-01-21 09:32 . 2010-01-21 09:32 -------- d-----w- c:\program files\Trojan Remover
2010-01-21 09:32 . 2010-01-21 09:32 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Simply Super Software
2010-01-21 09:32 . 2010-01-21 09:32 -------- d-----w- c:\programdata\Simply Super Software
2010-01-20 13:21 . 2010-01-20 13:21 -------- d-----w- c:\programdata\Logitech
2010-01-13 05:12 . 2009-10-19 14:10 108544 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 05:12 . 2009-10-19 14:10 70656 ----a-w- c:\windows\system32\fontsub.dll
2010-01-08 11:15 . 2010-01-08 11:16 -------- d-----w- c:\users\Alvaro\AppData\Local\Logitech
2010-01-05 00:32 . 2010-01-05 00:32 -------- d-----w- c:\users\Alvaro\AppData\Local\WebDKPSync
2010-01-04 14:38 . 2010-01-04 14:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-03 13:43 . 2003-06-19 00:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.d ll
2010-01-03 13:43 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-03 13:42 . 2010-01-03 13:42 -------- d-----w- c:\program files\Microsoft Works
2010-01-03 13:42 . 2010-01-03 13:42 -------- d-----w- c:\windows\PCHEALTH
2010-01-03 13:42 . 2010-01-03 13:42 -------- d-----w- c:\program files\Microsoft.NET
2010-01-03 13:41 . 2010-01-03 13:41 -------- d-----r- C:\MSOCache
2009-12-29 10:58 . 2009-12-29 10:59 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Media Player Classic
2009-12-29 10:14 . 2009-12-29 10:14 321320 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{B2D4F083-A414-E92C-9367-F46179B85545}-SteamServiceTmp.exe
2009-12-27 20:58 . 2009-12-27 20:58 -------- d-----w- c:\users\Alvaro\AppData\Roaming\runic games
2009-12-22 15:14 . 2009-12-16 15:05 471040 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.d ll
2009-12-22 15:14 . 2009-12-16 15:05 347136 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-22 15:14 . 2009-12-16 15:05 340992 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-12-22 15:14 . 2009-12-16 15:05 43008 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-12-22 15:14 . 2009-12-16 15:05 1452032 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-12-22 14:58 . 2010-01-04 14:50 -------- d-----w- c:\programdata\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-01-21 10:01 . 2009-07-14 08:48 694148 ----a-w- c:\windows\system32\perfh00A.dat
2010-01-21 10:01 . 2009-07-14 08:48 134242 ----a-w- c:\windows\system32\perfc00A.dat
2010-01-21 09:56 . 2009-12-19 17:20 -------- d-----w- c:\program files\Steam
2010-01-21 09:56 . 2009-12-19 17:20 -------- d-----w- c:\program files\Common Files\Steam
2010-01-21 09:55 . 2009-12-19 11:43 -------- d-----w- c:\programdata\NVIDIA
2010-01-21 09:55 . 2009-12-17 20:20 16608 ----a-w- c:\windows\gdrv.sys
2010-01-20 13:21 . 2009-12-17 22:31 -------- d-----w- c:\program files\Logitech
2010-01-14 21:27 . 2009-12-18 19:39 -------- d-----w- c:\program files\World of Warcraft
2010-01-14 10:12 . 2009-12-17 20:26 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-08 11:38 . 2010-01-08 11:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_lgSSBW_01_00 _00.Wdf
2010-01-08 11:38 . 2010-01-08 11:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_lgSSQVGA_01_ 00_00.Wdf
2010-01-08 11:15 . 2010-01-08 11:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_LgLcdSSDrive r_01_00_00.Wdf
2010-01-06 11:01 . 2009-12-17 20:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-03 13:50 . 2009-12-17 21:40 108824 ----a-w- c:\users\Alvaro\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-29 23:58 . 2009-12-17 22:58 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-12-22 01:52 . 2009-12-22 01:52 -------- d-----w- c:\program files\eMule
2009-12-19 23:33 . 2009-12-19 23:33 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-19 22:59 . 2009-12-19 22:59 -------- d-----w- c:\program files\WBFS
2009-12-19 22:51 . 2009-12-19 21:22 -------- d-----w- c:\users\Alvaro\AppData\Roaming\ImgBurn
2009-12-19 17:34 . 2009-12-19 17:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_ 00.Wdf
2009-12-19 11:43 . 2009-12-19 11:43 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-19 11:43 . 2009-12-19 11:43 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-19 11:43 . 2009-12-17 21:36 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-18 22:59 . 2009-12-18 22:51 -------- d-----w- c:\programdata\Blizzard Entertainment
2009-12-18 00:16 . 2009-12-18 00:16 -------- d-----w- c:\programdata\Blizzard
2009-12-18 00:06 . 2009-12-18 00:06 -------- d-----w- c:\program files\ImgBurn
2009-12-17 22:54 . 2009-12-17 22:54 53248 ----a-r- c:\users\Alvaro\AppData\Roaming\Microsoft\Installe r\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2009-12-17 22:54 . 2009-12-17 22:53 -------- d-----w- c:\program files\Common Files\Logishrd
2009-12-17 22:53 . 2009-12-17 22:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_0 1005.Wdf
2009-12-17 22:53 . 2009-12-17 22:24 -------- d-----w- c:\programdata\LogiShrd
2009-12-17 22:49 . 2009-12-17 21:37 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Ventrilo
2009-12-17 22:35 . 2009-12-17 22:35 1232496 ----a-w- c:\programdata\Google\Google Toolbar\Component\GoogleCld_D9AEC8D4D1915047.dll
2009-12-17 22:35 . 2009-12-17 22:34 -------- d-----w- c:\program files\Google
2009-12-17 22:32 . 2009-12-17 22:32 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Leadertech
2009-12-17 22:15 . 2009-12-17 22:15 -------- d--h--w- c:\programdata\CanonBJ
2009-12-17 21:44 . 2009-12-17 21:44 -------- d-----w- c:\program files\Alwil Software
2009-12-17 21:36 . 2009-12-17 21:36 -------- d-----w- c:\program files\Ventrilo
2009-12-17 20:37 . 2009-12-17 20:37 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-17 20:37 . 2009-12-17 20:37 -------- d-----w- c:\program files\Realtek
2009-12-17 20:37 . 2009-12-17 20:37 319488 ----a-w- c:\windows\HideWin.exe
2009-12-17 20:34 . 2009-12-17 20:34 -------- d-----w- c:\program files\Intel
2009-12-17 20:33 . 2009-12-17 20:33 -------- d-----w- c:\program files\Browser Configuration Utility
2009-12-17 20:33 . 2009-12-17 20:33 -------- d-----w- c:\program files\GIGABYTE
2009-12-17 20:33 . 2009-12-17 20:33 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Plantillas
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Menú Inicio
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Favoritos
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Escritorio
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Documentos
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Datos de programa
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\program files\Archivos comunes
2009-11-24 23:54 . 2009-12-17 21:44 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-12-17 21:44 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-12-17 21:44 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-12-17 21:44 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-12-17 21:44 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-12-17 21:44 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-12-17 21:44 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 16:37 . 2009-11-23 16:37 14856 ----a-w- c:\windows\system32\drivers\LGVirHid.sys
2009-11-23 16:37 . 2009-11-23 16:37 19720 ----a-w- c:\windows\system32\drivers\LGBusEnum.sys
2009-11-20 19:33 . 2009-11-20 19:33 812648 ----a-w- c:\windows\system32\nvsvc.dll
2009-11-20 19:33 . 2009-11-20 19:33 66664 ----a-w- c:\windows\system32\nvshext.dll
2009-11-20 19:33 . 2009-11-20 19:33 1323624 ----a-w- c:\windows\system32\nvsvcr.dll
2009-11-20 19:33 . 2009-11-20 19:33 12685928 ----a-w- c:\windows\system32\nvcpl.dll
2009-11-20 19:33 . 2009-11-20 19:33 122984 ----a-w- c:\windows\system32\nvvsvc.exe
2009-11-20 19:33 . 2009-11-20 19:33 110184 ----a-w- c:\windows\system32\nvmctray.dll
2009-10-29 07:22 . 2009-12-17 22:14 2048 ----a-w- c:\windows\system32\tzres.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb 108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-12-17 39408]
"Steam"="c:\program files\Steam\Steam.exe" [2009-12-19 1217808]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-24 6265376]
"Skytel"="Skytel.exe" [2008-07-24 1833504]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]
"Logitech G35"="c:\program files\Logitech\G35\G35.exe" [2009-06-30 1811728]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-07-17 55824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-12-10 357384]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-12-10 1573384]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-12-10 3203080]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-10-17 1070984]

c:\users\Alvaro\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-1-5 0]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2007-8-30 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [17/12/2009 22:44 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswF sBlk.sys [17/12/2009 22:44 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\as wMonFlt.sys [17/12/2009 22:44 53328]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [04/01/2010 15:38 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [20/11/2009 19:17 240232]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\System32\drivers\ladfDHP2i386.sy s [28/05/2009 11:07 53520]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\System32\drivers\ladfSBVMi386.sy s [28/05/2009 11:07 334992]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\System32\drivers\LGBusEnum.sys [23/11/2009 17:37 19720]
R3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\System32\drivers\LGPBTDD.sys [01/07/2009 11:51 23432]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\System32\drivers\LGVirHid.sys [23/11/2009 17:37 14856]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\System32\drivers\Rt86win7.sys [01/03/2009 23:05 139776]
S2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [17/12/2009 21:33 68136]
S2 gupdate;Servicio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [17/12/2009 23:35 135664]
.
Contents of the 'Scheduled Tasks' folder

2010-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-17 22:35]

2010-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-17 22:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es/
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A 57F0B9B89E2E.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.es/
FF - component: c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.d ll
FF - component: c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.d ll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-01-21 13:20:53
ComboFix-quarantined-files.txt 2010-01-21 12:20

Pre-Run: 329.411.981.312 bytes libres
Post-Run: 329.342.435.328 bytes libres

- - End Of File - - 7793CB5F63D0758CEF65BA2D950E5899
Responder Citando
  #6  
Antiguo 21-ene-2010, 20:06
Avatar de jbex
Administrador
  
Fecha de Ingreso: octubre-2007
Ubicación: Enkarterri - Las Encartaciones
Mensajes: 2.341
Predeterminado Respuesta: No puedo contra la doble tilde
Descarga y ejecuta esta herramienta Lop S&D, me colocas su log, junto con uno nuevo del ComboFix que lo tomaras después de ejecutar Lop S&D.
Un saludo
__________________
Recuerda que antes de crear un tema o responder, debes leer las normas de uso de foro, para hacer un uso correcto del mismo.
¡Esto es un foro y no un móvil, cuida la escritura.!
Responder Citando
  #7  
Antiguo 22-ene-2010, 00:42
Junior Member
  
Fecha de Ingreso: enero-2010
Mensajes: 8
Predeterminado Respuesta: No puedo contra la doble tilde
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows 7 Home Premium ( v6.1.7600 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz )
BIOS : Award Modular BIOS v6.00PG
USER : Alvaro ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:465 Go (Free:304 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (Local Disk) - FAT32 - Total:596 Go (Free:535 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [4] ( 22/01/2010| 0:41 )

[ UAC => 1 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script



\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ ELIMINAR

-
[ Archivo Hosts ] .. Restaurado

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Lista de carpetas en Local

[20/12/2009|00:45] C:\Users\Alvaro\AppData\Local\Adobe
[20/12/2009|15:31] C:\Users\Alvaro\AppData\Local\Apps
[17/12/2009|21:14] C:\Users\Alvaro\AppData\Local\Archivos temporales de Internet
[18/12/2009|11:04] C:\Users\Alvaro\AppData\Local\Blizzard Entertainment
[17/12/2009|21:14] C:\Users\Alvaro\AppData\Local\Datos de programa
[21/01/2010|18:56] C:\Users\Alvaro\AppData\Local\Deployment
[20/12/2009|16:42] C:\Users\Alvaro\AppData\Local\Diagnostics
[17/12/2009|23:53] C:\Users\Alvaro\AppData\Local\Downloaded Installations
[03/01/2010|14:50] C:\Users\Alvaro\AppData\Local\GDIPFONTCACHEV1.DAT
[17/12/2009|23:49] C:\Users\Alvaro\AppData\Local\Google
[17/12/2009|21:14] C:\Users\Alvaro\AppData\Local\Historial
[21/01/2010|10:54] C:\Users\Alvaro\AppData\Local\IconCache.db
[17/12/2009|23:54] C:\Users\Alvaro\AppData\Local\LogiShrd
[08/01/2010|12:16] C:\Users\Alvaro\AppData\Local\Logitech
[14/01/2010|17:04] C:\Users\Alvaro\AppData\Local\Microsoft
[17/12/2009|22:41] C:\Users\Alvaro\AppData\Local\Microsoft Games
[17/12/2009|23:46] C:\Users\Alvaro\AppData\Local\Mozilla
[22/01/2010|00:41] C:\Users\Alvaro\AppData\Local\Temp
[29/12/2009|23:26] C:\Users\Alvaro\AppData\Local\VirtualStore
[20/12/2009|02:01] C:\Users\Alvaro\AppData\Local\WBFSManager
[05/01/2010|01:32] C:\Users\Alvaro\AppData\Local\WebDKPSync
[2|archivos] C:\Users\Alvaro\AppData\Local\bytes
[21|dirs] C:\Users\Alvaro\AppData\Local\bytes libres

--------------------\\ Tareas programadas en C:\Windows\Tasks

[22/01/2010 00:40][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[21/01/2010 23:51][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[21/01/2010 10:55][--ah-----] C:\Windows\tasks\SA.DAT
[14/07/2009 05:53][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Lista de carpetas en C:\ProgramData

[20/12/2009|00:34] C:\ProgramData\Adobe
[14/07/2009|05:53] C:\ProgramData\Application Data
[18/12/2009|01:16] C:\ProgramData\Blizzard
[18/12/2009|23:59] C:\ProgramData\Blizzard Entertainment
[17/12/2009|23:15] C:\ProgramData\CanonBJ
[17/12/2009|21:14] C:\ProgramData\Datos de programa
[14/07/2009|05:53] C:\ProgramData\Desktop
[17/12/2009|21:14] C:\ProgramData\Documentos
[14/07/2009|05:53] C:\ProgramData\Documents
[17/12/2009|21:14] C:\ProgramData\Escritorio
[14/07/2009|05:53] C:\ProgramData\Favorites
[17/12/2009|21:14] C:\ProgramData\Favoritos
[17/12/2009|23:35] C:\ProgramData\Google
[17/12/2009|23:53] C:\ProgramData\LogiShrd
[20/01/2010|14:21] C:\ProgramData\Logitech
[17/12/2009|21:14] C:\ProgramData\Men£ Inicio
[03/01/2010|14:43] C:\ProgramData\Microsoft
[21/01/2010|10:55] C:\ProgramData\NVIDIA
[17/12/2009|21:14] C:\ProgramData\Plantillas
[21/01/2010|10:32] C:\ProgramData\Simply Super Software
[04/01/2010|15:50] C:\ProgramData\Spybot - Search & Destroy
[14/07/2009|05:53] C:\ProgramData\Start Menu
[21/01/2010|10:36] C:\ProgramData\TEMP
[14/07/2009|05:53] C:\ProgramData\Templates
[0|archivos] C:\ProgramData\bytes
[26|dirs] C:\ProgramData\bytes libres

--------------------\\ Lista de carpetas en C:\Program Files

[20/12/2009|00:33] C:\Program Files\Adobe
[19/12/2009|12:43] C:\Program Files\AGEIA Technologies
[17/12/2009|22:44] C:\Program Files\Alwil Software
[17/12/2009|21:14] C:\Program Files\Archivos comunes [C:\Program Files\Common Files]
[17/12/2009|21:33] C:\Program Files\Browser Configuration Utility
[21/01/2010|19:15] C:\Program Files\Common Files
[14/07/2009|10:08] C:\Program Files\DVD Maker
[22/12/2009|02:52] C:\Program Files\eMule
[21/01/2010|11:33] C:\Program Files\ESET
[17/12/2009|21:33] C:\Program Files\GIGABYTE
[17/12/2009|23:35] C:\Program Files\Google
[18/12/2009|01:06] C:\Program Files\ImgBurn
[06/01/2010|12:01] C:\Program Files\InstallShield Installation Information
[17/12/2009|21:34] C:\Program Files\Intel
[17/12/2009|23:17] C:\Program Files\Internet Explorer
[20/01/2010|14:21] C:\Program Files\Logitech
[14/07/2009|10:08] C:\Program Files\Microsoft Games
[03/01/2010|14:43] C:\Program Files\Microsoft Office
[03/01/2010|14:42] C:\Program Files\Microsoft Visual Studio
[03/01/2010|14:42] C:\Program Files\Microsoft Works
[03/01/2010|14:42] C:\Program Files\Microsoft.NET
[06/01/2010|22:50] C:\Program Files\Mozilla Firefox
[14/07/2009|05:52] C:\Program Files\MSBuild
[19/12/2009|12:43] C:\Program Files\NVIDIA Corporation
[17/12/2009|21:37] C:\Program Files\Realtek
[14/07/2009|05:52] C:\Program Files\Reference Assemblies
[04/01/2010|15:41] C:\Program Files\Spybot - Search & Destroy
[21/01/2010|10:56] C:\Program Files\Steam
[21/01/2010|10:32] C:\Program Files\Trojan Remover
[14/07/2009|05:53] C:\Program Files\Uninstall Information
[17/12/2009|22:36] C:\Program Files\Ventrilo
[19/12/2009|23:59] C:\Program Files\WBFS
[14/07/2009|09:48] C:\Program Files\Windows Defender
[14/07/2009|10:08] C:\Program Files\Windows Journal
[14/07/2009|09:48] C:\Program Files\Windows Mail
[17/12/2009|23:17] C:\Program Files\Windows Media Player
[17/12/2009|21:14] C:\Program Files\Windows NT
[14/07/2009|09:48] C:\Program Files\Windows Photo Viewer
[14/07/2009|05:52] C:\Program Files\Windows Portable Devices
[14/07/2009|09:48] C:\Program Files\Windows Sidebar
[18/12/2009|22:15] C:\Program Files\WinRAR
[14/01/2010|22:27] C:\Program Files\World of Warcraft
[0|archivos] C:\Program Files\bytes
[44|dirs] C:\Program Files\bytes libres

--------------------\\ Lista de carpetas en C:\Program Files\Common Files

[20/12/2009|00:33] C:\Program Files\Common Files\Adobe
[30/12/2009|00:58] C:\Program Files\Common Files\Blizzard Entertainment
[03/01/2010|14:42] C:\Program Files\Common Files\DESIGNER
[17/12/2009|21:33] C:\Program Files\Common Files\InstallShield
[17/12/2009|23:54] C:\Program Files\Common Files\Logishrd
[03/01/2010|14:43] C:\Program Files\Common Files\microsoft shared
[14/07/2009|03:37] C:\Program Files\Common Files\Services
[14/07/2009|03:37] C:\Program Files\Common Files\SpeechEngines
[21/01/2010|10:56] C:\Program Files\Common Files\Steam
[03/01/2010|14:42] C:\Program Files\Common Files\System
[19/12/2009|12:43] C:\Program Files\Common Files\Wise Installation Wizard
[0|archivos] C:\Program Files\Common Files\bytes
[13|dirs] C:\Program Files\Common Files\bytes libres

--------------------\\ Process

( 68 Processes )

... OK !

--------------------\\ Deteccion con S_Lop

¡ No se encontraron carpetas Lop !

--------------------\\ Deteccion de archivos y carpetas Lop

¡ No se encontraron carpetas Lop !

--------------------\\ Deteccion en el registro de windows

..... OK !

--------------------\\ Analizando el archivo Hosts

Archivo Hosts LIMPIO


--------------------\\ Deteccion de archivos invisibles con Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-01-22 00:41:42
Windows 6.1.7600 NTFS
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

--------------------\\ Deteccion de otras infecciones


¡ No se encontraron otras infecciones !

[F:1][D:2]-> C:\Users\Alvaro\AppData\Local\Temp
[F:132][D:1]-> C:\Users\Alvaro\AppData\Roaming\MICROS~1\Windows\C ookies
[F:11][D:3]-> C:\Users\Alvaro\AppData\Local\MICROS~1\Windows\TEM POR~1\content.IE5
[F:1][D:1]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 22/01/2010| 0:41 - Option : [4]

--------------------\\ Analisis terminado a 0:41:59
[ UAC => 1 ]
Responder Citando
  #8  
Antiguo 22-ene-2010, 00:51
Junior Member
  
Fecha de Ingreso: enero-2010
Mensajes: 8
Predeterminado Respuesta: No puedo contra la doble tilde
ComboFix 10-01-21.01 - Alvaro 22/01/2010 0:45.3.8 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.34.3082.18.3070.1946 [GMT 1:00]
Running from: c:\users\Alvaro\Desktop\combofix\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
.

((((((((((((((((((((((((( Files Created from 2009-12-21 to 2010-01-21 )))))))))))))))))))))))))))))))
.

2010-01-21 23:49 . 2010-01-21 23:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-21 23:49 . 2010-01-21 23:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-21 23:40 . 2010-01-21 23:41 -------- d-----w- C:\Lop SD
2010-01-21 10:33 . 2010-01-21 10:33 -------- d-----w- c:\program files\ESET
2010-01-21 09:50 . 2010-01-21 09:59 -------- d-----w- C:\HijackThis
2010-01-21 09:32 . 2006-06-19 11:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-01-21 09:32 . 2006-05-25 13:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-01-21 09:32 . 2005-08-25 23:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-01-21 09:32 . 2003-02-02 18:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-01-21 09:32 . 2002-03-05 23:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-01-21 09:32 . 2010-01-21 09:32 -------- d-----w- c:\program files\Trojan Remover
2010-01-21 09:32 . 2010-01-21 09:32 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Simply Super Software
2010-01-21 09:32 . 2010-01-21 09:32 -------- d-----w- c:\programdata\Simply Super Software
2010-01-20 13:21 . 2010-01-20 13:21 -------- d-----w- c:\programdata\Logitech
2010-01-13 05:12 . 2009-10-19 14:10 108544 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 05:12 . 2009-10-19 14:10 70656 ----a-w- c:\windows\system32\fontsub.dll
2010-01-08 11:15 . 2010-01-08 11:16 -------- d-----w- c:\users\Alvaro\AppData\Local\Logitech
2010-01-05 00:32 . 2010-01-05 00:32 -------- d-----w- c:\users\Alvaro\AppData\Local\WebDKPSync
2010-01-04 14:38 . 2010-01-04 14:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-03 13:43 . 2003-06-19 00:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.d ll
2010-01-03 13:43 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-03 13:42 . 2010-01-03 13:42 -------- d-----w- c:\program files\Microsoft Works
2010-01-03 13:42 . 2010-01-03 13:42 -------- d-----w- c:\windows\PCHEALTH
2010-01-03 13:42 . 2010-01-03 13:42 -------- d-----w- c:\program files\Microsoft.NET
2010-01-03 13:41 . 2010-01-03 13:41 -------- d-----r- C:\MSOCache
2009-12-29 10:58 . 2009-12-29 10:59 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Media Player Classic
2009-12-29 10:14 . 2009-12-29 10:14 321320 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{B2D4F083-A414-E92C-9367-F46179B85545}-SteamServiceTmp.exe
2009-12-27 20:58 . 2009-12-27 20:58 -------- d-----w- c:\users\Alvaro\AppData\Roaming\runic games

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-01-21 10:01 . 2009-07-14 08:48 694148 ----a-w- c:\windows\system32\perfh00A.dat
2010-01-21 10:01 . 2009-07-14 08:48 134242 ----a-w- c:\windows\system32\perfc00A.dat
2010-01-21 09:56 . 2009-12-19 17:20 -------- d-----w- c:\program files\Steam
2010-01-21 09:56 . 2009-12-19 17:20 -------- d-----w- c:\program files\Common Files\Steam
2010-01-21 09:55 . 2009-12-19 11:43 -------- d-----w- c:\programdata\NVIDIA
2010-01-21 09:55 . 2009-12-17 20:20 16608 ----a-w- c:\windows\gdrv.sys
2010-01-20 13:21 . 2009-12-17 22:31 -------- d-----w- c:\program files\Logitech
2010-01-14 21:27 . 2009-12-18 19:39 -------- d-----w- c:\program files\World of Warcraft
2010-01-14 10:12 . 2009-12-17 20:26 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-08 11:38 . 2010-01-08 11:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_lgSSBW_01_00 _00.Wdf
2010-01-08 11:38 . 2010-01-08 11:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_lgSSQVGA_01_ 00_00.Wdf
2010-01-08 11:15 . 2010-01-08 11:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_LgLcdSSDrive r_01_00_00.Wdf
2010-01-06 11:01 . 2009-12-17 20:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-04 14:50 . 2009-12-22 14:58 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-01-03 13:50 . 2009-12-17 21:40 108824 ----a-w- c:\users\Alvaro\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-29 23:58 . 2009-12-17 22:58 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-12-22 01:52 . 2009-12-22 01:52 -------- d-----w- c:\program files\eMule
2009-12-19 23:33 . 2009-12-19 23:33 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-19 22:59 . 2009-12-19 22:59 -------- d-----w- c:\program files\WBFS
2009-12-19 22:51 . 2009-12-19 21:22 -------- d-----w- c:\users\Alvaro\AppData\Roaming\ImgBurn
2009-12-19 17:34 . 2009-12-19 17:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_ 00.Wdf
2009-12-19 11:43 . 2009-12-19 11:43 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-19 11:43 . 2009-12-19 11:43 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-19 11:43 . 2009-12-17 21:36 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-18 22:59 . 2009-12-18 22:51 -------- d-----w- c:\programdata\Blizzard Entertainment
2009-12-18 00:16 . 2009-12-18 00:16 -------- d-----w- c:\programdata\Blizzard
2009-12-18 00:06 . 2009-12-18 00:06 -------- d-----w- c:\program files\ImgBurn
2009-12-17 22:54 . 2009-12-17 22:54 53248 ----a-r- c:\users\Alvaro\AppData\Roaming\Microsoft\Installe r\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2009-12-17 22:54 . 2009-12-17 22:53 -------- d-----w- c:\program files\Common Files\Logishrd
2009-12-17 22:53 . 2009-12-17 22:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_0 1005.Wdf
2009-12-17 22:53 . 2009-12-17 22:24 -------- d-----w- c:\programdata\LogiShrd
2009-12-17 22:49 . 2009-12-17 21:37 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Ventrilo
2009-12-17 22:35 . 2009-12-17 22:35 1232496 ----a-w- c:\programdata\Google\Google Toolbar\Component\GoogleCld_D9AEC8D4D1915047.dll
2009-12-17 22:35 . 2009-12-17 22:34 -------- d-----w- c:\program files\Google
2009-12-17 22:32 . 2009-12-17 22:32 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Leadertech
2009-12-17 22:15 . 2009-12-17 22:15 -------- d--h--w- c:\programdata\CanonBJ
2009-12-17 21:44 . 2009-12-17 21:44 -------- d-----w- c:\program files\Alwil Software
2009-12-17 21:36 . 2009-12-17 21:36 -------- d-----w- c:\program files\Ventrilo
2009-12-17 20:37 . 2009-12-17 20:37 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-17 20:37 . 2009-12-17 20:37 -------- d-----w- c:\program files\Realtek
2009-12-17 20:37 . 2009-12-17 20:37 319488 ----a-w- c:\windows\HideWin.exe
2009-12-17 20:34 . 2009-12-17 20:34 -------- d-----w- c:\program files\Intel
2009-12-17 20:33 . 2009-12-17 20:33 -------- d-----w- c:\program files\Browser Configuration Utility
2009-12-17 20:33 . 2009-12-17 20:33 -------- d-----w- c:\program files\GIGABYTE
2009-12-17 20:33 . 2009-12-17 20:33 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Plantillas
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Menú Inicio
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Favoritos
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Escritorio
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Documentos
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Datos de programa
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\program files\Archivos comunes
2009-12-16 15:05 . 2009-12-22 15:14 471040 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.d ll
2009-12-16 15:05 . 2009-12-22 15:14 347136 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-16 15:05 . 2009-12-22 15:14 340992 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-12-16 15:05 . 2009-12-22 15:14 43008 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-12-16 15:05 . 2009-12-22 15:14 1452032 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-11-24 23:54 . 2009-12-17 21:44 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-12-17 21:44 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-12-17 21:44 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-12-17 21:44 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-12-17 21:44 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-12-17 21:44 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-12-17 21:44 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 16:37 . 2009-11-23 16:37 14856 ----a-w- c:\windows\system32\drivers\LGVirHid.sys
2009-11-23 16:37 . 2009-11-23 16:37 19720 ----a-w- c:\windows\system32\drivers\LGBusEnum.sys
2009-11-20 19:33 . 2009-11-20 19:33 812648 ----a-w- c:\windows\system32\nvsvc.dll
2009-11-20 19:33 . 2009-11-20 19:33 66664 ----a-w- c:\windows\system32\nvshext.dll
2009-11-20 19:33 . 2009-11-20 19:33 1323624 ----a-w- c:\windows\system32\nvsvcr.dll
2009-11-20 19:33 . 2009-11-20 19:33 12685928 ----a-w- c:\windows\system32\nvcpl.dll
2009-11-20 19:33 . 2009-11-20 19:33 122984 ----a-w- c:\windows\system32\nvvsvc.exe
2009-11-20 19:33 . 2009-11-20 19:33 110184 ----a-w- c:\windows\system32\nvmctray.dll
2009-10-29 07:22 . 2009-12-17 22:14 2048 ----a-w- c:\windows\system32\tzres.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb 108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-12-17 39408]
"Steam"="c:\program files\Steam\Steam.exe" [2009-12-19 1217808]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-24 6265376]
"Skytel"="Skytel.exe" [2008-07-24 1833504]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]
"Logitech G35"="c:\program files\Logitech\G35\G35.exe" [2009-06-30 1811728]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-07-17 55824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-12-10 357384]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-12-10 1573384]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-12-10 3203080]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-10-17 1070984]

c:\users\Alvaro\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-1-5 0]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2007-8-30 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [17/12/2009 22:44 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswF sBlk.sys [17/12/2009 22:44 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\as wMonFlt.sys [17/12/2009 22:44 53328]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [04/01/2010 15:38 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [20/11/2009 19:17 240232]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\System32\drivers\ladfDHP2i386.sy s [28/05/2009 11:07 53520]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\System32\drivers\ladfSBVMi386.sy s [28/05/2009 11:07 334992]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\System32\drivers\LGBusEnum.sys [23/11/2009 17:37 19720]
R3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\System32\drivers\LGPBTDD.sys [01/07/2009 11:51 23432]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\System32\drivers\LGVirHid.sys [23/11/2009 17:37 14856]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\System32\drivers\Rt86win7.sys [01/03/2009 23:05 139776]
S2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [17/12/2009 21:33 68136]
S2 gupdate;Servicio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [17/12/2009 23:35 135664]
.
Contents of the 'Scheduled Tasks' folder

2010-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-17 22:35]

2010-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-17 22:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es/
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A 57F0B9B89E2E.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.es/
FF - component: c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.d ll
FF - component: c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.d ll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-01-22 00:50:11
ComboFix-quarantined-files.txt 2010-01-21 23:50
ComboFix2.txt 2010-01-21 18:18
ComboFix3.txt 2010-01-21 12:20

Pre-Run: 326.870.544.384 bytes libres
Post-Run: 326.804.836.352 bytes libres

- - End Of File - - C0F3FF803B5A905AA83EA9DD196E08A9
Responder Citando
  #9  
Antiguo 22-ene-2010, 11:19
Avatar de jbex
Administrador
  
Fecha de Ingreso: octubre-2007
Ubicación: Enkarterri - Las Encartaciones
Mensajes: 2.341
Predeterminado Respuesta: No puedo contra la doble tilde
  1. Abre el notepad - no utilice otro tipo de editor de texto que el Bloc de notas o el script fallará.
    • Clic en inicio -> ejecutar y escribe: notepad.exe
    • Clic en aceptar
  2. Copia/pega el texto de la casilla de abajo en el notepad:
    Código:
    KillAll::
File::
c:\users\Alvaro\AppData\Local\GDIPFONTCACHEV1.DAT
  3. Ve a la ventana del Bloc de notas y haz clic en Editar -> Pegar
    • A continuación, haz clic en Archivo -> Guardar
    • Nombre del archivo CFScript.txt
    • Guarde el archivo en el escritorio
  4. Arrastra el archivo que acaba de crear ... CFScript.txt y soltar en el icono principal ComboFix.exe como se indica a continuación.

  5. Espera a que ComboFix termine de ejecutarse.
  6. Esto iniciará de nuevo ComboFix.
Después de reiniciar el sistema (en caso de que pida reiniciar), pega el contenido de Combofix.txt en la próxima respuesta.

Luego envía a VirusTotal - Servicio online antivirus gratuito los siguientes archivos:
c:\windows\DIFxAPI.dll

Nos comentas el resultado.

Entrando en modo seguro con funciones de red, escanea la carpeta Windows, con al menos dos antivirus on-line Enlaces a antivirus on-line
Un saludo
__________________
Recuerda que antes de crear un tema o responder, debes leer las normas de uso de foro, para hacer un uso correcto del mismo.
¡Esto es un foro y no un móvil, cuida la escritura.!
Responder Citando
  #10  
Antiguo 22-ene-2010, 15:49
Junior Member
  
Fecha de Ingreso: enero-2010
Mensajes: 8
Predeterminado Respuesta: No puedo contra la doble tilde
ComboFix 10-01-21.08 - Alvaro 22/01/2010 15:39:22.4.8 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.34.3082.18.3070.2073 [GMT 1:00]
Running from: c:\users\Alvaro\Desktop\ComboFix.exe
Command switches used :: c:\users\Alvaro\Desktop\CFScript.txt
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

FILE ::
"c:\users\Alvaro\AppData\Local\GDIPFONTCACHEV1.DAT "
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Alvaro\AppData\Local\GDIPFONTCACHEV1.DAT

.
((((((((((((((((((((((((( Files Created from 2009-12-22 to 2010-01-22 )))))))))))))))))))))))))))))))
.

2010-01-22 14:44 . 2010-01-22 14:44 8224 ------w- c:\users\Alvaro\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-22 14:43 . 2010-01-22 14:44 -------- d-----w- c:\users\Alvaro\AppData\Local\temp
2010-01-22 14:43 . 2010-01-22 14:43 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-22 14:43 . 2010-01-22 14:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-21 23:40 . 2010-01-21 23:41 -------- d-----w- C:\Lop SD
2010-01-21 10:33 . 2010-01-21 10:33 -------- d-----w- c:\program files\ESET
2010-01-21 09:50 . 2010-01-21 09:59 -------- d-----w- C:\HijackThis
2010-01-21 09:32 . 2006-06-19 11:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-01-21 09:32 . 2006-05-25 13:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-01-21 09:32 . 2005-08-25 23:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-01-21 09:32 . 2003-02-02 18:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-01-21 09:32 . 2002-03-05 23:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-01-21 09:32 . 2010-01-21 09:32 -------- d-----w- c:\program files\Trojan Remover
2010-01-21 09:32 . 2010-01-21 09:32 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Simply Super Software
2010-01-21 09:32 . 2010-01-21 09:32 -------- d-----w- c:\programdata\Simply Super Software
2010-01-20 13:21 . 2010-01-20 13:21 -------- d-----w- c:\programdata\Logitech
2010-01-13 05:12 . 2009-10-19 14:10 108544 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 05:12 . 2009-10-19 14:10 70656 ----a-w- c:\windows\system32\fontsub.dll
2010-01-08 11:15 . 2010-01-08 11:16 -------- d-----w- c:\users\Alvaro\AppData\Local\Logitech
2010-01-05 00:32 . 2010-01-05 00:32 -------- d-----w- c:\users\Alvaro\AppData\Local\WebDKPSync
2010-01-04 14:38 . 2010-01-04 14:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-03 13:43 . 2003-06-19 00:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.d ll
2010-01-03 13:43 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-03 13:42 . 2010-01-03 13:42 -------- d-----w- c:\program files\Microsoft Works
2010-01-03 13:42 . 2010-01-03 13:42 -------- d-----w- c:\windows\PCHEALTH
2010-01-03 13:42 . 2010-01-03 13:42 -------- d-----w- c:\program files\Microsoft.NET
2010-01-03 13:41 . 2010-01-03 13:41 -------- d-----r- C:\MSOCache
2009-12-29 10:58 . 2009-12-29 10:59 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Media Player Classic
2009-12-29 10:14 . 2009-12-29 10:14 321320 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{B2D4F083-A414-E92C-9367-F46179B85545}-SteamServiceTmp.exe
2009-12-27 20:58 . 2009-12-27 20:58 -------- d-----w- c:\users\Alvaro\AppData\Roaming\runic games

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-01-22 14:44 . 2009-12-19 17:20 -------- d-----w- c:\program files\Steam
2010-01-22 14:44 . 2009-12-19 11:43 -------- d-----w- c:\programdata\NVIDIA
2010-01-22 14:44 . 2009-12-17 20:20 16608 ----a-w- c:\windows\gdrv.sys
2010-01-22 00:02 . 2009-07-14 08:48 694148 ----a-w- c:\windows\system32\perfh00A.dat
2010-01-22 00:02 . 2009-07-14 08:48 134242 ----a-w- c:\windows\system32\perfc00A.dat
2010-01-21 23:57 . 2009-12-19 17:20 -------- d-----w- c:\program files\Common Files\Steam
2010-01-20 13:21 . 2009-12-17 22:31 -------- d-----w- c:\program files\Logitech
2010-01-14 21:27 . 2009-12-18 19:39 -------- d-----w- c:\program files\World of Warcraft
2010-01-14 10:12 . 2009-12-17 20:26 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-08 11:38 . 2010-01-08 11:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_lgSSBW_01_00 _00.Wdf
2010-01-08 11:38 . 2010-01-08 11:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_lgSSQVGA_01_ 00_00.Wdf
2010-01-08 11:15 . 2010-01-08 11:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_LgLcdSSDrive r_01_00_00.Wdf
2010-01-06 11:01 . 2009-12-17 20:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-04 14:50 . 2009-12-22 14:58 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-29 23:58 . 2009-12-17 22:58 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-12-22 01:52 . 2009-12-22 01:52 -------- d-----w- c:\program files\eMule
2009-12-19 23:33 . 2009-12-19 23:33 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-19 22:59 . 2009-12-19 22:59 -------- d-----w- c:\program files\WBFS
2009-12-19 22:51 . 2009-12-19 21:22 -------- d-----w- c:\users\Alvaro\AppData\Roaming\ImgBurn
2009-12-19 17:34 . 2009-12-19 17:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_ 00.Wdf
2009-12-19 11:43 . 2009-12-19 11:43 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-19 11:43 . 2009-12-19 11:43 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-19 11:43 . 2009-12-17 21:36 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-18 22:59 . 2009-12-18 22:51 -------- d-----w- c:\programdata\Blizzard Entertainment
2009-12-18 00:16 . 2009-12-18 00:16 -------- d-----w- c:\programdata\Blizzard
2009-12-18 00:06 . 2009-12-18 00:06 -------- d-----w- c:\program files\ImgBurn
2009-12-17 22:54 . 2009-12-17 22:54 53248 ----a-r- c:\users\Alvaro\AppData\Roaming\Microsoft\Installe r\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2009-12-17 22:54 . 2009-12-17 22:53 -------- d-----w- c:\program files\Common Files\Logishrd
2009-12-17 22:53 . 2009-12-17 22:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_0 1005.Wdf
2009-12-17 22:53 . 2009-12-17 22:24 -------- d-----w- c:\programdata\LogiShrd
2009-12-17 22:49 . 2009-12-17 21:37 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Ventrilo
2009-12-17 22:35 . 2009-12-17 22:35 1232496 ----a-w- c:\programdata\Google\Google Toolbar\Component\GoogleCld_D9AEC8D4D1915047.dll
2009-12-17 22:35 . 2009-12-17 22:34 -------- d-----w- c:\program files\Google
2009-12-17 22:32 . 2009-12-17 22:32 -------- d-----w- c:\users\Alvaro\AppData\Roaming\Leadertech
2009-12-17 22:15 . 2009-12-17 22:15 -------- d--h--w- c:\programdata\CanonBJ
2009-12-17 21:44 . 2009-12-17 21:44 -------- d-----w- c:\program files\Alwil Software
2009-12-17 21:36 . 2009-12-17 21:36 -------- d-----w- c:\program files\Ventrilo
2009-12-17 20:37 . 2009-12-17 20:37 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-17 20:37 . 2009-12-17 20:37 -------- d-----w- c:\program files\Realtek
2009-12-17 20:37 . 2009-12-17 20:37 319488 ----a-w- c:\windows\HideWin.exe
2009-12-17 20:34 . 2009-12-17 20:34 -------- d-----w- c:\program files\Intel
2009-12-17 20:33 . 2009-12-17 20:33 -------- d-----w- c:\program files\Browser Configuration Utility
2009-12-17 20:33 . 2009-12-17 20:33 -------- d-----w- c:\program files\GIGABYTE
2009-12-17 20:33 . 2009-12-17 20:33 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Plantillas
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Menú Inicio
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Favoritos
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Escritorio
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Documentos
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\programdata\Datos de programa
2009-12-17 20:14 . 2009-12-17 20:14 -------- d-sh--we c:\program files\Archivos comunes
2009-12-16 15:05 . 2009-12-22 15:14 471040 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.d ll
2009-12-16 15:05 . 2009-12-22 15:14 347136 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-16 15:05 . 2009-12-22 15:14 340992 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-12-16 15:05 . 2009-12-22 15:14 43008 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-12-16 15:05 . 2009-12-22 15:14 1452032 ----a-w- c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-11-24 23:54 . 2009-12-17 21:44 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-12-17 21:44 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-12-17 21:44 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-12-17 21:44 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-12-17 21:44 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-12-17 21:44 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-12-17 21:44 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 16:37 . 2009-11-23 16:37 14856 ----a-w- c:\windows\system32\drivers\LGVirHid.sys
2009-11-23 16:37 . 2009-11-23 16:37 19720 ----a-w- c:\windows\system32\drivers\LGBusEnum.sys
2009-11-20 19:33 . 2009-11-20 19:33 812648 ----a-w- c:\windows\system32\nvsvc.dll
2009-11-20 19:33 . 2009-11-20 19:33 66664 ----a-w- c:\windows\system32\nvshext.dll
2009-11-20 19:33 . 2009-11-20 19:33 1323624 ----a-w- c:\windows\system32\nvsvcr.dll
2009-11-20 19:33 . 2009-11-20 19:33 12685928 ----a-w- c:\windows\system32\nvcpl.dll
2009-11-20 19:33 . 2009-11-20 19:33 122984 ----a-w- c:\windows\system32\nvvsvc.exe
2009-11-20 19:33 . 2009-11-20 19:33 110184 ----a-w- c:\windows\system32\nvmctray.dll
2009-10-29 07:22 . 2009-12-17 22:14 2048 ----a-w- c:\windows\system32\tzres.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb 108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-12-17 39408]
"Steam"="c:\program files\Steam\Steam.exe" [2009-12-19 1217808]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-24 6265376]
"Skytel"="Skytel.exe" [2008-07-24 1833504]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]
"Logitech G35"="c:\program files\Logitech\G35\G35.exe" [2009-06-30 1811728]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-07-17 55824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-12-10 357384]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-12-10 1573384]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-12-10 3203080]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-10-17 1070984]

c:\users\Alvaro\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-1-5 0]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2007-8-30 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [17/12/2009 22:44 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswF sBlk.sys [17/12/2009 22:44 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\as wMonFlt.sys [17/12/2009 22:44 53328]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [04/01/2010 15:38 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [20/11/2009 19:17 240232]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\System32\drivers\ladfDHP2i386.sy s [28/05/2009 11:07 53520]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\System32\drivers\ladfSBVMi386.sy s [28/05/2009 11:07 334992]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\System32\drivers\LGBusEnum.sys [23/11/2009 17:37 19720]
R3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\System32\drivers\LGPBTDD.sys [01/07/2009 11:51 23432]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\System32\drivers\LGVirHid.sys [23/11/2009 17:37 14856]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\System32\drivers\Rt86win7.sys [01/03/2009 23:05 139776]
S2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [17/12/2009 21:33 68136]
S2 gupdate;Servicio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [17/12/2009 23:35 135664]
.
Contents of the 'Scheduled Tasks' folder

2010-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-17 22:35]

2010-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-17 22:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es/
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A 57F0B9B89E2E.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.es/
FF - component: c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.d ll
FF - component: c:\users\Alvaro\AppData\Roaming\Mozilla\Firefox\Pr ofiles\cqccllu0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.d ll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\windows\system32\conhost.exe
c:\windows\RtHDVCpl.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsv c.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDMedia.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDPop3.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDRSS.exe
c:\program files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe
c:\program files\Logitech\GamePanel Software\Applets\ColorOnly\LCDYT.exe
c:\program files\Logitech\GamePanel Software\Applets\ColorOnly\LCDPictureViewer.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDClock.exe
c:\program files\Windows Media Player\WMPSideShowGadget.exe
c:\program files\Common Files\Steam\SteamService.exe
c:\program files\Windows Media Player\wmplayer.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\program files\Logitech\G35\LU\LULnchr.exe
c:\program files\Logitech\G35\LU\LogitechUpdate.exe
.
************************************************** ************************
.
Completion time: 2010-01-22 15:46:07 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-22 14:46
ComboFix2.txt 2010-01-21 23:50
ComboFix3.txt 2010-01-21 18:18
ComboFix4.txt 2010-01-21 12:20

Pre-Run: 318.783.901.696 bytes libres
Post-Run: 318.398.283.776 bytes libres

- - End Of File - - A5820C39E83579A3FDB0D0203EE82F1F


Hechos los ultimos pasos indicados, en cuanto pruebe un poco comentare los resultados.


Nota --> Tras reinciar el ordenador no hay signos de problemas con la doble tilde, pero al cabo de un rato vuelve a salir el problema.
Última edición por Albaco; 22-ene-2010 a las 20:11.
Responder Citando
Respuesta
Página 1 de 2 1 2

Marcadores

Etiquetas
doble, puedo, tilde


« Tema Anterior | Próximo Tema »
Herramientas
Desplegado
Mode Lineal Mode Lineal

Normas de Publicación
No puedes crear nuevos temas
No puedes responder temas
No puedes subir archivos adjuntos
No puedes editar tus mensajes
Los Códigos BB están Activado
Las Caritas están Activado
[IMG] está Activado
El Código HTML está Desactivado
Trackbacks are Desactivado
Pingbacks are Desactivado
Refbacks are Desactivado
Ir al Foro

Temas Similares

Tema Autor Foro Respuestas Último mensaje
Problema con doble tilde mmorcal Logs de HijackThis 5 21-ene-2010 11:28
virus doble tilde ´´ nini Foro de Virus y Spywares 13 20-ene-2010 23:07
Virus de la doble tilde mayboll Logs de HijackThis 3 01-oct-2009 11:49
virus de la doble tilde... tom tilde Foro de Virus y Spywares 2 30-mar-2009 10:51
Malware del DOBLE TILDE (´´) jbex Virus, Spywares y otras amenazas 0 03-oct-2008 19:08


La franja horaria es GMT +2. Ahora son las 21:06.