• Registrarse
  • Iniciar sesión


  • Resultados 1 al 6 de 6

    Virus policia (Solucionado)

    Resumen del tema: Virus policia (Solucionado) - Hola, He pasado el OTL y no se muy bien que es lo siguiente que tengo que hacer, este es el informe: OTL logfile created on: 01/03/2012 14:04:31 - Run 2 OTL by OldTimer - ...

      
    1. #1
      Usuario Avatar de deltaq
      Registrado
      mar 2012
      Ubicación
      españa
      Mensajes
      4

      Virus policia (Solucionado)

      Hola, He pasado el OTL y no se muy bien que es lo siguiente que tengo que hacer, este es el informe:



      OTL logfile created on: 01/03/2012 14:04:31 - Run 2
      OTL by OldTimer - Version 3.2.34.0 Folder = D:\Downloads
      Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      2,97 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 71,08% Memory free
      5,93 Gb Paging File | 4,89 Gb Available in Paging File | 82,48% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 149,41 Gb Total Space | 41,22 Gb Free Space | 27,59% Space Free | Partition Type: NTFS
      Drive D: | 148,28 Gb Total Space | 24,50 Gb Free Space | 16,52% Space Free | Partition Type: NTFS
      Drive E: | 190,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

      Computer Name: KILLIPC | User Name: miriam&sergi | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - [2012/03/01 14:03:27 | 000,584,704 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL (1).exe
      PRC - [2012/02/15 06:03:37 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Archivos de programa\Google\Chrome\Application\chrome.exe
      PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Users\miriam&sergi\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe
      PRC - [2011/07/16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
      PRC - [2011/04/13 14:56:38 | 000,189,760 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee\Managed VirusScan\Agent\swAgent.exe
      PRC - [2011/04/13 14:49:48 | 000,291,064 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
      PRC - [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
      PRC - [2011/01/19 09:18:20 | 000,145,936 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
      PRC - [2011/01/12 1308 | 000,033,648 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Common Files\McAfee\SystemCore\mfeann.exe
      PRC - [2011/01/12 13:09:44 | 000,159,320 | ---- | M] (McAfee, Inc.) -- C:\Archivos de programa\Common Files\McAfee\SystemCore\mcshield.exe
      PRC - [2009/08/27 13:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) -- C:\Archivos de programa\TOSHIBA\TECO\TecoService.exe
      PRC - [2009/08/10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Archivos de programa\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
      PRC - [2009/08/06 15:02:56 | 001,050,000 | ---- | M] (Toshiba Europe GmbH) -- C:\Archivos de programa\Toshiba TEMPRO\TemproTray.exe
      PRC - [2009/08/06 15:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) -- C:\Archivos de programa\Toshiba TEMPRO\TemproSvc.exe
      PRC - [2009/08/06 12:06:58 | 000,466,792 | ---- | M] (TOSHIBA Corporation) -- C:\Archivos de programa\TOSHIBA\BulletinBoard\TosNcCore.exe
      PRC - [2009/08/05 14:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Archivos de programa\TOSHIBA\Power Saver\TosCoSrv.exe
      PRC - [2009/08/03 17:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
      PRC - [2009/08/03 17:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
      PRC - [2009/07/29 23:54:38 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
      PRC - [2009/07/29 23:54:10 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
      PRC - [2009/07/28 14:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
      PRC - [2009/07/14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe
      PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
      PRC - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Archivos de programa\TOSHIBA\ConfigFree\CFSvcs.exe
      PRC - [2009/01/13 20:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Archivos de programa\TOSHIBA\Utilities\KeNotify.exe
      PRC - [2008/05/15 14:47:04 | 000,098,304 | ---- | M] (UJI per a CATCert) -- C:\Archivos de programa\CATCert\Clauer idCAT\clos-win.exe
      PRC - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Common Files\microsoft shared\VS7DEBUG\mdm.exe


      ========== Modules (No Company Name) ==========

      MOD - [2012/02/23 14:04:24 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4745cd79cd87ef98af5163b152088e28\Microsoft.VisualBasic.ni.dll
      MOD - [2012/02/23 13:59:17 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5ca17001998a75ca774d2b80eead5579\System.ServiceProcess.ni.dll
      MOD - [2012/02/23 13:58:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
      MOD - [2012/02/23 13:58:29 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll
      MOD - [2012/02/23 13:58:21 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll
      MOD - [2012/02/23 13:58:17 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c0508b05f5c28e37711f447a66368e75\PresentationCore.ni.dll
      MOD - [2012/02/23 13:58:05 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
      MOD - [2012/02/23 13:57:58 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
      MOD - [2012/02/23 13:57:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
      MOD - [2012/02/23 13:57:49 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
      MOD - [2012/02/15 06:03:36 | 000,429,040 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\17.0.963.56\ppgooglenaclpluginchrome.dll
      MOD - [2012/02/15 06:03:34 | 003,772,912 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\17.0.963.56\pdf.dll
      MOD - [2012/02/15 06:02:10 | 000,122,880 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\17.0.963.56\avutil-51.dll
      MOD - [2012/02/15 06:02:08 | 000,220,672 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\17.0.963.56\avformat-53.dll
      MOD - [2012/02/15 06:02:07 | 001,747,456 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\17.0.963.56\avcodec-53.dll
      MOD - [2011/10/14 08:40:10 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
      MOD - [2009/08/06 12:08:04 | 002,878,824 | ---- | M] () -- C:\Archivos de programa\TOSHIBA\BulletinBoard\TosNcUi.dll
      MOD - [2009/08/03 17:17:24 | 000,079,192 | ---- | M] () -- C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
      MOD - [2008/05/23 19:02:58 | 000,081,920 | ---- | M] () -- C:\Windows\System32\ClauerStoreProvider.dll


      ========== Win32 Services (SafeList) ==========

      SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Users\miriam&sergi\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
      SRV - [2011/04/13 14:56:38 | 000,189,760 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Archivos de programa\McAfee\Managed VirusScan\Agent\swAgent.exe -- (SWAGENT)
      SRV - [2011/04/13 14:49:48 | 000,291,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe -- (RumorServer)
      SRV - [2011/04/13 14:49:48 | 000,291,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe -- (myAgtSvc)
      SRV - [2011/01/19 09:18:20 | 000,145,936 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
      SRV - [2011/01/12 13:09:44 | 000,159,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
      SRV - [2010/06/18 08:17:22 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
      SRV - [2010/02/08 21:32:52 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
      SRV - [2009/08/27 13:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
      SRV - [2009/08/17 10:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
      SRV - [2009/08/10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
      SRV - [2009/08/06 17:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
      SRV - [2009/08/06 15:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
      SRV - [2009/08/05 14:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
      SRV - [2009/08/03 17:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
      SRV - [2009/07/29 23:54:10 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
      SRV - [2009/07/28 14:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
      SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
      SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)
      SRV - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
      SRV - [2008/05/15 14:47:04 | 000,098,304 | ---- | M] (UJI per a CATCert) [Auto | Running] -- C:\Archivos de programa\CATCert\Clauer idCAT\clos-win.exe -- (CLOS)
      SRV - [2007/05/31 15:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
      SRV - [2007/05/31 15:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


      ========== Driver Services (SafeList) ==========

      DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
      DRV - [2011/01/19 09:18:20 | 000,436,728 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)
      DRV - [2011/01/19 09:18:20 | 000,171,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (MfeAVFK)
      DRV - [2011/01/19 09:18:20 | 000,162,928 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
      DRV - [2011/01/19 09:18:20 | 000,116,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
      DRV - [2011/01/19 09:18:20 | 000,085,152 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
      DRV - [2011/01/19 09:18:20 | 000,058,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (MfeBOPK)
      DRV - [2010/06/07 14:37:56 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
      DRV - [2010/01/19 09:55:06 | 000,996,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
      DRV - [2009/12/15 15:29:42 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (MfeRKDK)
      DRV - [2009/12/15 14:29:52 | 000,055,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
      DRV - [2009/10/21 19:27:36 | 000,022,600 | ---- | M] (SonicWALL Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NxDrv.sys -- (NxDrv)
      DRV - [2009/07/30 20:02:34 | 000,036,208 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
      DRV - [2009/07/30 17:45:22 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
      DRV - [2009/07/30 16:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
      DRV - [2009/07/30 12:06:30 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
      DRV - [2009/07/24 15:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
      DRV - [2009/07/14 15:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
      DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
      DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
      DRV - [2009/07/13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
      DRV - [2009/06/22 17:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
      DRV - [2009/06/19 19:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
      DRV - [2009/05/20 18:04:40 | 000,157,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
      DRV - [2009/04/29 15:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



      IE - HKU\S-1-5-21-1236325816-939963913-609154162-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
      IE - HKU\S-1-5-21-1236325816-939963913-609154162-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
      IE - HKU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\..\SearchScopes\{23D5E7A4-5F32-4AA9-9B63-9259559F5C50}: "URL" = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
      IE - HKU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEH_esES366
      IE - HKU\..\SearchScopes\{B56E68DD-367C-4BBA-B9F9-702A5A361430}: "URL" = http://rover.ebay.com/rover/1/1185-44560-9400-8/4?satitle={searchTerms}
      IE - HKU\S-1-5-21-1236325816-939963913-609154162-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-1236325816-939963913-609154162-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========


      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: d:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
      FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: d:\Program Files\Veetle\plugins\npVeetle.dll File not found
      FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: d:\Program Files\Veetle\Player\npvlc.dll File not found

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/16 10:44:13 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/16 10:44:13 | 000,000,000 | ---D | M]

      [2010/11/12 16:05:50 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\miriam&sergi\AppData\Roaming\mozilla\Extensions
      [2010/11/12 16:05:50 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\miriam&sergi\AppData\Roaming\mozilla\Firefox\Profiles\as0qftcz.default\extensions
      [2010/11/12 16:05:26 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2010/10/27 06:22:18 | 000,003,996 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
      [2010/10/27 06:22:18 | 000,000,751 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
      [2010/10/27 06:22:18 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
      [2010/10/27 06:22:18 | 000,001,102 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\gcswf32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
      CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
      CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
      CHR - plugin: Default Plug-in (Enabled) = default_plugin
      CHR - Extension: YouTube = C:\Users\miriam&sergi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\miriam&sergi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
      CHR - Extension: Gmail = C:\Users\miriam&sergi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      Hosts file not found
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Archivos de programa\Common Files\McAfee\SystemCore\ScriptSn.20110507110630.dll (McAfee, Inc.)
      O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Archivos de programa\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
      O4 - HKLM..\Run: [00TCrdMain] C:\Archivos de programa\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [ClauerUpdate] C:\Program Files\CATCert\Clauer idCAT\ClUpdate.exe (UJI per a CATCert)
      O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
      O4 - HKLM..\Run: [KeNotify] C:\Archivos de programa\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
      O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Users\miriam&sergi\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      O4 - HKLM..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe" File not found
      O4 - HKLM..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe (McAfee, Inc.)
      O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Archivos de programa\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [SmoothView] C:\Archivos de programa\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
      O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [Toshiba Registration] C:\Archivos de programa\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
      O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Archivos de programa\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
      O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [TosNC] C:\Archivos de programa\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Archivos de programa\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [TosSENotify] C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [TosWaitSrv] C:\Archivos de programa\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [TPwrMain] C:\Archivos de programa\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
      O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Archivos de programa\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
      O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Archivos de programa\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
      O4 - HKU\S-1-5-21-1236325816-939963913-609154162-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4 - HKU\S-1-5-21-1236325816-939963913-609154162-1000..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - Startup: C:\Users\miriam&sergi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\miriam&sergi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O13 - gopher Prefix: missing
      O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
      O15 - HKU\.DEFAULT\..Trusted Domains: sonicwall.com ([sslvpn.eng] https in Trusted sites)
      O15 - HKU\S-1-5-18\..Trusted Domains: sonicwall.com ([sslvpn.eng] https in Trusted sites)
      O15 - HKU\S-1-5-21-1236325816-939963913-609154162-1000\..Trusted Domains: sonicwall.com ([sslvpn.eng] https in Trusted sites)
      O16 - DPF: {6EEFD7B1-B26C-440D-B55A-1EC677189F30} https://sslvpn.eng.sonicwall.com/NELX.cab (NELaunchCtrl Class)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
      O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} https://www1.agenciatributaria.gob.es/imagenes/comun/cactivex.cab (AeatCtl Class)
      O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
      O16 - DPF: {CB7FBF9A-F0FE-4DF2-AFDD-4EA305116E3B} http://software.eng.sonicwall.com/applications/endpointcompliancemanager/SWECMControlX.cab (SWECMControlX Control)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldes-es.cab (Windows Live Hotmail Photo Upload Tool)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BC20A4E-77A0-4813-A7CA-CAC4AF77E2D4}: NameServer = 87.216.1.65,87.216.1.66
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1E30F14-7EA4-47DE-A7F6-57322E3D7BA7}: DhcpNameServer = 87.216.1.65 87.216.1.66
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Archivos de programa\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
      O18 - Protocol\Handler\myrm {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Archivos de programa\McAfee\Managed VirusScan\Agent\MyRmProt5.0.0.811.dll (McAfee, Inc.)
      O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2006/05/24 09:20:00 | 000,000,029 | ---- | M] () - E:\autorun.inf -- [ UDF ]
      O33 - MountPoints2\{12604d6e-1811-11df-bec1-806e6f6e6963}\Shell - "" = AutoRun
      O33 - MountPoints2\{12604d6e-1811-11df-bec1-806e6f6e6963}\Shell\AutoRun\command - "" = E:\win_start.exe -- [2006/09/04 12:26:18 | 004,588,708 | ---- | M] (Macromedia, Inc.)
      O33 - MountPoints2\{1fe8e1cf-72d0-11df-adb2-002622ef8385}\Shell - "" = AutoRun
      O33 - MountPoints2\{1fe8e1cf-72d0-11df-adb2-002622ef8385}\Shell\AutoRun\command - "" = F:\autorun.exe
      O33 - MountPoints2\{6f0a6c2e-2491-11df-80c1-534e57000000}\Shell - "" = AutoRun
      O33 - MountPoints2\{6f0a6c2e-2491-11df-80c1-534e57000000}\Shell\AutoRun\command - "" = H:\npeuinst.exe
      O33 - MountPoints2\E\Shell - "" = AutoRun
      O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Autorun.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/02/29 12:21:01 | 000,000,000 | ---D | C] -- C:\Users\miriam&sergi\AppData\Roaming\Malwarebytes
      [2012/02/29 12:20:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/02/29 12:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/02/29 12:20:39 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2012/02/29 12:20:39 | 000,000,000 | ---D | C] -- C:\Users\miriam&sergi\Desktop\Malwarebytes' Anti-Malware
      [2012/02/29 12:19:25 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\miriam&sergi\Desktop\mbam-setup-1.60.1.1000.exe
      [2012/02/15 09:54:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Users\miriam&sergi\*.tmp files -> C:\Users\miriam&sergi\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/03/01 1300 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/03/01 09:28:03 | 000,016,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/03/01 09:28:03 | 000,016,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/03/01 09:21:01 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/03/01 09:20:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/03/01 09:20:42 | 2388,295,680 | -HS- | M] () -- C:\hiberfil.sys
      [2012/02/29 12:20:49 | 000,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/02/29 12:19:33 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\miriam&sergi\Desktop\mbam-setup-1.60.1.1000.exe
      [2012/02/28 15:00:25 | 000,001,048 | ---- | M] () -- C:\Users\miriam&sergi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jag285401.exe.lnk
      [2012/02/23 14:07:43 | 000,001,045 | ---- | M] () -- C:\Users\miriam&sergi\Desktop\Dropbox.lnk
      [2012/02/23 14:07:43 | 000,001,025 | ---- | M] () -- C:\Users\miriam&sergi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
      [2012/02/23 13:57:04 | 000,417,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2012/02/23 08:28:06 | 000,706,744 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2012/02/23 08:28:06 | 000,618,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/02/23 08:28:06 | 000,138,650 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2012/02/23 08:28:06 | 000,107,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/02/16 13:30:11 | 000,002,293 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2012/02/15 10:02:52 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Users\miriam&sergi\*.tmp files -> C:\Users\miriam&sergi\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/02/29 12:20:49 | 000,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/02/28 15:00:25 | 000,001,048 | ---- | C] () -- C:\Users\miriam&sergi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jag285401.exe.lnk
      [2012/02/15 10:02:52 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
      [2010/12/22 13:59:08 | 000,138,056 | ---- | C] () -- C:\Users\miriam&sergi\AppData\Roaming\PnkBstrK.sys
      [2010/12/22 13:59:08 | 000,137,544 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
      [2010/12/22 13:58:50 | 000,189,480 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
      [2010/12/22 13:58:48 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
      [2010/12/22 13:58:46 | 003,360,624 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
      [2010/03/23 22:14:32 | 000,007,605 | -H-- | C] () -- C:\Users\miriam&sergi\AppData\Local\Resmon.ResmonCfg

      ========== LOP Check ==========

      [2011/03/27 18:41:19 | 000,000,000 | -H-D | M] -- C:\Users\miriam&sergi\AppData\Roaming\5E1730F6AF775303190AEDC62D85539F
      [2011/11/11 22:36:19 | 000,000,000 | ---D | M] -- C:\Users\miriam&sergi\AppData\Roaming\BlackBean
      [2011/11/11 22:36:22 | 000,000,000 | ---D | M] -- C:\Users\miriam&sergi\AppData\Roaming\BSplayer
      [2010/06/07 14:48:24 | 000,000,000 | -H-D | M] -- C:\Users\miriam&sergi\AppData\Roaming\BSplayer Pro
      [2010/07/11 16:45:20 | 000,000,000 | -H-D | M] -- C:\Users\miriam&sergi\AppData\Roaming\DAEMON Tools Lite
      [2012/03/01 09:22:22 | 000,000,000 | ---D | M] -- C:\Users\miriam&sergi\AppData\Roaming\Dropbox
      [2011/11/11 23:25:41 | 000,000,000 | ---D | M] -- C:\Users\miriam&sergi\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
      [2012/01/23 17:15:08 | 000,000,000 | ---D | M] -- C:\Users\miriam&sergi\AppData\Roaming\PandoraRecovery
      [2011/11/11 22:37:54 | 000,000,000 | ---D | M] -- C:\Users\miriam&sergi\AppData\Roaming\PDF Writer
      [2011/11/11 22:37:54 | 000,000,000 | ---D | M] -- C:\Users\miriam&sergi\AppData\Roaming\Spotify
      [2011/12/05 14:58:00 | 000,000,000 | -H-D | M] -- C:\Users\miriam&sergi\AppData\Roaming\Toshiba
      [2011/11/11 22:37:54 | 000,000,000 | ---D | M] -- C:\Users\miriam&sergi\AppData\Roaming\TS3Client
      [2010/02/14 12:51:19 | 000,000,000 | -H-D | M] -- C:\Users\miriam&sergi\AppData\Roaming\WildTangent
      [2011/06/15 19:52:38 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

      ========== Purity Check ==========



      ========== Custom Scans ==========


      < %SYSTEMDRIVE%\*.* >
      [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2012/03/01 09:20:42 | 2388,295,680 | -HS- | M] () -- C:\hiberfil.sys
      [2012/03/01 09:20:53 | 3184,394,240 | -HS- | M] () -- C:\pagefile.sys
      [2010/02/12 21:08:43 | 000,002,988 | ---- | M] () -- C:\RHDSetup.log
      [2009/09/15 11:30:56 | 000,000,070 | -H-- | M] () -- C:\SWSTAMP.TXT

      < End of report >

    2. #2
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.893

      Re: Virus policia

      Hola




      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación


      Código:
      :OTL
      [2012/02/28 15:00:25 | 000,001,048 | ---- | M] () -- C:\Users\miriam&sergi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jag285401.exe.lnk
      :Commands
      [PURITY] 
      [EMPTYTEMP]
      [EMPTYFLASH]



      Presioná el Boton Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.





      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de deltaq
      Registrado
      mar 2012
      Ubicación
      españa
      Mensajes
      4

      Re: Virus policia

      gracias por la ayuda, creo que se ha resuelto el problema pq ahora no sale la dichosa pantalla de la policia. Gracias!!! este es el informe:


      All processes killed
      ========== OTL ==========
      C:\Users\miriam&sergi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jag285401.exe.lnk moved successfully.
      ========== COMMANDS ==========

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes
      ->Flash cache emptied: 41044 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: McAfeeMVSUser
      ->Temp folder emptied: 49632 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes
      ->Flash cache emptied: 41044 bytes

      User: miriam&sergi
      ->Temp folder emptied: 7047251435 bytes
      ->Temporary Internet Files folder emptied: 11911302 bytes
      ->Java cache emptied: 1112592 bytes
      ->FireFox cache emptied: 49096069 bytes
      ->Google Chrome cache emptied: 202467848 bytes
      ->Apple Safari cache emptied: 0 bytes
      ->Flash cache emptied: 41533 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 289751443 bytes
      RecycleBin emptied: 15567306 bytes

      Total Files Cleaned = 7.265,00 mb


      [EMPTYFLASH]

      User: All Users

      User: Default
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Flash cache emptied: 0 bytes

      User: McAfeeMVSUser
      ->Flash cache emptied: 0 bytes

      User: miriam&sergi
      ->Flash cache emptied: 0 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      OTL by OldTimer - Version 3.2.34.0 log created on 03012012_151611

      Files\Folders moved on Reboot...

      Registry entries deleted on Reboot...

    4. #4
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.893

      Re: Virus policia

      Hola de Nuevo


      Ejecutá nuevamente OTL.exe y presionas el Boton Limpiar.


      Esto Eliminará de Tu sistema a OTL.exe y sus archivos creados y eliminados.


      Te pedirá reiniciar el ordenador. Presionas SI, y después de reiniciar, comprobas en Funcionamiento y nos comentas como sigue.




      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de deltaq
      Registrado
      mar 2012
      Ubicación
      españa
      Mensajes
      4

      Re: Virus policia

      Hecho! Todo parece estar en orden... Gracias de nuevo

    6. #6
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.893

      Re: Virus policia

      Por cualquier otro problema, no dudes en volver a postear


      Tema Solucionado


      Si deseas REABRIR ESTE TEMA, presiona y Tu consulta serà atendida



      Te dejo saludos.



      Como recomendación final, te invitamos a seguirnos en nuestros canales de difusión: Blog, Twitter, Facebook, vía E-Mail, para estar al tanto de los nuevos malwares y como prevenirlos.

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.