• Registrarse
  • Iniciar sesión


  • Resultados 1 al 6 de 6

    Virus de la Policia (Solucionado)

    Resumen del tema: Virus de la Policia (Solucionado) - Tengo Virus de la Policia en mi ordenador. He probado con PoliFix.exe del modo seguro,pero me ha salido ese quadrado azul con "Detectando sistema operativo,espere por favor..." Ayudat me por favor! Tengo Windows Vista. Gracias....

      
    1. #1
      Usuario Avatar de tiafea
      Registrado
      mar 2012
      Ubicación
      Alcoy
      Mensajes
      4

      Malware Virus de la Policia (Solucionado)

      Tengo Virus de la Policia en mi ordenador. He probado con PoliFix.exe del modo seguro,pero me ha salido ese quadrado azul con "Detectando sistema operativo,espere por favor..."
      Ayudat me por favor! Tengo Windows Vista.
      Gracias.

    2. #2
      Usuario Avatar de tiafea
      Registrado
      mar 2012
      Ubicación
      Alcoy
      Mensajes
      4

      Re: Virus de la Policia

      Hola de nuevo! Gracias por mandarme un email! No sabia exactamente que tengo que poner en ventanita del "codigo de reparacion" en OTL , por eso he copiado del uno,que tenia la misma problema y aqui teneis los resultados:
      OTL logfile created on: 08/03/2012 22:09:51 - Run 2
      OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\batch-pc\Downloads
      Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
      Internet Explorer (Version = 7.0.6000.17037)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      1,94 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 79,08% Memory free
      4,10 Gb Paging File | 3,83 Gb Available in Paging File | 93,40% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 232,88 Gb Total Space | 144,73 Gb Free Space | 62,15% Space Free | Partition Type: NTFS

      Computer Name: BATCH-PC1 | User Name: batch-pc | Logged in as Administrator.
      Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - [2012/03/07 16:56:34 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\batch-pc\Downloads\OTL.exe
      PRC - [2009/09/26 22:14:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
      PRC - [2006/11/02 13:34:59 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnscfg.exe


      ========== Modules (No Company Name) ==========


      ========== Win32 Services (SafeList) ==========

      SRV - [2009/11/26 17:02:46 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Stopped] -- C:\Archivos de programa\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
      SRV - [2009/09/26 22:45:06 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)
      SRV - [2009/07/10 11:23:54 | 000,036,864 | ---- | M] (Realtek) [Auto | Stopped] -- C:\Archivos de programa\AirLive WL-1700USB\AirLive WL-1700USB Wireless Lan Utility\RtlService.exe -- (Realtek87L)
      SRV - [2009/04/07 09:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
      SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


      ========== Driver Services (SafeList) ==========

      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
      DRV - [2009/11/26 17:02:34 | 000,822,272 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
      DRV - [2009/10/26 15:09:06 | 001,095,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
      DRV - [2009/08/11 14:20:24 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
      DRV - [2009/08/11 14:20:20 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
      DRV - [2009/08/11 14:19:58 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
      DRV - [2009/08/11 14:19:44 | 000,007,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
      DRV - [2009/06/26 08:21:54 | 000,346,624 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtl8187.sys -- (RTL8187)
      DRV - [2009/04/07 09:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
      DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
      DRV - [2008/09/22 03:20:42 | 000,043,520 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6v.sys -- (FETND6V)
      DRV - [2008/05/02 10:58:14 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
      DRV - [2008/05/02 10:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
      DRV - [2008/03/07 12:46:32 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
      DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
      DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
      DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
      DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
      DRV - [2007/05/09 16:33:00 | 000,048,640 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
      DRV - [2007/05/07 12:48:42 | 000,218,624 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sis163u.sys -- (SIS163u)
      DRV - [2007/04/23 09:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
      DRV - [2007/03/07 10:30:30 | 000,844,288 | ---- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VTGKModeDX32.sys -- (S3GIGP)
      DRV - [2007/01/16 08:13:58 | 000,202,752 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viahduaa.sys -- (HdAudAddService)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
      IE - HKLM\..\URLSearchHook: {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Archivos de programa\softonic.com4\tbsof1.dll (Conduit Ltd.)
      IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431232
      IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}


      IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystart.com/?pr=vmn&id=pandasecuritytb&v=2_0
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\URLSearchHook: {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Archivos de programa\softonic.com4\tbsof1.dll (Conduit Ltd.)
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=down&s={searchTerms}&f=4
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AWR&o=1955&src=crm&q={searchTerms}&locale=&apn_ptnrs=^A17&apn_dtid=^YYYYYY^YY^ES&apn_uid=e56be3db-25a4-43f3-be3d-fdd1bc496345&apn_sauid=E32905F3-B8D7-44FB-8F16-8D9F45ACBB15
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8cce92e0000000000000000000000000&tlver=1.4.19.19&ss=1&affID=18044
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=chr-panda&q={searchTerms}&ei=UTF-8&type=PCAFSI1190
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.es/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_esES459
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431232
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}: "URL" = http://www.fissa.com/es/results/?s=b&c=1006134569&suid=EiOhDhgB1&d=3&q={searchTerms}
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.com/route/?d=4b153241&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
      IE - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultengine: "Ask.com"
      FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
      FF - prefs.js..browser.search.defaultthis.engineName: "ClixSense.com Customized Web Search"
      FF - prefs.js..browser.search.defaulturl: ""
      FF - prefs.js..browser.search.order.1: "Ask.com"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..browser.startup.homepage: "http://search.iminent.com/?appId=70631bcc-f5fe-49e2-9267-ad45cd8c6da1&lcid=3082&ref=homepage"
      FF - prefs.js..keyword.URL: "http://es.search.yahoo.com/search?ei=utf-8&fr=panda&type=PCAFSI1190&p="
      FF - prefs.js..network.proxy.type: 0
      FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Google"
      FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2192277&SearchSource=3&q={searchTerms}"
      FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ClixSense.com Customized Web Search"
      FF - prefs.js..browser.startup.homepage: "http://search.iminent.com/?appId=70631bcc-f5fe-49e2-9267-ad45cd8c6da1&lcid=3082&ref=homepage"
      FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://es.search.yahoo.com/search?ei=utf-8&fr=panda&type=PCAFSI1190&p="

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/17 08:44:26 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

      [2011/12/05 17:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\batch-pc\AppData\Roaming\mozilla\Extensions
      [2012/03/05 21:43:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\batch-pc\AppData\Roaming\mozilla\Firefox\Profiles\pe8ah8ps.default\extensions
      [2012/02/14 17:43:24 | 000,000,000 | ---D | M] (ClixSense.com Community Toolbar) -- C:\Users\batch-pc\AppData\Roaming\mozilla\Firefox\Profiles\pe8ah8ps.default\extensions\{70df8d13-bdd3-448e-944c-efde21b77161}
      [2011/12/20 19:37:55 | 000,000,000 | ---D | M] (MyBrowserCash) -- C:\Users\batch-pc\AppData\Roaming\mozilla\Firefox\Profiles\pe8ah8ps.default\extensions\[email protected]
      [2012/01/03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\batch-pc\AppData\Roaming\Mozilla\Firefox\Profiles\pe8ah8ps.default\searchplugins\askcom.xml
      [2011/12/15 11:37:24 | 000,000,929 | ---- | M] () -- C:\Users\batch-pc\AppData\Roaming\Mozilla\Firefox\Profiles\pe8ah8ps.default\searchplugins\conduit.xml
      [2011/12/07 12:18:53 | 000,002,270 | ---- | M] () -- C:\Users\batch-pc\AppData\Roaming\Mozilla\Firefox\Profiles\pe8ah8ps.default\searchplugins\SearchTheWeb.xml
      [2012/03/05 21:45:05 | 000,004,089 | ---- | M] () -- C:\Users\batch-pc\AppData\Roaming\Mozilla\Firefox\Profiles\pe8ah8ps.default\searchplugins\sweetim.xml
      [2011/12/05 17:06:38 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      () (No name found) -- C:\USERS\BATCH-PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PE8AH8PS.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
      [2012/02/17 08:44:26 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
      [2011/07/07 18:42:34 | 000,002,428 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
      [2012/01/07 10:15:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
      [2012/01/07 10:15:42 | 000,003,996 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
      [2012/01/07 10:15:42 | 000,001,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
      [2011/12/05 17:04:58 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
      [2012/01/07 10:15:42 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
      [2012/01/07 10:15:42 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/01/07 10:15:42 | 000,001,102 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml

      O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: ::1 localhost
      O2 - BHO: (softonic.com4 Toolbar) - {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Archivos de programa\softonic.com4\tbsof1.dll (Conduit Ltd.)
      O2 - BHO: (WTBAddon Class) - {1630669F-9D0C-4F0B-8AA9-10DE8BEE1755} - C:\Archivos de programa\MyBrowserCash\WTBPlugin.dll (MyBrowserCash.com)
      O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Archivos de programa\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
      O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
      O3 - HKLM\..\Toolbar: (softonic.com4 Toolbar) - {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Archivos de programa\softonic.com4\tbsof1.dll (Conduit Ltd.)
      O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Archivos de programa\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
      O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
      O3 - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\Toolbar\WebBrowser: (softonic.com4 Toolbar) - {0974848A-B5BC-49F2-9778-307742B4A55D} - C:\Archivos de programa\softonic.com4\tbsof1.dll (Conduit Ltd.)
      O3 - HKU\S-1-5-21-1123825641-1507585295-336261431-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Archivos de programa\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
      O4 - HKLM..\Run: [autodetect] C:\Windows\System32\SupportAppXL\AutoDect.exe ()
      O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
      O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe (VIA.)
      O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
      O4 - HKLM..\Run: [NPSStartup] File not found
      O4 - HKLM..\Run: [regist] C:\Program Files\MySecurityCenter\Programs\RegistrationPopup.exe File not found
      O4 - HKLM..\Run: [S3Trayp] C:\Windows\System32\s3trayp.exe (S3 Graphics Co., Ltd.)
      O4 - HKLM..\Run: [setc] C:\Program Files\MySecurityCenter\Programs\setc.exe File not found
      O4 - HKLM..\Run: [SMSERIAL] C:\Archivos de programa\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
      O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
      O4 - HKU\S-1-5-21-1123825641-1507585295-336261431-1000..\Run: [AutoStartNPSAgent] C:\Archivos de programa\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
      O4 - HKU\S-1-5-21-1123825641-1507585295-336261431-1000..\Run: [MyBrowserCash] C:\Archivos de programa\MyBrowserCash\MyBrowserCash.exe (Digital Paper Products, Inc)
      O4 - HKU\S-1-5-21-1123825641-1507585295-336261431-1000..\Run: [sdApp.exe] C:\Program Files\ShoppingDaisy\sdApp.exe File not found
      O4 - HKU\S-1-5-21-1123825641-1507585295-336261431-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
      O4 - HKU\S-1-5-21-1123825641-1507585295-336261431-1000..\Run: [WMPNSCFG] C:\Archivos de programa\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
      O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
      F3 - HKU\S-1-5-21-1123825641-1507585295-336261431-1000 WinNT: Load - (C:\Users\batch-pc\LOCALS~1\Temp\msodubddy.cmd) - C:\Users\batch-pc\LOCALS~1\Temp\msodubddy.cmd (The GLib developer community)
      O8 - Extra context menu item: Buscar en la web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O13 - gopher Prefix: missing
      O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
      O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.195.64.64 213.194.144.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30B8E842-B24C-409A-BB02-2CCA69D9FFE1}: DhcpNameServer = 213.195.64.64 213.194.144.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33465063-4953-4AA2-9A3E-CCEA51BBD7C8}: DhcpNameServer = 213.195.64.64 213.194.144.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4BCA7C8-E639-40B2-BDAA-D2B15469DC67}: DhcpNameServer = 80.58.61.250
      O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: GinaDLL - (C:\Windows\SYSTEM32\RtlGina\RtlGina.DLL) - C:\Windows\System32\RtlGina\RtlGina.dll (Realtek)
      O24 - Desktop WallPaper: C:\Users\batch-pc\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel tapiz de Galería fotográfica de Windows.jpg
      O24 - Desktop BackupWallPaper: C:\Users\batch-pc\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel tapiz de Galería fotográfica de Windows.jpg
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O33 - MountPoints2\{3502be2e-b1a8-11de-adae-00a0d1c5dc53}\Shell - "" = AutoRun
      O33 - MountPoints2\{3502be2e-b1a8-11de-adae-00a0d1c5dc53}\Shell\AutoRun\command - "" = E:\setup.exe
      O33 - MountPoints2\{4dff54f3-a9d1-11de-84c2-0019991035e9}\Shell - "" = AutoRun
      O33 - MountPoints2\{4dff54f3-a9d1-11de-84c2-0019991035e9}\Shell\AutoRun\command - "" = E:\setup.exe
      O33 - MountPoints2\{4dff54f8-a9d1-11de-84c2-0019991035e9}\Shell - "" = AutoRun
      O33 - MountPoints2\{4dff54f8-a9d1-11de-84c2-0019991035e9}\Shell\AutoRun\command - "" = E:\setup.exe
      O33 - MountPoints2\E\Shell - "" = AutoRun
      O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe
      O33 - MountPoints2\F\Shell - "" = AutoRun
      O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*

      MsConfig - State: "startup" - 0
      MsConfig - State: "services" - 0

      CREATERESTOREPOINT
      Error creating restore point.

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/03/07 1640 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/03/06 22:46:51 | 000,000,000 | ---D | C] -- C:\Windows\pss
      [2012/03/06 07:48:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
      [2012/03/05 21:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
      [2012/02/28 17:48:11 | 000,000,000 | ---D | C] -- C:\Users\batch-pc\AppData\Roaming\kodak
      [2012/02/28 17:48:09 | 000,000,000 | ---D | C] -- C:\Users\batch-pc\Local Settings
      [2012/02/26 12:45:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\20Dollars2Surf
      [2012/02/26 12:45:23 | 000,000,000 | ---D | C] -- C:\Program Files\20Dollars2Surf
      [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
      [1 C:\*.tmp files -> C:\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/03/08 22:08:51 | 000,001,356 | ---- | M] () -- C:\Users\batch-pc\AppData\Local\d3d9caps.dat
      [2012/03/08 21:25:48 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
      [2012/03/08 21:25:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/03/08 21:20:24 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/03/08 21:20:24 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/03/08 21:20:19 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/03/07 16:08:32 | 000,000,000 | ---- | M] () -- C:\Windows\System32\E
      [2012/03/07 15:59:00 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/03/07 15:49:23 | 000,002,243 | ---- | M] () -- C:\Windows\epplauncher.mif
      [2012/03/07 15:44:06 | 000,686,596 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2012/03/07 15:44:06 | 000,609,532 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/03/07 15:44:06 | 000,121,612 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2012/03/07 15:44:06 | 000,103,314 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/02/26 12:45:25 | 000,000,830 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
      [2012/02/26 12:45:25 | 000,000,812 | ---- | M] () -- C:\Users\Public\Desktop\20Dollars2Surf.lnk
      [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
      [1 C:\*.tmp files -> C:\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/03/07 16:08:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\E
      [2012/03/07 15:49:23 | 000,002,243 | ---- | C] () -- C:\Windows\epplauncher.mif
      [2012/03/06 23:16:52 | 000,001,767 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
      [2012/02/26 12:45:25 | 000,000,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
      [2012/02/26 12:45:25 | 000,000,812 | ---- | C] () -- C:\Users\Public\Desktop\20Dollars2Surf.lnk
      [2011/11/19 18:49:48 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
      [2011/11/19 18:48:41 | 000,147,456 | ---- | C] () -- C:\Windows\System32\DiagFunc.dll
      [2011/11/19 18:48:41 | 000,000,516 | ---- | C] () -- C:\Windows\System32\DiagFunc.ini
      [2011/11/19 18:48:41 | 000,000,072 | ---- | C] () -- C:\Windows\System32\RaCertMgr.ini
      [2011/11/06 17:05:53 | 000,017,408 | ---- | C] () -- C:\Users\batch-pc\AppData\Local\WebpageIcons.db
      [2010/08/13 12:51:48 | 000,024,206 | ---- | C] () -- C:\Users\batch-pc\AppData\Roaming\UserTile.png
      [2010/08/09 10:48:35 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe

      ========== LOP Check ==========

      [2010/06/13 13:14:47 | 000,000,000 | ---D | M] -- C:\Users\batch-pc\AppData\Roaming\FissaSearch
      [2012/02/27 13:39:35 | 000,000,000 | ---D | M] -- C:\Users\batch-pc\AppData\Roaming\OfferBox
      [2011/12/07 11:55:11 | 000,000,000 | ---D | M] -- C:\Users\batch-pc\AppData\Roaming\Panda Security
      [2009/12/04 14:44:26 | 000,000,000 | ---D | M] -- C:\Users\batch-pc\AppData\Roaming\PC Suite
      [2010/08/13 12:51:48 | 000,000,000 | ---D | M] -- C:\Users\batch-pc\AppData\Roaming\PeerNetworking
      [2009/12/04 14:31:48 | 000,000,000 | ---D | M] -- C:\Users\batch-pc\AppData\Roaming\Samsung
      [2012/03/08 21:21:38 | 000,000,000 | ---D | M] -- C:\Users\batch-pc\AppData\Roaming\uTorrent
      [2009/09/24 09:48:35 | 000,000,000 | ---D | M] -- C:\Users\batch-pc\AppData\Roaming\VistaCodecs
      [2009/09/25 13:54:34 | 000,000,000 | ---D | M] -- C:\Users\batch-pc\AppData\Roaming\Vodafone
      [2012/03/07 14:12:22 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

      ========== Purity Check ==========



      ========== Custom Scans ==========


      < %SYSTEMDRIVE%\*.* >
      [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2006/11/02 10:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
      [2009/09/24 08:58:56 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
      [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2012/03/08 21:24:49 | 2392,391,680 | -HS- | M] () -- C:\pagefile.sys
      [2011/12/05 17:04:58 | 000,001,156 | ---- | M] () -- C:\prefs.js
      [1 C:\*.tmp files -> C:\*.tmp -> ]

      < %PROGRAMFILES%\*.* >
      [2009/09/27 08:44:06 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

      < %systemroot%\*. /mp /s >

      < End of report >
      Muchas gracias y buenas noches!

    3. #3
      Moderador Gral.
      Avatar de Tyny's
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.669

      Re: Virus de la Policia

      Ejecutá OTL.exe


      1.- Copiar el siguiente texto (excluyendo la palabra Código):
      Código:
      :OTL
      F3 - HKU\S-1-5-21-1123825641-1507585295-336261431-1000 WinNT: Load - (C:\Users\batch-pc\LOCALS~1\Temp\msodubddy.cmd) - C:\Users\batch-pc\LOCALS~1\Temp\msodubddy.cmd (The GLib developer community)
      
      
      :Commands
      [PURITY] 
      [RESETHOSTS]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [CREATERESTOREPOINT]
      2.- Pegar el contenido sobre el apartado: Análisis Personalizados /Código de Reparación.


      3.- Presionar el botón Reparar para comenzar el procedimiento. Presionar OK.


      OTL va a reiniciar el ordenador para completar el procedimiento.

      Guardar el nuevo reporte generado. Copiar y pegarlo en su próxima respuesta, comentando como funciona el Sistema.
      If on your journey, you should encounter God, God will be cut!


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #4
      Usuario Avatar de tiafea
      Registrado
      mar 2012
      Ubicación
      Alcoy
      Mensajes
      4

      Re: Virus de la Policia

      Buenos dias! Gracias por respuesta ! Aqui pongo los resultados del OTL -
      All processes killed
      ========== OTL ==========
      C:\Users\batch-pc\LOCALS~1\Temp\msodubddy.cmd moved successfully.
      Registry value HKEY_USERS\S-1-5-21-1123825641-1507585295-336261431-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\batch-pc\LOCALS~1\Temp\msodubddy.cmd deleted successfully.
      ========== OTL ==========
      File C:\Users\batch-pc\LOCALS~1\Temp\msodubddy.cmd not found.
      Registry value HKEY_USERS\S-1-5-21-1123825641-1507585295-336261431-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\batch-pc\LOCALS~1\Temp\msodubddy.cmd deleted successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: All Users

      User: batch-pc
      ->Flash cache emptied: 329714 bytes

      User: Default

      User: Default User

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: batch-pc
      ->Temp folder emptied: 1665950911 bytes
      ->Java cache emptied: 1517397 bytes
      ->FireFox cache emptied: 55332204 bytes
      ->Flash cache emptied: 0 bytes

      User: Default
      ->Temp folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 50833470 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 349547708 bytes
      RecycleBin emptied: 10708711968 bytes

      Total Files Cleaned = 12.237,00 mb



      OTL by OldTimer - Version 3.2.35.1 log created on 03092012_074740

      Files\Folders moved on Reboot...

      Registry entries deleted on Reboot...


      El Aviso de la Policia ya no aparece,pero como por ahora no tengo antivirus (tenia Panda ,pero como me dijo,que todo funcciona con normalidad,la quite ,para poner algo más fuerte .Pero desde modo seguro no he podido instalar nada ) Supongo,que nuevo antivirus puedo instalar solo despues de limpiar todo muy bien,verdad?
      Que tengais buen dia!

    5. #5
      Moderador Gral.
      Avatar de Tyny's
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.669

      Re: Virus de la Policia

      Buenas


      Descarga e instala Avast!


      Descarga OTC.exe en el escritorio. Lo ejecutas y presionas Cleanup.



      Consejos Utiles





      ____________________________

      **Tema solucionado** Si queres reabrir el tema hace clic aquique un moderador atendera tu consulta.
      Como recomendación final, te invitamos a seguirnos en nuestros canales de difusión: Blog, Twitter, Facebook, vía E-Mail, para estar al tanto de los nuevos malwares y como prevenirlos.

      Saludos.
      Atentamente
      El Equipo de InfoSpyware
      www.infospyware.com
      www.forospyware.com

      Twitter: @InfoSpyware
      If on your journey, you should encounter God, God will be cut!


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de tiafea
      Registrado
      mar 2012
      Ubicación
      Alcoy
      Mensajes
      4

      Sonrisa Re: Virus de la Policia (Solucionado)

      Muchisimas gracias Tyny´s y los demás !