• Registrarse
  • Iniciar sesión


  • Resultados 1 al 6 de 6

    Virus de la doble tilde

    Hola a todos, Desde hace unas semanas tengo este desagradable ´´ efecto. He seguido las guias de vuestros foros, he probado con muchos tipos de antimalware / antispyware, y nada. De hecho, al ejecutar el ...

    1. #1
      Usuario Avatar de dax_32
      Registrado
      sep 2012
      Ubicación
      Santander
      Mensajes
      3

      Virus de la doble tilde

      Hola a todos,

      Desde hace unas semanas tengo este desagradable ´´ efecto. He seguido las guias de vuestros foros, he probado con muchos tipos de antimalware / antispyware, y nada. De hecho, al ejecutar el DT-kill no me detecta nada, pero cuando lo hago despues del ccleaner se me queda el ordenador bloqueado y tengo que darle al reset (boton de detras del portatil) porque si no ahi se queda... la verdad es que ya no se que hacer, creo que lo he intentado casi todo, restaurar el sistema, ejecutar todos los pasos y escaneres en modo a prueba de fallos, en modo normal, escanear con varios antivirus...y el caso es que esto sigue aqui. Podeis ayudarme por favor? La verdad es que ya no se que pensar, no se si es un virus o si el teclado se me ha desconfigurado (uso un teclado externo PS2 con un adaptador a USB), pero lo tengo puesto en idioma Español, y, en ambos teclados (el del portatil y el externo) observo el mismo efecto.¿ Puede ser algo mas? ayuda please.

      Muchas gracias!

    2. #2
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: Virus de la doble tilde

      Buenas @dax_32, bienvenido al foro

      Descarga OTL.exe by Oldtimer en el Escritorio

      Cierra todas las ventanas y programas abiertos.

      Desde Modo Normal Ejecuta OTL con Double click sobre su ícono y solo configura lo siguiente dejando lo demas por default:
      1. Activa la casilla de "Scan All Users" (Analizar Todos )
      2. Cambia a resultado mínimo en "Tipo de Análisis"
      3. Activa la casilla de "Skip Microsoft Files" (Omitir archivos de Microsoft)
      4. Pulsa el Botón Run Scan (Analizar)


      Al finalizar, dos reportes se abriran, copia y pega solamente el de nombre:

      OTL.txt <-- (este es el que veras automaticamnte al finalizar)



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de dax_32
      Registrado
      sep 2012
      Ubicación
      Santander
      Mensajes
      3

      Re: Virus de la doble tilde

      Muchas gracias por tu pronta respuesta! Acabo de hacer los pasos que me comentas. Te adjunto el resultado del escaner, fichero OTL.txt (a ver si tenemos suerte)


      -------------------------

      OTL logfile created on: 07/10/2012 18:05:15 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pilar\Desktop
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      7,90 Gb Total Physical Memory | 5,69 Gb Available Physical Memory | 72,10% Memory free
      15,79 Gb Paging File | 13,30 Gb Available in Paging File | 84,24% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 916,70 Gb Total Space | 758,44 Gb Free Space | 82,74% Space Free | Partition Type: NTFS
      Drive F: | 677,64 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

      Computer Name: PILAR-LAPTOP | User Name: Pilar | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Pilar\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
      PRC - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
      PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
      PRC - C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe (TOSHIBA CORPORATION)
      PRC - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
      PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe File not found
      SRV:64bit: - (Thpsrv) -- C:\Windows\SysNative\ThpSrv.exe (TOSHIBA Corporation)
      SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
      SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
      SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (dsNcService) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
      SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
      SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
      SRV - (TOSHIBA eco Utility Service) -- C:\Archivos de programa\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
      SRV - (Intel(R) -- C:\Archivos de programa\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
      SRV - (TosCoSrv) -- C:\Archivos de programa\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
      SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
      SRV - (TPCHSrv) -- C:\Archivos de programa\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
      SRV - (ZeroConfigService) -- C:\Archivos de programa\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
      SRV - (MyWiFiDHCPDNS) -- C:\Archivos de programa\Intel\WiFi\bin\PanDhcpDns.exe ()
      SRV - (EvtEng) -- C:\Archivos de programa\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
      SRV - (RegSrvc) -- C:\Archivos de programa\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
      SRV - (TOSHIBA HDD SSD Alert Service) -- C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
      SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
      SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
      SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (TemproMonitoringService) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
      SRV - (SQLWriter) -- c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
      SRV - (wlcrasvc) -- C:\Archivos de programa\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (matlabserver) -- C:\Program Files (x86)\MATLAB\R2006a\webserver\bin\win32\matlabserver.exe ()


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
      DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV:64bit: - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.)
      DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
      DRV:64bit: - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.)
      DRV:64bit: - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.)
      DRV:64bit: - (dsNcAdpt) -- C:\Windows\SysNative\drivers\dsNcAdpt.sys (Juniper Networks)
      DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
      DRV:64bit: - (CeKbFilter) -- C:\Windows\SysNative\drivers\CeKbFilter.sys (Compal Electronics, INC.)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver.sys (Synaptics Incorporated)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
      DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
      DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
      DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
      DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
      DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
      DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
      DRV:64bit: - (RSP2STOR) -- C:\Windows\SysNative\drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (NBVol) -- C:\Windows\SysNative\drivers\NBVol.sys (Nero AG)
      DRV:64bit: - (NBVolUp) -- C:\Windows\SysNative\drivers\NBVolUp.sys (Nero AG)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (Thpdrv) -- C:\Windows\SysNative\drivers\thpdrv.sys (TOSHIBA Corporation)
      DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\drivers\tosrfec.sys (TOSHIBA Corporation)
      DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
      DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
      DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
      DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (Thpevm) -- C:\Windows\SysNative\drivers\Thpevm.sys (TOSHIBA Corporation)
      DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {5E65478C-691A-46CF-8140-5AD092A22D89}
      IE:64bit: - HKLM\..\SearchScopes\{5E65478C-691A-46CF-8140-5AD092A22D89}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\..\SearchScopes,DefaultScope = {5E65478C-691A-46CF-8140-5AD092A22D89}
      IE - HKLM\..\SearchScopes\{5E65478C-691A-46CF-8140-5AD092A22D89}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-2992751860-361968868-2320190495-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA;
      IE - HKU\S-1-5-21-2992751860-361968868-2320190495-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA;
      IE - HKU\S-1-5-21-2992751860-361968868-2320190495-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-21-2992751860-361968868-2320190495-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
      IE - HKU\S-1-5-21-2992751860-361968868-2320190495-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
      IE - HKU\S-1-5-21-2992751860-361968868-2320190495-1001\..\SearchScopes,DefaultScope = {5E65478C-691A-46CF-8140-5AD092A22D89}
      IE - HKU\S-1-5-21-2992751860-361968868-2320190495-1001\..\SearchScopes\{5E65478C-691A-46CF-8140-5AD092A22D89}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA_esES492
      IE - HKU\S-1-5-21-2992751860-361968868-2320190495-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..extensions.enabledAddons: {75ECF29D-05EC-11E2-8271-B8AC6F996F26}:2.0.14
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\firefoxextension [2012/07/17 16:16:52 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2012/07/17 16:17:02 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/17 20:05:29 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{75ECF29D-05EC-11E2-8271-B8AC6F996F26}: C:\Users\Pilar\AppData\Local\{75ECF29D-05EC-11E2-8271-B8AC6F996F26}\ [2012/09/23 22:06:29 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/17 20:05:29 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2012/07/15 04:20:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pilar\AppData\Roaming\mozilla\Extensions
      [2012/07/19 05:07:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pilar\AppData\Roaming\mozilla\Firefox\Profiles\4o9icayy.default\extensions
      [2012/09/03 22:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
      [2012/09/03 22:24:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      [2012/09/23 22:06:29 | 000,000,000 | ---D | M] (Mozilla Safe Browsing) -- C:\USERS\PILAR\APPDATA\LOCAL\{75ECF29D-05EC-11E2-8271-B8AC6F996F26}
      [2012/09/17 20:05:29 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/09/17 20:05:28 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/09/17 20:05:28 | 000,003,882 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/06/14 19:41:16 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2012/09/17 20:05:28 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/06/14 19:41:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/06/14 19:41:15 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - homepage: http://www.google.com/
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com/
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
      CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
      CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
      CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
      CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
      CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
      CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
      CHR - Extension: Skype Click to Call = C:\Users\Pilar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\

      O1 HOSTS File: ([2012/09/11 15:24:48 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Archivos de programa\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
      O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Archivos de programa\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe64.dll (Trend Micro Inc.)
      O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
      O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Archivos de programa\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Archivos de programa\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll (Trend Micro Inc.)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
      O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKU\S-1-5-21-2992751860-361968868-2320190495-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [] File not found
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4:64bit: - HKLM..\Run: [SRS Premium Sound 3D] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
      O4:64bit: - HKLM..\Run: [TCrdMain] C:\Archivos de programa\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Archivos de programa\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
      O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
      O4:64bit: - HKLM..\Run: [TosSENotify] C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Archivos de programa\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Archivos de programa\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [TPwrMain] C:\Archivos de programa\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
      O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
      O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
      O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
      O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
      O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
      O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
      O4 - HKU\.DEFAULT..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
      O4 - HKU\S-1-5-18..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
      O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-19..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
      O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
      O4 - HKU\S-1-5-21-2992751860-361968868-2320190495-1000..\Run: [] File not found
      O4 - HKU\S-1-5-21-2992751860-361968868-2320190495-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-21-2992751860-361968868-2320190495-1000..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
      O4 - HKU\S-1-5-21-2992751860-361968868-2320190495-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4 - HKU\S-1-5-21-2992751860-361968868-2320190495-1001..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-21-2992751860-361968868-2320190495-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-21-2992751860-361968868-2320190495-1000..\RunOnce: [SysOff] C:\Windows\SysWOW64\SYSPREP\ClosespV.exe File not found
      O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
      O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
      O4 - Startup: C:\Users\Pilar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
      O4 - Startup: C:\Users\Pilar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
      O4 - Startup: C:\Users\support\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
      O7 - HKU\S-1-5-21-2992751860-361968868-2320190495-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8:64bit: - Extra context menu item: Anexar a PDF existente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: Convertir a PDF de Adobe - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: Convertir destino de vínculo a PDF existente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: Convertir destino de vínculo en archivo PDF de Adobe - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
      O8 - Extra context menu item: Anexar a PDF existente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: Convertir a PDF de Adobe - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: Convertir destino de vínculo a PDF existente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: Convertir destino de vínculo en archivo PDF de Adobe - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
      O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.5.0)
      O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.5.0)
      O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2712DA4-21B8-4B2E-BE55-4584AD4528DC}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4787C49-C681-4D5E-B4EC-23FD778A81D4}: DhcpNameServer = 192.168.1.1
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
      O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Archivos de programa\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe64.dll (Trend Micro Inc.)
      O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Archivos de programa\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Archivos de programa\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll (Trend Micro Inc.)
      O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Archivos de programa\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
      O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
      O20 - AppInit_DLLs: (acaptuser32.dll) - C:\windows\SysWow64\acaptuser32.dll (Adobe Systems, Inc.)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [1999/04/21 15:43:54 | 000,000,028 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
      O33 - MountPoints2\{066cf4f2-e0d1-11e1-aa9b-b888e314797f}\Shell - "" = AutoRun
      O33 - MountPoints2\{066cf4f2-e0d1-11e1-aa9b-b888e314797f}\Shell\AutoRun\command - "" = F:\setup.exe -- [2004/04/16 19:13:08 | 000,393,216 | R--- | M] (The MathWorks, Inc)
      O33 - MountPoints2\{535e8580-d16f-11e1-a999-685d4356b364}\Shell - "" = AutoRun
      O33 - MountPoints2\{535e8580-d16f-11e1-a999-685d4356b364}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
      O33 - MountPoints2\{535e8588-d16f-11e1-a999-685d4356b364}\Shell - "" = AutoRun
      O33 - MountPoints2\{535e8588-d16f-11e1-a999-685d4356b364}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/10/07 18:01:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pilar\Desktop\OTL.exe
      [2012/10/06 16:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
      [2012/10/04 20:29:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom DesktopSuite
      [2012/10/03 13:46:42 | 000,000,000 | ---D | C] -- C:\windows\pss
      [2012/10/03 13:31:54 | 000,000,000 | ---D | C] -- C:\Users\Pilar\AppData\Local\ElevatedDiagnostics
      [2012/10/02 21:13:06 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
      [2012/10/02 21:11:17 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Documents\SpyHunter-Installer
      [2012/10/02 20:17:03 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
      [2012/10/02 20:06:04 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Documents\SCAN
      [2012/10/02 16:19:58 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\Ilustrator
      [2012/10/02 15:23:47 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Adobe
      [2012/10/02 14:46:53 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MpEngineStore
      [2012/09/28 00:58:58 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Documents\Friends_season5
      [2012/09/27 13:47:28 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\blowing_up_analisys
      [2012/09/25 17:37:32 | 000,000,000 | ---D | C] -- C:\_DT-Kill
      [2012/09/25 17:26:52 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Documents\ccsetup322
      [2012/09/25 10:59:40 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\pilar_wfh2012
      [2012/09/23 22:06:29 | 000,000,000 | ---D | C] -- C:\Users\Pilar\AppData\Local\{75ECF29D-05EC-11E2-8271-B8AC6F996F26}
      [2012/09/23 08:48:21 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Documents\Friends_SEason4
      [2012/09/21 16:35:33 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Documents\MBA_enac_segunda_fase
      [2012/09/21 10:32:29 | 000,000,000 | ---D | C] -- C:\Users\Pilar\AppData\Roaming\Malwarebytes
      [2012/09/21 10:26:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/09/18 20:22:51 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Documents\thoman_and_Mueller
      [2012/09/18 16:34:47 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\Analisis_sensibilidad_fennel
      [2012/09/18 09:49:46 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\fennel_biosed_30days
      [2012/09/17 22:37:23 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Documents\Friends_season3
      [2012/09/17 11:11:53 | 000,000,000 | ---D | C] -- C:\Users\Pilar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIF Construction Set Professional 3
      [2012/09/17 11:11:51 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Documents\My GIF Animations
      [2012/09/17 11:11:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alchemy Mindworks
      [2012/09/17 11:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pilar\AppData\Roaming\Alchemy Mindworks
      [2012/09/13 12:55:16 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\fennel_biosed_vs_nonbiosed
      [2012/09/12 15:45:56 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\bio_toy_ecosim
      [2012/09/12 09:44:12 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\nuevo_rst_oceantime_cero
      [2012/09/11 10:23:39 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Documents\recetas
      [2012/09/11 10:23:23 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\wfh_fennel_nobiosed
      [2012/09/11 10:22:54 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\wfh_fennel_biosed
      [2012/09/10 00:30:44 | 000,000,000 | ---D | C] -- C:\Users\Pilar\AppData\Roaming\vlc
      [2012/09/08 14:28:06 | 000,000,000 | ---D | C] -- C:\Users\Pilar\AppData\Local\ApplicationHistory
      [2012/09/08 14:07:22 | 000,000,000 | ---D | C] -- C:\Users\Pilar\Desktop\Compartido
      [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/10/07 23:49:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pilar\Desktop\OTL.exe
      [2012/10/07 18:01:07 | 000,597,474 | ---- | M] () -- C:\Users\Pilar\Desktop\OTL.rar
      [2012/10/07 17:46:54 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/10/07 17:46:54 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/10/07 17:38:58 | 000,001,110 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/10/07 17:38:39 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
      [2012/10/07 17:35:36 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
      [2012/10/07 17:35:26 | 2064,568,319 | -HS- | M] () -- C:\hiberfil.sys
      [2012/10/07 10:17:47 | 000,001,114 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/10/07 01:09:00 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
      [2012/10/06 17:33:40 | 000,002,006 | ---- | M] () -- C:\Users\Pilar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
      [2012/10/06 15:59:28 | 000,007,608 | ---- | M] () -- C:\Users\Pilar\AppData\Local\Resmon.ResmonCfg
      [2012/10/06 15:05:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
      [2012/10/06 00:35:03 | 001,761,282 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
      [2012/10/06 00:35:03 | 000,779,990 | ---- | M] () -- C:\windows\SysNative\perfh00A.dat
      [2012/10/06 00:35:03 | 000,682,896 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
      [2012/10/06 00:35:03 | 000,170,658 | ---- | M] () -- C:\windows\SysNative\perfc00A.dat
      [2012/10/06 00:35:03 | 000,131,808 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
      [2012/10/06 00:28:26 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\pWHCLdY.exe
      [2012/10/05 17:04:12 | 000,000,600 | ---- | M] () -- C:\Users\Pilar\AppData\Roaming\winscp.rnd
      [2012/10/05 07:49:34 | 000,036,352 | ---- | M] () -- C:\windows\SysNative\pWHCLdY.exe
      [2012/10/02 2140 | 000,293,979 | ---- | M] () -- C:\Users\Pilar\Documents\SpyHunter-Installer.rar
      [2012/10/02 20:47:47 | 083,023,306 | ---- | M] () -- C:\ProgramData\etadpuswodniw.pad
      [2012/10/02 20:04:35 | 017,381,351 | ---- | M] () -- C:\Users\Pilar\Documents\SCAN.rar
      [2012/10/02 19:47:47 | 000,000,282 | RHS- | M] () -- C:\ProgramData\ntuser.pol
      [2012/10/02 15:38:05 | 000,001,224 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
      [2012/10/02 14:59:38 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\ERkWViC.exe
      [2012/10/02 14:45:59 | 000,006,532 | ---- | M] () -- C:\Users\Pilar\AppData\Local\chromeupdate.crx
      [2012/09/29 21:54:56 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      [2012/09/28 10:19:13 | 000,002,381 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2012/09/25 17:25:31 | 003,896,733 | ---- | M] () -- C:\Users\Pilar\Documents\ccsetup322.rar
      [2012/09/24 16:47:05 | 000,294,912 | ---- | M] () -- C:\Users\Pilar\Documents\datos.accdb
      [2012/09/24 07:18:11 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\ifNsevs.exe
      [2012/09/24 00:38:47 | 000,134,672 | ---- | M] () -- C:\windows\RegBootClean64.exe
      [2012/09/21 01:09:12 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
      [2012/09/21 01:09:12 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
      [2012/09/18 16:36:18 | 014,744,510 | ---- | M] () -- C:\Users\Pilar\Documents\Henriksen_and_kemp_1988.pdf
      [2012/09/18 16:28:58 | 001,093,052 | ---- | M] () -- C:\Users\Pilar\Documents\M6 rivers and lakes.pdf
      [2012/09/18 14:14:14 | 000,086,480 | ---- | M] () -- C:\Users\Pilar\Documents\usb
      [2012/09/17 11:12:32 | 000,000,042 | ---- | M] () -- C:\windows\AlchemyMindworksUpdateList.INI
      [2012/09/17 11:11:54 | 000,001,423 | ---- | M] () -- C:\Users\Pilar\Desktop\GIF Construction Set Professional 3.lnk
      [2012/09/13 12:35:48 | 000,000,142 | ---- | M] () -- C:\Users\Pilar\Desktop\url_ncml.m
      [2012/09/12 14:03:31 | 000,026,315 | ---- | M] () -- C:\Users\Pilar\Desktop\startup_Prueba_Pilar.m
      [2012/09/12 14:03:21 | 000,026,293 | ---- | M] () -- C:\Users\Pilar\Desktop\startup_Prueba_Pilar.asv
      [2012/09/12 13:53:01 | 000,002,443 | ---- | M] () -- C:\Users\Pilar\Desktop\startup_alfredo.m
      [2012/09/11 15:24:48 | 000,000,824 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
      [2012/09/11 10:48:04 | 003,215,380 | ---- | M] () -- C:\Users\Pilar\Desktop\JEMA_definitivo.pdf
      [2012/09/11 06:47:40 | 019,850,780 | ---- | M] () -- C:\Users\Pilar\Documents\News ERZIA.mp4
      [2012/09/10 15:33:51 | 209,296,271 | ---- | M] () -- C:\Users\Pilar\Documents\his_wfh_0001.nc.filepart
      [2012/09/09 10:49:49 | 000,001,358 | ---- | M] () -- C:\Users\Pilar\Desktop\MATLAB R2011b.lnk
      [2012/09/09 09:47:03 | 000,000,157 | ---- | M] () -- C:\windows\matlab.ini
      [2012/09/08 14:36:10 | 000,002,257 | ---- | M] () -- C:\Users\Public\Desktop\MATLAB R2006a.lnk
      [2012/09/08 14:28:07 | 000,000,093 | ---- | M] () -- C:\Users\Pilar\AppData\Local\fusioncache.dat
      [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/10/07 18:01:31 | 000,597,474 | ---- | C] () -- C:\Users\Pilar\Desktop\OTL.rar
      [2012/10/06 15:59:28 | 000,007,608 | ---- | C] () -- C:\Users\Pilar\AppData\Local\Resmon.ResmonCfg
      [2012/10/06 00:28:26 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\pWHCLdY.exe
      [2012/10/05 07:49:34 | 000,036,352 | ---- | C] () -- C:\windows\SysNative\pWHCLdY.exe
      [2012/10/02 21:11:08 | 000,293,979 | ---- | C] () -- C:\Users\Pilar\Documents\SpyHunter-Installer.rar
      [2012/10/02 20:17:09 | 083,023,306 | ---- | C] () -- C:\ProgramData\etadpuswodniw.pad
      [2012/10/02 20:05:51 | 017,381,351 | ---- | C] () -- C:\Users\Pilar\Documents\SCAN.rar
      [2012/10/02 15:38:15 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 9.0.lnk
      [2012/10/02 15:23:39 | 000,001,224 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
      [2012/10/02 14:59:38 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\ERkWViC.exe
      [2012/09/29 21:54:56 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      [2012/09/25 17:26:39 | 003,896,733 | ---- | C] () -- C:\Users\Pilar\Documents\ccsetup322.rar
      [2012/09/24 15:17:37 | 000,294,912 | ---- | C] () -- C:\Users\Pilar\Documents\datos.accdb
      [2012/09/24 07:18:11 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\ifNsevs.exe
      [2012/09/24 00:38:40 | 000,134,672 | ---- | C] () -- C:\windows\RegBootClean64.exe
      [2012/09/23 22:06:29 | 000,006,532 | ---- | C] () -- C:\Users\Pilar\AppData\Local\chromeupdate.crx
      [2012/09/18 16:36:18 | 014,744,510 | ---- | C] () -- C:\Users\Pilar\Documents\Henriksen_and_kemp_1988.pdf
      [2012/09/18 16:28:58 | 001,093,052 | ---- | C] () -- C:\Users\Pilar\Documents\M6 rivers and lakes.pdf
      [2012/09/18 14:11:36 | 000,086,480 | ---- | C] () -- C:\Users\Pilar\Documents\usb
      [2012/09/17 11:12:32 | 000,000,042 | ---- | C] () -- C:\windows\AlchemyMindworksUpdateList.INI
      [2012/09/17 11:11:54 | 000,001,423 | ---- | C] () -- C:\Users\Pilar\Desktop\GIF Construction Set Professional 3.lnk
      [2012/09/17 11:11:51 | 000,212,992 | ---- | C] () -- C:\windows\ALCHUNIN.EXE
      [2012/09/13 12:35:41 | 000,000,142 | ---- | C] () -- C:\Users\Pilar\Desktop\url_ncml.m
      [2012/09/12 14:03:21 | 000,026,293 | ---- | C] () -- C:\Users\Pilar\Desktop\startup_Prueba_Pilar.asv
      [2012/09/12 14:00:21 | 000,026,315 | ---- | C] () -- C:\Users\Pilar\Desktop\startup_Prueba_Pilar.m
      [2012/09/12 13:53:01 | 000,002,443 | ---- | C] () -- C:\Users\Pilar\Desktop\startup_alfredo.m
      [2012/09/11 10:48:04 | 003,215,380 | ---- | C] () -- C:\Users\Pilar\Desktop\JEMA_definitivo.pdf
      [2012/09/11 09:05:14 | 019,850,780 | ---- | C] () -- C:\Users\Pilar\Documents\News ERZIA.mp4
      [2012/09/10 15:19:07 | 209,296,271 | ---- | C] () -- C:\Users\Pilar\Documents\his_wfh_0001.nc.filepart
      [2012/09/09 10:49:29 | 000,001,358 | ---- | C] () -- C:\Users\Pilar\Desktop\MATLAB R2011b.lnk
      [2012/09/08 15:36:59 | 000,000,157 | ---- | C] () -- C:\windows\matlab.ini
      [2012/09/08 14:36:10 | 000,002,257 | ---- | C] () -- C:\Users\Public\Desktop\MATLAB R2006a.lnk
      [2012/09/08 14:32:45 | 000,002,362 | ---- | C] () -- C:\windows\SysWow64\mscomct2.dep
      [2012/09/08 14:31:36 | 000,645,120 | ---- | C] () -- C:\windows\SysWow64\config.gms
      [2012/09/08 14:28:07 | 000,000,093 | ---- | C] () -- C:\Users\Pilar\AppData\Local\fusioncache.dat
      [2012/09/05 20:58:11 | 1340,251,675 | ---- | C] () -- C:\Program Files\Matlab R2011b.rar
      [2012/07/17 16:55:08 | 000,000,600 | ---- | C] () -- C:\Users\Pilar\AppData\Roaming\winscp.rnd
      [2012/07/17 16:49:53 | 000,000,600 | ---- | C] () -- C:\Users\Pilar\AppData\Local\PUTTY.RND
      [2012/07/17 04:46:54 | 000,000,282 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2012/07/16 07:43:13 | 000,000,312 | ---- | C] () -- C:\windows\ODBC.INI
      [2012/07/16 04:22:06 | 001,644,566 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
      [2012/05/10 09:14:32 | 000,755,572 | ---- | C] () -- C:\windows\SysWow64\igkrng700.bin
      [2012/05/10 09:14:32 | 000,559,972 | ---- | C] () -- C:\windows\SysWow64\igfcg700m.bin
      [2012/05/10 09:07:18 | 000,058,880 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
      [2012/05/10 08:25:28 | 013,026,304 | ---- | C] () -- C:\windows\SysWow64\ig7icd32.dll
      [2012/02/02 16:08:26 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
      [2011/12/19 14:21:20 | 000,032,768 | ---- | C] () -- C:\windows\SysWow64\SPCtl.dll

      ========== ZeroAccess Check ==========

      [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\$Recycle.Bin\S-1-5-18\$ca04051858c5c22f1460e8d1a0b9bac9\n.
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      < End of report >

    4. #4
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: Virus de la doble tilde

      Bien,

      Realiza lo siguiente desde modo seguro

      • Abre OTL.exe porfavor, y solo realiza lo siguiente tal cual:
      • Copia y pega el siguiente código en su marco en blanco (debajo de Código de Reparación)


      Código:
      :OTL
      [2012/10/02 20:17:03 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
      [2012/10/06 00:28:26 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\pWHCLdY.exe
      [2012/10/05 07:49:34 | 000,036,352 | ---- | M] () -- C:\windows\SysNative\pWHCLdY.exe
      
      :Files
      C:\$Recycle.Bin\S-1-5-18\$ca04051858c5c22f1460e8d1a0b9bac9
      C:\windows\SysWow64\ERkWViC.exe
      C:\windows\SysWow64\ifNsevs.exe
      
      :Commands
      [emptytemp]
      • Seguidamente pulsa sobre el botón Reparar



      Deja que se ejecute y luego del reinicio me copias el reporte que genere. Me comentas si sigue el problema o no.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de dax_32
      Registrado
      sep 2012
      Ubicación
      Santander
      Mensajes
      3

      Re: Virus de la doble tilde

      Gracias por tu respuesta, todavia no he ejecutado lo que me comentas, porque antes quería comentarte:
      El programa winscp es importante para mi, ya que lo utilizo para trabajar. Es un visor para acceder a un ordenador remoto, lo tengo ya configurado y no se volverle a poner.

      ¿Si ejecuto el codigo que comentas, tendre algun problema con el winscp?¿Podre seguir ejecutandolo?

      Por otro lado, he descubierto que en Skype si que puedo escribir acentos (¿?) en el resto de programas sigo igual (word, bloc de notas, gmail....). Por si esto nos da alguna informacion adicional...

      Bueno, quedo a la espera de tu respuesta sobre el winscp antes de ejecutar la reparacion.


      Muchismas Gracias !

    6. #6
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: Virus de la doble tilde

      Hi,

      Puedes ejecutarlo ahora, retiré lo perteneciente a winscp.
      Comentas a la vuelta los resultados.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.