• Registrarse
  • Iniciar sesión


  • Resultados 1 al 8 de 8

    Virus de anuncios: Lollipop (Solucionado)

    Resumen del tema: Virus de anuncios: Lollipop (Solucionado) - Hola, soy nuevo en esto y la verdad que no me llevo muy bien con los virus y demás, pero tengo un virus en mi ordenador que me tiene harto y no hay forma de ...

      
    1. #1
      Usuario Avatar de gabrodgo
      Registrado
      oct 2012
      Ubicación
      Cádiz
      Mensajes
      7

      Virus de anuncios: Lollipop (Solucionado)

      Hola, soy nuevo en esto y la verdad que no me llevo muy bien con los virus y demás, pero tengo un virus en mi ordenador que me tiene harto y no hay forma de quitarlo.

      El virus se llama Lollipop y constantemente me abre ventanas de anuncios en Google chrome. He intentado eliminarlo de mil formas, pero no lo consigo, y no me quiero arriesgar para no estropear mi ordenador.

      Espero que me puedan ayudar. Un saludo y gracias

    2. #2
      Ex-Colaborador Avatar de Xtreme Hero
      Registrado
      dic 2010
      Ubicación
      España
      Mensajes
      9.018

      Re: Virus de anuncios: Lollipop

      Hola gabrodgo Bienvenido a infospyware

      Realiza lo siguiente:

      1.-Descargar OTL.exe By OldTimer a tu Escritorio.

      Cerrar todos las ventanas y programas abiertos que pudieren interferir en la ejecución de la herramienta.

      En el caso de no poder ejecutarlo, descargar su versión renombrada desde aquí:

      OTL.com

      OTL.scr

      2.- Hacer doble clic sobre OTL.exe para ejecutar la herramienta.

      3.- Tener en cuenta los siguientes datos de configuración antes de realizar el análisis, marcando los casilleros del siguiente modo:
      ° Procesos, Módulos, Servicios, Controladores, Registro Normal y Registro Adicional, deben estar marcados en Usar Listado Mínimo

      ° Marcar el casillero Analizar Todos

      ° Tipo de Análisis: Debe estar marcado el casillero Resultado completo

      ° Archivos Creados y Archivos Modificados: Deben estar marcados los casilleros Edad de Archivo

      4.- Copiar el siguiente texto (excluyendo la palabra Código):

      Código:
      netsvcs
      msconfig
      %systemroot%\System32\config\*.sav
      %SYSTEMDRIVE%\*.*
      %appdata%\*
      CREATERESTOREPOINT
      5.- Pegar el contenido sobre el apartado: Análisis Personalizados /Código de Reparación.


      6.- Presione el botón Analizar y espere a que el proceso finalice.
      Por último se van a generar 2 reportes:

      • OTL.txt ----> Este debe abrir, copiar y pegar en su próxima respuesta.
      • Extra.txt -----> Debe guardarlo en el Escritorio. Si es necesario, se le pedirá.
      Importante: No utilice esta herramienta a menos que le sea solicitada por un Miembro del Staff.
      Salu2
      Lucha Hasta El Final

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de gabrodgo
      Registrado
      oct 2012
      Ubicación
      Cádiz
      Mensajes
      7

      Re: Virus de anuncios: Lollipop

      Muchas gracias por contestar tan rápido, de verdad. Aquí está el OTL:

      OTL logfile created on: 10/27/2012 1:45:08 PM - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MARIA JOSE\Downloads
      Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      1.99 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.88% Memory free
      3.98 Gb Paging File | 2.11 Gb Available in Paging File | 52.89% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
      Drive C: | 282.80 Gb Total Space | 155.69 Gb Free Space | 55.06% Space Free | Partition Type: NTFS

      Computer Name: GABRIEL-PC | User Name: MARIA JOSE | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - [2012/10/27 13:43:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MARIA JOSE\Downloads\OTL.exe
      PRC - [2012/10/26 20:21:13 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\MARIA JOSE\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
      PRC - [2012/10/10 12:06:17 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
      PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      PRC - [2012/09/28 00:46:04 | 000,759,808 | ---- | M] () -- C:\Users\MARIA JOSE\AppData\Local\Lollipop\Lollipop.exe
      PRC - [2012/09/20 15:03:20 | 001,236,368 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
      PRC - [2012/09/20 15:03:16 | 018,941,832 | ---- | M] (Lavasoft Limited) -- C:\PROGRA~1\AD-AWA~1\AdAware.exe
      PRC - [2012/08/08 10:17:00 | 000,540,056 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
      PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
      PRC - [2012/07/02 17:25:14 | 002,232,504 | ---- | M] (Giraffic) -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe
      PRC - [2012/07/02 17:24:54 | 003,790,504 | ---- | M] (Giraffic) -- C:\Program Files\Giraffic\Veoh_Giraffic.exe
      PRC - [2012/05/24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\MARIA JOSE\AppData\Roaming\Dropbox\bin\Dropbox.exe
      PRC - [2012/05/16 15:44:58 | 001,084,840 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
      PRC - [2012/04/22 13:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
      PRC - [2012/04/22 13:50:44 | 000,174,120 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
      PRC - [2012/04/22 13:50:32 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
      PRC - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
      PRC - [2011/06/22 10:25:22 | 002,648,184 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
      PRC - [2011/06/17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
      PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
      PRC - [2011/03/28 17:06:24 | 000,311,352 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
      PRC - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
      PRC - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
      PRC - [2011/03/09 11:09:54 | 003,986,944 | ---- | M] (Western Digital Technologies, Inc.) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
      PRC - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
      PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
      PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
      PRC - [2009/12/03 20:28:08 | 000,026,112 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
      PRC - [2009/11/11 14:00:54 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
      PRC - [2009/07/30 17:49:34 | 002,352,416 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
      PRC - [2009/07/30 17:49:34 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
      PRC - [2009/07/30 17:49:34 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
      PRC - [2009/07/14 01:56:02 | 000,458,844 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
      PRC - [2009/07/14 01:56:02 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\stacsv.exe
      PRC - [2009/06/18 18:07:06 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
      PRC - [2009/06/17 18:56:16 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
      PRC - [2009/06/17 18:56:14 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
      PRC - [2009/03/02 23:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\AEstSrv.exe


      ========== Modules (No Company Name) ==========

      MOD - [2012/10/10 12:06:15 | 000,460,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
      MOD - [2012/10/10 12:06:13 | 012,435,992 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
      MOD - [2012/10/10 12:06:12 | 004,005,912 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
      MOD - [2012/10/10 12:04:57 | 000,578,072 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
      MOD - [2012/10/10 12:04:55 | 000,123,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\libegl.dll
      MOD - [2012/10/10 12:04:44 | 000,156,712 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
      MOD - [2012/10/10 12:04:43 | 000,275,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
      MOD - [2012/10/10 12:04:42 | 002,168,360 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
      MOD - [2012/09/28 00:46:04 | 000,759,808 | ---- | M] () -- C:\Users\MARIA JOSE\AppData\Local\Lollipop\Lollipop.exe
      MOD - [2012/08/13 13:01:07 | 002,049,056 | ---- | M] () -- c:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
      MOD - [2012/06/14 03:33:32 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
      MOD - [2012/06/14 03:33:20 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
      MOD - [2012/05/30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
      MOD - [2012/05/30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
      MOD - [2012/05/16 15:45:56 | 000,276,392 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
      MOD - [2012/05/16 15:45:40 | 002,652,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
      MOD - [2012/05/16 15:45:40 | 000,363,944 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
      MOD - [2012/05/16 15:45:38 | 011,166,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
      MOD - [2012/05/16 15:45:36 | 001,346,472 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
      MOD - [2012/05/16 15:45:36 | 000,205,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
      MOD - [2012/05/16 15:45:34 | 001,013,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
      MOD - [2012/05/16 15:45:34 | 000,720,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
      MOD - [2012/05/16 15:45:32 | 008,506,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
      MOD - [2012/05/16 15:45:32 | 000,520,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
      MOD - [2012/05/16 15:45:30 | 002,480,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
      MOD - [2012/05/16 15:45:30 | 002,353,576 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
      MOD - [2012/05/16 15:45:28 | 000,445,864 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
      MOD - [2012/05/16 15:45:22 | 000,206,760 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\imageformats\qjpeg4.dll
      MOD - [2012/05/16 15:45:22 | 000,035,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\imageformats\qico4.dll
      MOD - [2012/05/16 15:45:20 | 000,032,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\imageformats\qgif4.dll
      MOD - [2012/05/16 15:44:54 | 000,437,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
      MOD - [2012/05/16 15:44:16 | 000,604,072 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
      MOD - [2012/05/16 13:46:28 | 000,391,056 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
      MOD - [2012/05/16 13:46:28 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
      MOD - [2012/05/16 13:45:30 | 000,110,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
      MOD - [2012/05/11 03:42:28 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
      MOD - [2012/05/11 03:36:22 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
      MOD - [2012/05/11 03:36:17 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
      MOD - [2012/05/11 03:36:15 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
      MOD - [2012/05/11 03:35:40 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
      MOD - [2011/06/21 15:48:28 | 000,910,336 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtNetwork4.dll
      MOD - [2011/06/20 15:37:16 | 010,836,992 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
      MOD - [2011/06/20 13:52:20 | 001,283,584 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtScript4.dll
      MOD - [2011/06/20 13:32:40 | 000,266,752 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\phonon4.dll
      MOD - [2011/06/20 13:21:50 | 007,994,880 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtGui4.dll
      MOD - [2011/06/20 13:04:56 | 002,233,344 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll
      MOD - [2011/05/26 11:38:06 | 000,120,320 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll
      MOD - [2011/05/26 11:38:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qgif4.dll
      MOD - [2010/11/13 02:02:55 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll
      MOD - [2009/07/30 17:49:52 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll


      ========== Services (SafeList) ==========

      SRV - File not found [Auto | Stopped] -- C:\Program Files\SDL International\T2007\TT\Lng\Dialogs1031.lng -- (NewServiceInstall1)
      SRV - [2012/10/08 22:03:28 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
      SRV - [2012/10/06 04:14:08 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
      SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
      SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
      SRV - [2012/09/20 15:03:20 | 001,236,368 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
      SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
      SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
      SRV - [2012/07/02 17:25:14 | 002,232,504 | ---- | M] (Giraffic) [Auto | Running] -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)
      SRV - [2012/04/22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
      SRV - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
      SRV - [2011/09/09 1828 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
      SRV - [2011/06/17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
      SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
      SRV - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
      SRV - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
      SRV - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
      SRV - [2010/05/26 22:58:01 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
      SRV - [2009/12/03 20:28:08 | 000,026,112 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
      SRV - [2009/07/30 17:49:34 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
      SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
      SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
      SRV - [2009/07/14 01:56:02 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\stacsv.exe -- (STacSV)
      SRV - [2009/06/18 18:07:06 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
      SRV - [2009/06/17 18:56:16 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
      SRV - [2009/06/13 20:13:20 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
      SRV - [2009/03/02 23:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\AEstSrv.exe -- (AESTFilters)


      ========== Driver Services (SafeList) ==========

      DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
      DRV - [2012/04/22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
      DRV - [2012/01/09 17:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
      DRV - [2012/01/09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
      DRV - [2012/01/09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
      DRV - [2012/01/09 17:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
      DRV - [2012/01/09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
      DRV - [2012/01/09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
      DRV - [2011/12/19 12:44:24 | 000,093,816 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbhips.sys -- (sbhips)
      DRV - [2011/11/29 06:59:52 | 000,077,816 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\sbapifs.sys -- (sbapifs)
      DRV - [2011/10/26 14:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\SBREDrv.sys -- (SBRE)
      DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
      DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
      DRV - [2010/02/25 00:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey)
      DRV - [2010/01/26 17:38:06 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
      DRV - [2010/01/13 16:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32)
      DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
      DRV - [2009/07/14 01:56:02 | 000,408,576 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
      DRV - [2009/07/14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
      DRV - [2009/07/02 11:40:34 | 001,765,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
      DRV - [2009/06/04 20:19:00 | 004,231,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (netw5v32)
      DRV - [2009/05/16 03:15:14 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
      DRV - [2009/05/16 03:15:14 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (MfeAVFK)
      DRV - [2009/05/16 03:15:14 | 000,055,336 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
      DRV - [2009/05/16 03:15:14 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (MfeBOPK)
      DRV - [2009/05/16 03:15:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (MfeRKDK)
      DRV - [2009/04/29 17:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
      DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
      DRV - [2005/06/24 18:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
      DRV - [2005/05/26 11:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
      DRV - [2005/05/26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = Google
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AA 0A 88 F6 D0 12 CB 01 [binary data]
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\URLSearchHook: {0974848a-b5bc-49f2-9778-307742b4a55d} - No CLSID value found
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=113480&tt=120812_bandext_3312_2&babsrc=SP_ss&mntrId=b408e7b3000000000000002713400ba2
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GFRE_es
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.upo.es;*.local
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = hermes.upo.es:8080

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
      FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
      FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
      FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=113480&tt=120812_bandext_3312_2&babsrc=HP_ss&mntrId=b408e7b3000000000000002713400ba2"
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
      FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\MARIA JOSE\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/02/15 21:44:14 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/14 01:02:08 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/15 12:35:16 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/02/15 21:44:14 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension

      [2012/10/14 00:17:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MARIA JOSE\AppData\Roaming\mozilla\Extensions
      [2012/10/23 20:49:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MARIA JOSE\AppData\Roaming\mozilla\Firefox\Profiles\4ujlau0l.default\extensions
      [2012/10/14 01:01:44 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\MARIA JOSE\AppData\Roaming\mozilla\Firefox\Profiles\4ujlau0l.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
      [2012/10/14 00:16:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
      [2012/10/06 04:14:59 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
      [2012/10/06 06:53:55 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
      [2012/10/06 06:53:55 | 000,003,882 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
      [2012/10/06 06:53:55 | 000,001,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
      [2012/10/06 06:53:55 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
      [2012/10/06 06:53:55 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/10/06 06:53:55 | 000,001,102 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - homepage: Google
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.77\PepperFlash\pepflashplayer.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
      CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
      CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\MARIA JOSE\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
      CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\MARIA JOSE\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
      CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
      CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
      CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\windows\system32\npDeployJava1.dll
      CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
      CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
      CHR - Extension: Google Drive = C:\Users\MARIA JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
      CHR - Extension: YouTube = C:\Users\MARIA JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\MARIA JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
      CHR - Extension: AdBlock = C:\Users\MARIA JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.46_0\
      CHR - Extension: Cuevana Stream = C:\Users\MARIA JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdckejfnkaemompfjhecfmhjgnchmjg\4.4_0\
      CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\MARIA JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0\
      CHR - Extension: Gmail = C:\Users\MARIA JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
      O3 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\Toolbar\WebBrowser: (no name) - {0974848A-B5BC-49F2-9778-307742B4A55D} - No CLSID value found.
      O3 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O3 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
      O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
      O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
      O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
      O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
      O4 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001..\Run: [] File not found
      O4 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001..\Run: [GoogleChromeAutoLaunch_833989B3519B3C219B09FD6E7C85D6EC] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
      O4 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001..\Run: [lollipop] c:\users\maria jose\appdata\local\lollipop\lollipop.exe ()
      O4 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
      O4 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001..\Run: [Spotify Web Helper] C:\Users\MARIA JOSE\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
      O4 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe (Sonic Solutions)
      O4 - Startup: C:\Users\MARIA JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\MARIA JOSE\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
      O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\MARIA JOSE\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
      O13 - gopher Prefix: missing
      O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.4.1)
      O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Java Plug-in 1.5.0_10)
      O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_04)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.4.1)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7616A798-8CE5-4A68-BBCB-87758BA58810}: DhcpNameServer = 192.168.1.1
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\progra~2\browse~1\22565~1.25\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O33 - MountPoints2\{86a44f46-f688-11df-b547-002713400ba2}\Shell - "" = AutoRun
      O33 - MountPoints2\{86a44f46-f688-11df-b547-002713400ba2}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\FichaTecnicaEffentora.PDF
      O34 - HKLM BootExecute: (autocheck autochk *)
      O34 - HKLM BootExecute: (MACHINE BootExecut)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/10/27 12:54:19 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{EB0EB671-5EA0-49F3-B4A1-4D46C50EDA00}
      [2012/10/26 12:59:00 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{996ADCA0-7F53-4E4D-978B-C456B34FE004}
      [2012/10/25 23:53:21 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{EA955FB9-49DC-4585-AD92-199DFE87DDFA}
      [2012/10/25 23:29:25 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Roaming\Malwarebytes
      [2012/10/25 23:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/10/25 23:28:13 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
      [2012/10/25 23:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2012/10/25 11:52:53 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{B724AE9D-DD57-46A4-8076-AB9964E8E933}
      [2012/10/24 12:40:09 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{09AFDC9E-4AC8-4E5B-AE2C-F133DEC857B6}
      [2012/10/24 00:39:41 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{36E3B074-11E7-40A4-B14C-8FBEA99CC792}
      [2012/10/23 10:54:01 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{73E7EED6-8C59-47D1-8A5E-4155136D34CF}
      [2012/10/22 21:06:31 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{6F31D9E3-93EC-4020-8D59-61EA2754F8F0}
      [2012/10/20 12:47:46 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{5050FBD3-1797-4563-AA13-91396D00BA78}
      [2012/10/19 12:13:55 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{22704D06-77A8-4E40-A6E4-9E5FE412FD71}
      [2012/10/18 11:39:47 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{668670B8-250B-4FB9-B8DE-CCCDA4271B0B}
      [2012/10/17 11:59:31 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{7B9D39E5-26AC-4073-8183-AB4A9FF03F16}
      [2012/10/17 00:40:27 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dispositivos Bluetooth
      [2012/10/16 11:43:02 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{D5053DDC-A68A-4323-8D54-0AC20AAEEC2E}
      [2012/10/15 10:46:52 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{CBE6914A-2FCB-4DCD-AEEC-45E5ED15D766}
      [2012/10/14 12:51:02 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{9D9C6C35-BB42-4B1A-87C4-4FA48CBBB3ED}
      [2012/10/14 01:21:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
      [2012/10/14 01:16:06 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Roaming\LavasoftStatistics
      [2012/10/14 01:09:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
      [2012/10/14 01:08:33 | 000,093,816 | ---- | C] (GFI Software) -- C:\windows\System32\drivers\sbhips.sys
      [2012/10/14 01:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
      [2012/10/14 01:08:30 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\VDD
      [2012/10/14 01:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
      [2012/10/14 01:01:59 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\adawarebp
      [2012/10/14 01:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
      [2012/10/14 01:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
      [2012/10/14 01:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
      [2012/10/14 00:58:24 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Roaming\Ad-Aware Antivirus
      [2012/10/14 00:57:39 | 005,469,816 | ---- | C] (Lavasoft Limited) -- C:\Users\MARIA JOSE\Desktop\Adaware_Installer.exe
      [2012/10/14 00:39:51 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{13661D44-B4F5-4233-B673-F85D7D1E8A90}
      [2012/10/14 00:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
      [2012/10/12 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{B17B5AB2-FD03-4B24-B3BA-22AD96730BC5}
      [2012/10/12 01:47:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2012/10/12 01:12:46 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{06F27829-B276-499A-89B0-3D011F2F1CA4}
      [2012/10/11 13:12:17 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{26D7A329-5D90-4C7D-94BD-03C2CA872D18}
      [2012/10/11 01:14:09 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\Desktop\KANOUTÉ
      [2012/10/10 13:06:13 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{F48A7D65-74C7-441F-8462-289240738BF4}
      [2012/10/09 23:09:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
      [2012/10/09 23:08:27 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
      [2012/10/09 23:08:27 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
      [2012/10/09 23:08:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
      [2012/10/09 23:08:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
      [2012/10/09 23:08:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
      [2012/10/09 23:08:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
      [2012/10/09 23:08:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
      [2012/10/09 23:08:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
      [2012/10/09 23:08:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
      [2012/10/09 23:08:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
      [2012/10/09 23:08:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
      [2012/10/09 23:08:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
      [2012/10/09 23:08:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
      [2012/10/09 23:08:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
      [2012/10/09 23:08:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
      [2012/10/09 23:08:21 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
      [2012/10/09 23:08:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
      [2012/10/09 23:08:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
      [2012/10/09 23:08:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
      [2012/10/09 23:08:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
      [2012/10/09 23:08:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
      [2012/10/09 23:08:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
      [2012/10/09 23:08:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
      [2012/10/09 23:08:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
      [2012/10/09 23:08:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
      [2012/10/09 23:08:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
      [2012/10/09 23:08:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
      [2012/10/09 23:08:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
      [2012/10/09 23:08:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
      [2012/10/09 23:08:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
      [2012/10/09 23:04:31 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
      [2012/10/09 23:04:29 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
      [2012/10/09 22:39:20 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{176EA30D-8F96-414B-A1E3-2C2D18F67E2C}
      [2012/10/09 16:40:34 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{5200EEA5-2718-4525-B75D-458B76CA43D4}
      [2012/10/09 00:44:13 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\Desktop\CLASES
      [2012/10/08 16:39:46 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{5079DAB4-4260-4793-87E4-5A51776E4D4D}
      [2012/10/07 12:15:44 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{B6AD0ACE-3295-4F9F-AFDF-FD20139D51D2}
      [2012/10/06 14:23:42 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{22EBDB8F-C439-4839-8775-A744E1DEAFC9}
      [2012/10/06 02:23:14 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{67F4411D-EA90-4482-8DD9-030380B42780}
      [2012/10/05 14:22:46 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{30F7B4B0-7E1A-4C28-8393-1CAD17C7DFB3}
      [2012/10/04 12:15:07 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{D34810D2-BFD4-4E11-A836-2180E7E8011F}
      [2012/10/03 11:47:47 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{E0667716-1BDE-4AC3-BD11-C251B9D7EC0D}
      [2012/10/02 13:03:10 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{BD46A2FA-0A39-4D6E-9DEC-E32ACDD6FC4C}
      [2012/10/02 01:02:42 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{33E445F3-2493-4242-9281-3761E7EB3572}
      [2012/10/01 13:02:13 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{5FCC6831-E89F-415E-9C7E-DFE24450E98B}
      [2012/10/01 01:01:42 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{288B39F8-8925-4375-A018-0B1BD1B32367}
      [2012/09/30 00:22:54 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{766C2124-9C17-4337-A6C1-BE25A629243E}
      [2012/09/28 13:54:45 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{C1DBC93F-CCBD-4234-88A2-39472FEF8B77}
      [2012/09/28 01:01:53 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\Documents\Biblioteca de calibre
      [2012/09/28 01:01:49 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Roaming\calibre
      [2012/09/28 00:46:04 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\Lollipop
      [2012/09/27 21:59:49 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\{593718C8-9266-469F-9850-2986E101F3D0}
      [4 C:\Users\MARIA JOSE\Desktop\*.tmp files -> C:\Users\MARIA JOSE\Desktop\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/10/27 13:57:05 | 000,001,096 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/10/27 13:02:01 | 000,019,760 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/10/27 13:02:01 | 000,019,760 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/10/27 13:02:01 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
      [2012/10/27 12:59:33 | 000,703,868 | ---- | M] () -- C:\windows\System32\perfh00A.dat
      [2012/10/27 12:59:33 | 000,616,036 | ---- | M] () -- C:\windows\System32\perfh009.dat
      [2012/10/27 12:59:33 | 000,137,834 | ---- | M] () -- C:\windows\System32\perfc00A.dat
      [2012/10/27 12:59:32 | 000,106,416 | ---- | M] () -- C:\windows\System32\perfc009.dat
      [2012/10/27 12:53:21 | 000,001,092 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/10/27 12:53:04 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
      [2012/10/27 12:53:00 | 1603,772,416 | -HS- | M] () -- C:\hiberfil.sys
      [2012/10/23 11:59:47 | 000,475,819 | ---- | M] () -- C:\Users\MARIA JOSE\Desktop\familystory.pdf
      [2012/10/14 00:58:21 | 005,469,816 | ---- | M] (Lavasoft Limited) -- C:\Users\MARIA JOSE\Desktop\Adaware_Installer.exe
      [2012/10/12 01:59:39 | 000,914,188 | ---- | M] () -- C:\Users\MARIA JOSE\Documents\cc_20121012_015853.reg
      [2012/10/08 22:03:26 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
      [2012/10/08 22:03:26 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
      [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
      [4 C:\Users\MARIA JOSE\Desktop\*.tmp files -> C:\Users\MARIA JOSE\Desktop\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/10/23 11:59:45 | 000,475,819 | ---- | C] () -- C:\Users\MARIA JOSE\Desktop\familystory.pdf
      [2012/10/14 00:16:51 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2012/10/12 01:58:59 | 000,914,188 | ---- | C] () -- C:\Users\MARIA JOSE\Documents\cc_20121012_015853.reg
      [2012/08/07 00:38:57 | 000,001,676 | ---- | C] () -- C:\windows\System32\ASOROSet.bin
      [2012/02/20 04:09:34 | 000,000,713 | ---- | C] () -- C:\Users\MARIA JOSE\.powerupdate.user.properties
      [2012/01/15 20:07:06 | 000,000,161 | ---- | C] () -- C:\windows\VIEWER.INI
      [2011/09/29 22:20:37 | 000,000,000 | ---- | C] () -- C:\Users\MARIA JOSE\AppData\Local\{E82E7727-A058-41EB-BE99-2BE08768D1E1}
      [2011/06/26 21:41:59 | 000,000,578 | ---- | C] () -- C:\windows\eReg.dat
      [2011/06/13 12:13:45 | 000,000,000 | ---- | C] () -- C:\Users\MARIA JOSE\AppData\Local\{6C990D30-1399-4801-A044-277BCD64244C}
      [2011/06/08 11:37:49 | 000,000,000 | ---- | C] () -- C:\Users\MARIA JOSE\AppData\Local\{5E8DA613-DBA7-44FF-94EB-753C9F8CBBA9}
      [2011/02/15 22:14:35 | 000,000,385 | ---- | C] () -- C:\windows\hpwmdl27.dat.temp
      [2011/02/15 21:36:43 | 000,197,115 | ---- | C] () -- C:\windows\hpwins27.dat
      [2011/01/09 15:28:37 | 000,001,849 | ---- | C] () -- C:\Users\MARIA JOSE\AppData\Roaming\GhostObjGAFix.xml
      [2010/06/23 20:07:29 | 000,000,114 | ---- | C] () -- C:\Users\MARIA JOSE\webct_upload_applet.properties
      [2010/05/10 18:46:12 | 000,000,016 | ---- | C] () -- C:\Users\MARIA JOSE\AppData\Roaming\qvjsge.dat
      [2010/02/21 15:58:42 | 000,005,632 | ---- | C] () -- C:\Users\MARIA JOSE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2010/01/11 00:34:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
      [2007/04/03 15:43:32 | 000,054,840 | ---- | C] () -- C:\Program Files\start.exe
      [2000/10/20 19:16:00 | 000,000,028 | ---- | C] () -- C:\Program Files\autorun.inf

      ========== ZeroAccess Check ==========

      [2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== Custom Scans ==========

      < %systemroot%\System32\config\*.sav >

      < %SYSTEMDRIVE%\*.* >
      [2012/08/14 12:18:32 | 000,034,604 | ---- | M] () -- C:\AdwCleaner[R1].txt
      [2012/10/12 01:45:12 | 000,001,978 | ---- | M] () -- C:\AdwCleaner[R2].txt
      [2012/10/12 01:45:47 | 000,002,038 | ---- | M] () -- C:\AdwCleaner[R3].txt
      [2012/10/12 01:46:58 | 000,002,098 | ---- | M] () -- C:\AdwCleaner[R4].txt
      [2012/10/14 00:35:57 | 000,002,479 | ---- | M] () -- C:\AdwCleaner[R5].txt
      [2012/10/26 01:27:12 | 000,002,515 | ---- | M] () -- C:\AdwCleaner[R6].txt
      [2012/08/14 12:19:43 | 000,035,345 | ---- | M] () -- C:\AdwCleaner[S1].txt
      [2012/10/12 02:00:34 | 000,002,171 | ---- | M] () -- C:\AdwCleaner[S2].txt
      [2012/10/14 00:36:27 | 000,002,566 | ---- | M] () -- C:\AdwCleaner[S3].txt
      [2012/10/26 01:38:08 | 000,002,602 | ---- | M] () -- C:\AdwCleaner[S4].txt
      [2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
      [2012/10/27 12:53:00 | 1603,772,416 | -HS- | M] () -- C:\hiberfil.sys
      [2010/03/07 20:09:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2010/03/07 20:09:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2012/10/27 12:53:03 | 2138,365,952 | -HS- | M] () -- C:\pagefile.sys

      < %appdata%\* >
      [2011/08/14 14:28:56 | 000,001,849 | ---- | M] () -- C:\Users\MARIA JOSE\AppData\Roaming\GhostObjGAFix.xml
      [2010/05/10 18:46:13 | 000,000,016 | ---- | M] () -- C:\Users\MARIA JOSE\AppData\Roaming\qvjsge.dat

      < End of report >

    4. #4
      Ex-Colaborador Avatar de Xtreme Hero
      Registrado
      dic 2010
      Ubicación
      España
      Mensajes
      9.018

      Re: Virus de anuncios: Lollipop

      Hola de nuevo,

      Realiza lo siguiente:

      Ejecuta OTL.exe


      1.- Copiar el siguiente texto (excluyendo la palabra Código):
      Código:
      :OTL
      MOD - [2012/09/28 00:46:04 | 000,759,808 | ---- | M] () -- C:\Users\MARIA JOSE\AppData\Local\Lollipop\Lollipop.exe
      IE - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=113480&tt=120812_bandext_3312_2&babsrc=SP_ss&mntrId=b408e7b3000000000000002713400ba2
      FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
      FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
      FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
      FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=113480&tt=120812_bandext_3312_2&babsrc=HP_ss&mntrId=b408e7b3000000000000002713400ba2"
      O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
      O3 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\Toolbar\WebBrowser: (no name) - {0974848A-B5BC-49F2-9778-307742B4A55D} - No CLSID value found.
      O3 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
      O4 - HKU\S-1-5-21-2464087728-152159578-4092020956-1001..\Run: [lollipop] c:\users\maria jose\appdata\local\lollipop\lollipop.exe ()
      O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
      O33 - MountPoints2\{86a44f46-f688-11df-b547-002713400ba2}\Shell - "" = AutoRun
      [2012/09/28 00:46:04 | 000,000,000 | ---D | C] -- C:\Users\MARIA JOSE\AppData\Local\Lollipop
      [4 C:\Users\MARIA JOSE\Desktop\*.tmp files -> C:\Users\MARIA JOSE\Desktop\*.tmp -> ]
      [2011/02/15 22:14:35 | 000,000,385 | ---- | C] () -- C:\windows\hpwmdl27.dat.temp
      [2010/01/11 00:34:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
      [2007/04/03 15:43:32 | 000,054,840 | ---- | C] () -- C:\Program Files\start.exe
      [2000/10/20 19:16:00 | 000,000,028 | ---- | C] () -- C:\Program Files\autorun.inf
      [2010/05/10 18:46:12 | 000,000,016 | ---- | C] () -- C:\Users\MARIA JOSE\AppData\Roaming\qvjsge.dat
      
      
      :Commands
      [PURITY] 
      [RESETHOSTS]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [CREATERESTOREPOINT]
      2.- Pegar el contenido sobre el apartado: Análisis Personalizados /Código de Reparación.


      3.- Presionar el botón Reparar para comenzar el procedimiento. Presionar OK.


      OTL va a reiniciar el ordenador para completar el procedimiento.

      Guardar el nuevo reporte generado. Copiar y pegarlo en su próxima respuesta, comentando como funciona el Sistema.

      Salu2
      Lucha Hasta El Final

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de gabrodgo
      Registrado
      oct 2012
      Ubicación
      Cádiz
      Mensajes
      7

      Re: Virus de anuncios: Lollipop

      Este es el reporte que me ha generado. Iré viendo cómo funciona el sistema y lo comento. Gracias!

      All processes killed
      ========== OTL ==========
      Registry key HKEY_USERS\S-1-5-21-2464087728-152159578-4092020956-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
      Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
      Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine
      Prefs.js: "http://search.babylon.com/?affID=113480&tt=120812_bandext_3312_2&babsrc=HP_ss&mntrId=b408e7b3000000000000002713400ba2" removed from browser.startup.homepage
      Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
      Registry value HKEY_USERS\S-1-5-21-2464087728-152159578-4092020956-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0974848A-B5BC-49F2-9778-307742B4A55D} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0974848A-B5BC-49F2-9778-307742B4A55D}\ not found.
      Registry value HKEY_USERS\S-1-5-21-2464087728-152159578-4092020956-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
      Registry value HKEY_USERS\S-1-5-21-2464087728-152159578-4092020956-1001\Software\Microsoft\Windows\CurrentVersion\Run\\lollipop deleted successfully.
      c:\users\maria jose\appdata\local\lollipop\lollipop.exe moved successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//about.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Exclude.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//LanguageSelection.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Message.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryCmd.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryNag.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyNotification.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//NOCLessUpdate.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//quarantine.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//ScanNow.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//strings.vbs/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Template.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Update.htm/\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//VirFound.htm/\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86a44f46-f688-11df-b547-002713400ba2}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86a44f46-f688-11df-b547-002713400ba2}\ not found.
      C:\Users\MARIA JOSE\AppData\Local\Lollipop folder moved successfully.
      C:\Users\MARIA JOSE\Desktop\~WRL0003.tmp deleted successfully.
      C:\Users\MARIA JOSE\Desktop\~WRL0004.tmp deleted successfully.
      C:\Users\MARIA JOSE\Desktop\~WRL1635.tmp deleted successfully.
      C:\Users\MARIA JOSE\Desktop\~WRL2412.tmp deleted successfully.
      C:\Windows\hpwmdl27.dat.temp moved successfully.
      C:\ProgramData\ezsidmv.dat moved successfully.
      C:\Program Files\start.exe moved successfully.

    6. #6
      Ex-Colaborador Avatar de Xtreme Hero
      Registrado
      dic 2010
      Ubicación
      España
      Mensajes
      9.018

      Re: Virus de anuncios: Lollipop

      Hola,

      Ok, por aquí esperamos tu veredicto.

      Salu2
      Lucha Hasta El Final

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de gabrodgo
      Registrado
      oct 2012
      Ubicación
      Cádiz
      Mensajes
      7

      Re: Virus de anuncios: Lollipop

      Bieeeen!! ¡Por ahora parece que está todo solucionado! Ya no salen las ventanas, espero que más tarde no me den la sorpresa....

      ¡¡Mil gracias de corazón!! La verdad es que estaba ya desesperado con tanta ventanita.

      Gracias gracias gracias.

    8. #8
      Ex-Colaborador Avatar de Xtreme Hero
      Registrado
      dic 2010
      Ubicación
      España
      Mensajes
      9.018

      Re: Virus de anuncios: Lollipop

      Hola de nuevo,

      -Descarga OTC.exe en el escritorio.

      -Lo ejecutas y presionas Cleanup.

      Eso eliminará OTM, su cuarentena y a OTC.exe

      Me alegro de que tu problema se haya solucionado.Para cualquier otro problema no dudes en volver a postear.

      Ha sido un placer ayudarte

      Damos el tema por
      --->:::Solucionado:::<---


      Si necesitas re-abrir el tema, haz clic en a la derecha de cualquier mensaje de tu tema y solicita que se abra nuevamente .Un moderador atendera tu consulta.

      Como recomendación final, te invitamos a seguirnos en nuestros canales de difusión :Blog , Twitter ,Facebook, ,vía E-Mail, para estar al tanto de los nuevos malwares y como prevenirlos.
      Salu2
      Lucha Hasta El Final

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.