• Registrarse
  • Iniciar sesión


  • Resultados 1 al 3 de 3

    policia 100 euros

    Hola, desde mediados de octubre me pasa lo de la página de la policía, que tengo que pagar 100 euros. He consultado en vuestro foro soluciones y he descargado la herramienta otl y realizado el ...

    1. #1
      Usuario Avatar de laura2012
      Registrado
      nov 2012
      Ubicación
      getafe
      Mensajes
      1

      policia 100 euros

      Hola,
      desde mediados de octubre me pasa lo de la página de la policía, que tengo que pagar 100 euros. He consultado en vuestro foro soluciones y he descargado la herramienta otl y realizado el análisis, os lo adjunto aqui para que me podáis ayudar a seguir solucionándolo. Muchas gracias de antemano.

      OTL logfile created on: 11/11/2012 12:31:01 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Laura Diaz Ragel\Escritorio
      Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.6001.18702)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      1014,42 Mb Total Physical Memory | 501,20 Mb Available Physical Memory | 49,41% Memory free
      2,39 Gb Paging File | 2,00 Gb Available in Paging File | 83,76% Paging File free
      Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
      Drive C: | 74,53 Gb Total Space | 0,57 Gb Free Space | 0,77% Space Free | Partition Type: NTFS
      Unable to calculate disk information.

      Computer Name: LAURA | User Name: Laura Diaz Ragel | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Quick Scan
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - [2012/11/10 20:03:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laura Diaz Ragel\Escritorio\OTL.exe
      PRC - [2012/11/10 18:58:20 | 000,997,320 | ---- | M] () -- C:\Archivos de programa\AVG Secure Search\vprot.exe
      PRC - [2012/11/10 18:58:19 | 000,711,112 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
      PRC - [2012/10/19 21:58:07 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Datos de programa\lsass.exe
      PRC - [2012/07/31 02:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgtray.exe
      PRC - [2012/07/22 10:56:31 | 001,193,176 | ---- | M] () -- C:\Archivos de programa\Spotify\Data\SpotifyWebHelper.exe
      PRC - [2012/07/13 16:18:48 | 000,136,616 | ---- | M] (LogMeIn, Inc.) -- C:\Archivos de programa\LogMeIn\x86\ramaint.exe
      PRC - [2012/07/13 16:17:44 | 000,374,184 | ---- | M] (LogMeIn, Inc.) -- C:\Archivos de programa\LogMeIn\x86\LMIGuardianSvc.exe
      PRC - [2012/06/22 14:55:48 | 000,265,952 | ---- | M] () -- C:\Archivos de programa\StartNow Toolbar\ToolbarUpdaterService.exe
      PRC - [2012/06/13 02:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgnsx.exe
      PRC - [2012/02/26 23:15:42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      PRC - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe
      PRC - [2011/11/30 23:49:55 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Archivos de programa\Real\RealPlayer\Update\realsched.exe
      PRC - [2011/10/02 12:15:02 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:\Archivos de programa\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
      PRC - [2011/04/14 11:32:42 | 000,329,432 | ---- | M] (facemoods.com) -- C:\Archivos de programa\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe
      PRC - [2011/01/20 13:04:14 | 000,370,688 | -H-- | M] (SanDisk Corporation) -- C:\Archivos de programa\SanDisk\SanDisk Media Manager\SanDiskMediaManager-Launcher.EXE
      PRC - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe
      PRC - [2010/10/13 15:21:08 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Archivos de programa\SweetIM\Messenger\SweetIM.exe
      PRC - [2010/01/27 11:22:02 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe
      PRC - [2008/09/30 13:06:50 | 000,485,208 | ---- | M] (Nikon Corporation) -- C:\Archivos de programa\Archivos comunes\Nikon\Monitor\NkMonitor.exe
      PRC - [2008/04/14 06:48:58 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
      PRC - [2005/09/06 13:04:52 | 000,671,744 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Archivos de programa\Toshiba\E-KEY\CeEKey.exe
      PRC - [2005/08/30 11:44:52 | 001,077,329 | ---- | M] (TOSHIBA) -- C:\Archivos de programa\Toshiba\Touch and Launch\PadExe.exe
      PRC - [2005/08/25 18:11:58 | 000,053,248 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Archivos de programa\Toshiba\TouchPad\TPTray.exe
      PRC - [2005/08/22 15:49:28 | 000,028,672 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\TCtrlIOHook.exe
      PRC - [2005/08/12 12:48:40 | 000,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
      PRC - [2005/08/12 12:48:26 | 000,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
      PRC - [2005/08/06 10:18:38 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Archivos de programa\Toshiba\ConfigFree\NDSTray.exe
      PRC - [2005/06/06 08:58:44 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe
      PRC - [2005/05/17 15:16:30 | 000,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Archivos de programa\Toshiba\TOSHIBA Controls\TFncKy.exe
      PRC - [2005/05/12 10:16:36 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Archivos de programa\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
      PRC - [2005/04/12 09:20:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Archivos de programa\Toshiba\TOSCDSPD\TOSCDSPD.exe
      PRC - [2005/04/05 15:25:34 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Archivos de programa\Toshiba\Tvs\TvsTray.exe
      PRC - [2005/01/18 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Archivos de programa\Toshiba\ConfigFree\CFSvcs.exe


      ========== Modules (No Company Name) ==========

      MOD - [2012/11/10 18:58:20 | 001,796,552 | ---- | M] () -- C:\Archivos de programa\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
      MOD - [2012/11/10 18:58:20 | 000,997,320 | ---- | M] () -- C:\Archivos de programa\AVG Secure Search\vprot.exe
      MOD - [2012/11/10 18:58:20 | 000,566,728 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
      MOD - [2012/11/10 18:58:20 | 000,134,600 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
      MOD - [2012/11/10 18:58:19 | 000,711,112 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
      MOD - [2012/07/22 10:56:31 | 001,193,176 | ---- | M] () -- C:\Archivos de programa\Spotify\Data\SpotifyWebHelper.exe
      MOD - [2012/06/22 14:55:48 | 000,627,424 | ---- | M] () -- C:\Archivos de programa\StartNow Toolbar\Toolbar32.dll
      MOD - [2012/06/22 14:55:48 | 000,265,952 | ---- | M] () -- C:\Archivos de programa\StartNow Toolbar\ToolbarUpdaterService.exe
      MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\zlib1.dll
      MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\libxml2.dll
      MOD - [2005/06/20 09:24:48 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\TPeculiarity.dll
      MOD - [2005/06/13 08:11:00 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\TCtrlIO.dll
      MOD - [2005/06/06 08:51:24 | 000,024,576 | ---- | M] () -- C:\Archivos de programa\Toshiba\TouchPad\TPECioctl.dll
      MOD - [2005/06/06 08:39:40 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\EKECioCtl.dll
      MOD - [2005/06/03 18:32:00 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\EBLib.DLL
      MOD - [2004/07/20 16:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll


      ========== Services (SafeList) ==========

      SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
      SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
      SRV - [2012/11/10 18:58:19 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\Archivos comunes\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
      SRV - [2012/07/13 16:18:48 | 000,136,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Archivos de programa\LogMeIn\x86\ramaint.exe -- (LMIMaint)
      SRV - [2012/07/13 16:17:44 | 000,374,184 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Archivos de programa\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
      SRV - [2012/06/22 14:55:48 | 000,265,952 | ---- | M] () [Auto | Running] -- C:\Archivos de programa\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
      SRV - [2012/02/26 23:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
      SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
      SRV - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
      SRV - [2005/04/03 23:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
      SRV - [2005/01/18 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Archivos de programa\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
      SRV - [2003/07/28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


      ========== Driver Services (SafeList) ==========

      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
      DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rtlnicxp.sys -- (RTL8023xp)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
      DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
      DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
      DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
      DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
      DRV - [2012/11/10 18:58:20 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
      DRV - [2012/08/24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
      DRV - [2012/07/13 16:17:46 | 000,083,392 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
      DRV - [2012/04/19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
      DRV - [2010/01/27 11:22:02 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
      DRV - [2010/01/27 11:22:02 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Archivos de programa\LogMeIn\x86\rainfo.sys -- (LMIInfo)
      DRV - [2008/03/17 10:03:46 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
      DRV - [2007/08/16 09:19:24 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
      DRV - [2007/08/09 03:13:04 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
      DRV - [2005/07/29 08:55:46 | 000,030,592 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
      DRV - [2005/06/23 17:16:08 | 000,162,176 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
      DRV - [2005/06/21 06:08:44 | 002,324,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
      DRV - [2005/06/03 18:49:42 | 000,009,600 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
      DRV - [2005/04/30 15:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
      DRV - [2005/03/24 15:36:54 | 000,008,192 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
      DRV - [2005/03/05 13:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
      DRV - [2004/11/16 00:22:08 | 000,101,874 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
      DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
      DRV - [2004/07/30 14:05:08 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSIOMngr.sys -- (SrvcSSIOMngr)
      DRV - [2003/09/19 00:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
      DRV - [2003/01/29 22:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=stonices&s={searchTerms}&f=4
      IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?ocid=iehp
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 67 4D DA A1 C5 4C CD 01 [binary data]
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.es/
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=ES&install_date=20120714&user_guid=55BF8DFBCD82483FBFA8D5678202426B&machine_id=90f0c05f1947ba3fc448e5767c338f35&browser=IE&os=win&os_version=5.1-x86-SP3&iesrc={referrer:source}
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=stonices&s={searchTerms}&f=4
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110819&tt=060612_7_&babsrc=SP_ss&mntrId=a81d14f400000000000000166f87f65e
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_es
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={A145546E-0895-4D3B-8F4A-499242D5B076}&mid=ed197ec0660147d18ae9d15f92fa4bb5-14cee75569763bd065396ba54b9ada25ccf8445e&lang=es&ds=AVG&pr=fr&d=2012-07-11 17:43:22&v=12.2.5.32&sap=dsp&q={searchTerms}
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031837
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
      FF - prefs.js..browser.search.defaultthis.engineName: "SFT_com4 Customized Web Search"
      FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3031837&SearchSource=3&q={searchTerms}"
      FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..browser.startup.homepage: "http://www.google.es/"
      FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
      FF - prefs.js..extensions.enabledItems: [email protected]:1.2.0
      FF - prefs.js..extensions.enabledItems: [email protected]:1.3.0
      FF - prefs.js..extensions.enabledItems: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.5.0
      FF - prefs.js..extensions.enabledItems: {5aaf65e2-643b-4d18-a977-b28165c54949}:3.6.0.10
      FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.4.1.00
      FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
      FF - prefs.js..extensions.enabledItems: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
      FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
      FF - prefs.js..extensions.enabledItems: [email protected]:1.0
      FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191
      FF - prefs.js..extensions.enabledItems: [email protected]:13.2.0.5
      FF - prefs.js..keyword.URL: "http://www.searchqu.com/web?src=ffb&appid=0&systemid=410&sr=0&q="
      FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Facemoods Search"
      FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
      FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
      FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?babsrc=HP_ss&ss=1&affID=100392&mntrId=a81d14f400000000000000166f87f65e"
      FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"


      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Archivos de programa\Archivos comunes\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
      FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Archivos de programa\Google\Picasa3\npPicasa3.dll (Google, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Archivos de programa\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Archivos de programa\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Archivos de programa\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Archivos de programa\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/30 23:50:23 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Archivos de programa\AVG\AVG2012\Firefox4\ [2012/09/14 18:42:34 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Documents and Settings\All Users\Datos de programa\AVG Secure Search\FireFoxExt\13.2.0.5 [2012/11/10 18:58:40 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2012/05/23 17:06:31 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2012/05/16 16:24:26 | 000,000,000 | ---D | M]

      [2011/12/01 00:05:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Extensions
      [2012/11/10 20:06:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions
      [2010/07/09 22:55:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
      [2012/08/31 08:38:50 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
      [2011/08/16 19:25:14 | 000,000,000 | ---D | M] (SFT_com4 Community Toolbar) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions\{5aaf65e2-643b-4d18-a977-b28165c54949}
      [2011/12/01 00:05:49 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
      [2010/08/28 19:15:50 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
      [2012/06/09 20:30:26 | 000,000,000 | ---D | M] (DealPly) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
      [2011/07/22 19:12:22 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
      [2011/07/22 18:56:41 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions\[email protected]
      [2011/07/22 19:06:07 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions\[email protected]
      [2010/10/10 15:46:56 | 000,004,669 | ---- | M] () (No name found) -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\extensions\[email protected]\content\xpiInstallLgc.js
      [2010/06/19 23:22:52 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\searchplugins\bing.xml
      [2011/08/04 08:31:18 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\searchplugins\conduit.xml
      [2011/12/01 00:05:20 | 000,002,520 | ---- | M] () -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\searchplugins\SearchResults.xml
      [2011/07/22 19:12:17 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\searchplugins\sweetim.xml
      [2012/07/14 15:09:53 | 000,001,390 | ---- | M] () -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Mozilla\Firefox\Profiles\0lvwlpus.default\searchplugins\yahoo-zugo.xml
      [2012/11/10 19:52:02 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2010/06/14 22:37:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
      [2012/09/14 18:42:34 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\ARCHIVOS DE PROGRAMA\AVG\AVG2012\FIREFOX4
      [2010/06/14 22:35:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\ARCHIVOS DE PROGRAMA\JAVA\JRE6\LIB\DEPLOY\JQS\FF
      [2011/12/01 00:05:56 | 000,000,000 | ---D | M] (SearchCore for Browsers) -- C:\ARCHIVOS DE PROGRAMA\SEARCHCORE FOR BROWSERS\SEARCHCORE FOR BROWSERS\FIREFOXEXTENSION
      [2012/11/10 18:58:40 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATOS DE PROGRAMA\AVG SECURE SEARCH\FIREFOXEXT\13.2.0.5
      [2010/06/14 22:35:22 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\mozilla firefox\plugins\npdeployJava1.dll
      [2012/11/10 18:58:25 | 000,003,572 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\avg-secure-search.xml
      [2012/06/09 20:27:52 | 000,002,352 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\babylon.xml
      [2010/04/01 18:01:14 | 000,003,996 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\drae.xml
      [2010/04/01 18:01:14 | 000,000,751 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\eBay-es.xml
      [2011/07/22 19:06:08 | 000,002,051 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\fcmdSrch.xml
      [2011/12/01 00:05:20 | 000,002,520 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\SearchResults.xml
      [2010/04/01 18:01:14 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\wikipedia-es.xml
      [2010/04/01 18:01:14 | 000,001,102 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://search.babylon.com/?affID=110819&tt=060612_7_&babsrc=HP_ss&mntrId=a81d14f400000000000000166f87f65e
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Archivos de programa\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Archivos de programa\Google\Chrome\Application\19.0.1084.52\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Archivos de programa\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Archivos de programa\Java\jre6\bin\new_plugin\npdeployJava1.dll
      CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Archivos de programa\Java\jre6\bin\new_plugin\npjp2.dll
      CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\NPOFFICE.DLL
      CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\nppl3260.dll
      CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\nprpjplug.dll
      CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
      CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin7.dll
      CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\nprjplug.dll
      CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npdrmv2.dll
      CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npwmsdrm.dll
      CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Archivos de programa\Windows Media Player\npdsplay.dll
      CHR - plugin: Picasa (Enabled) = C:\Archivos de programa\Google\Picasa3\npPicasa3.dll
      CHR - plugin: Google Update (Enabled) = C:\Archivos de programa\Google\Update\1.3.21.99\npGoogleUpdate3.dll
      CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: iTunes Application Detector (Enabled) = C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll
      CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Archivos de programa\Microsoft Silverlight\3.0.40624.0\npctrl.dll
      CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
      CHR - plugin: Default Plug-in (Enabled) = default_plugin
      CHR - Extension: Facemoods = C:\Documents and Settings\Laura Diaz Ragel\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.3.0_0\
      CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Laura Diaz Ragel\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

      O1 HOSTS File: ([2004/08/20 11:00:00 | 000,000,792 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
      O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Archivos de programa\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
      O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Datos de programa\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
      O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Archivos de programa\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
      O2 - BHO: (SFT_com4 Toolbar) - {5aaf65e2-643b-4d18-a977-b28165c54949} - C:\Archivos de programa\SFT_com4\prxtbSFT2.dll (Conduit Ltd.)
      O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
      O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Archivos de programa\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll (facemoods.com BHO)
      O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Archivos de programa\StartNow Toolbar\Toolbar32.dll ()
      O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Archivos de programa\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
      O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Archivos de programa\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
      O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Archivos de programa\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc)
      O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Archivos de programa\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
      O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
      O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Archivos de programa\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
      O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Archivos de programa\StartNow Toolbar\Toolbar32.dll ()
      O3 - HKLM\..\Toolbar: (SFT_com4 Toolbar) - {5aaf65e2-643b-4d18-a977-b28165c54949} - C:\Archivos de programa\SFT_com4\prxtbSFT2.dll (Conduit Ltd.)
      O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Archivos de programa\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
      O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Archivos de programa\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
      O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Archivos de programa\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
      O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Archivos de programa\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll (facemoods.com)
      O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Archivos de programa\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\Toolbar\WebBrowser: (SFT_com4 Toolbar) - {5AAF65E2-643B-4D18-A977-B28165C54949} - C:\Archivos de programa\SFT_com4\prxtbSFT2.dll (Conduit Ltd.)
      O3 - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Archivos de programa\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [AppleSyncNotifier] C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
      O4 - HKLM..\Run: [APSDaemon] C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [AVG_TRAY] C:\Archivos de programa\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
      O4 - HKLM..\Run: [CeEKEY] C:\Archivos de programa\Toshiba\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
      O4 - HKLM..\Run: [DATAMNGR] C:\Archivos de programa\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc)
      O4 - HKLM..\Run: [facemoods] C:\Archivos de programa\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe (facemoods.com)
      O4 - HKLM..\Run: [HF_G_Jul] C:\Archivos de programa\AVG Secure Search\HF_G_Jul.exe ()
      O4 - HKLM..\Run: [HWSetup] C:\Archivos de programa\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
      O4 - HKLM..\Run: [LogMeIn GUI] C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
      O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
      O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
      O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Archivos de programa\Archivos comunes\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
      O4 - HKLM..\Run: [PadTouch] C:\Archivos de programa\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
      O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Archivos de programa\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
      O4 - HKLM..\Run: [SmoothView] C:\Archivos de programa\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      O4 - HKLM..\Run: [SVPWUTIL] C:\Archivos de programa\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
      O4 - HKLM..\Run: [SweetIM] C:\Archivos de programa\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
      O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
      O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
      O4 - HKLM..\Run: [TkBellExe] C:\Archivos de programa\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
      O4 - HKLM..\Run: [TPNF] C:\Archivos de programa\Toshiba\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
      O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [Tvs] C:\Archivos de programa\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation)
      O4 - HKLM..\Run: [vProt] C:\Archivos de programa\AVG Secure Search\vprot.exe ()
      O4 - HKLM..\Run: [Zooming] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
      O4 - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006..\Run: [Spotify Web Helper] C:\Archivos de programa\Spotify\Data\SpotifyWebHelper.exe ()
      O4 - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006..\Run: [TOSCDSPD] C:\Archivos de programa\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
      O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
      O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\SanDisk Media Manager.lnk = File not found
      O4 - Startup: C:\Documents and Settings\Laura Diaz Ragel\Menú Inicio\Programas\Inicio\ctfmon.lnk = C:\Documents and Settings\All Users\Datos de programa\lsass.exe (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
      O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-21-2594648359-1806016896-2759935488-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1276187871654 (WUWebControl Class)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
      O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)
      O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4188EE10-62D0-4AAA-BBA4-2546E8ECE108}: NameServer = 80.58.0.33
      O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Archivos de programa\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Archivos de programa\Archivos comunes\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
      O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (C:\ARCHIV~1\SEARCH~1\SEARCH~1\datamngr.dll) - C:\Archivos de programa\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc)
      O20 - AppInit_DLLs: (C:\ARCHIV~1\SEARCH~1\SEARCH~1\IEBHO.dll) - C:\Archivos de programa\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
      O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
      O24 - Desktop WallPaper: C:\Documents and Settings\Laura Diaz Ragel\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O24 - Desktop BackupWallPaper: C:\Documents and Settings\Laura Diaz Ragel\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2005/09/19 12:46:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
      O33 - MountPoints2\{546702e0-b2eb-11df-a83a-0016d41ea246}\Shell - "" = AutoRun
      O33 - MountPoints2\{546702e0-b2eb-11df-a83a-0016d41ea246}\Shell\AutoRun\command - "" = E:\AutoRun.exe
      O33 - MountPoints2\{64684312-b2cc-11df-a838-0016d41ea246}\Shell - "" = AutoRun
      O33 - MountPoints2\{64684312-b2cc-11df-a838-0016d41ea246}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
      O33 - MountPoints2\{a93e43d3-74ac-11df-a80a-0016d41ea246}\Shell - "" = AutoRun
      O33 - MountPoints2\{a93e43d3-74ac-11df-a80a-0016d41ea246}\Shell\AutoRun\command - "" = E:\AutoRun.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/11/10 20:03:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Laura Diaz Ragel\Escritorio\OTL.exe
      [2012/10/19 21:58:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Datos de programa\lsass.exe
      [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
      [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/11/11 12:14:57 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2594648359-1806016896-2759935488-1006.job
      [2012/11/11 12:14:54 | 000,001,118 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
      [2012/11/11 12:14:53 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Laura Diaz Ragel.job
      [2012/11/11 12:14:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2012/11/10 20:03:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laura Diaz Ragel\Escritorio\OTL.exe
      [2012/11/10 19:58:02 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Laura Diaz Ragel.job
      [2012/11/10 19:55:02 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
      [2012/11/10 19:55:02 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Laura Diaz Ragel.job
      [2012/11/10 19:30:28 | 083,023,306 | ---- | M] () -- C:\Documents and Settings\All Users\Datos de programa\ism_0_llatsni.pad
      [2012/11/10 18:58:20 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
      [2012/11/10 18:56:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
      [2012/11/01 12:54:40 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2594648359-1806016896-2759935488-1006.job
      [2012/10/31 21:08:55 | 000,505,084 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
      [2012/10/31 21:08:54 | 000,441,552 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
      [2012/10/31 21:08:54 | 000,090,824 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
      [2012/10/31 21:08:54 | 000,071,488 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
      [2012/10/19 23:00:55 | 000,082,432 | ---- | M] () -- C:\Documents and Settings\Laura Diaz Ragel\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/10/19 22:14:54 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
      [2012/10/19 21:58:15 | 000,001,073 | ---- | M] () -- C:\Documents and Settings\Laura Diaz Ragel\Menú Inicio\Programas\Inicio\ctfmon.lnk
      [2012/10/19 21:20:59 | 113,857,741 | ---- | M] () -- C:\Documents and Settings\Laura Diaz Ragel\Escritorio\Tenpel-ciclos-descargaoficial.zip
      [2012/10/17 22:19:21 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
      [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
      [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/10/19 22:14:52 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
      [2012/10/19 21:58:15 | 000,001,073 | ---- | C] () -- C:\Documents and Settings\Laura Diaz Ragel\Menú Inicio\Programas\Inicio\ctfmon.lnk
      [2012/10/19 21:58:07 | 083,023,306 | ---- | C] () -- C:\Documents and Settings\All Users\Datos de programa\ism_0_llatsni.pad
      [2012/10/19 21:21:00 | 113,857,741 | ---- | C] () -- C:\Documents and Settings\Laura Diaz Ragel\Escritorio\Tenpel-ciclos-descargaoficial.zip
      [2012/10/06 17:17:07 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
      [2012/07/14 15:09:42 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
      [2012/04/06 18:55:03 | 000,019,092 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
      [2012/03/19 21:55:19 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\All Users\Datos de programa\Microsoft.SqlServer.Compact.351.32.bc
      [2012/02/19 17:51:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
      [2011/12/01 00:05:13 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
      [2011/08/21 21:20:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
      [2011/02/01 23:02:23 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
      [2010/08/04 18:49:54 | 000,082,432 | ---- | C] () -- C:\Documents and Settings\Laura Diaz Ragel\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2010/08/04 18:21:29 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Datos de programa\Dialogs
      [2010/08/04 18:21:29 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Definition Bundle
      [2010/08/04 18:21:29 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Datos de programa\PKP_DLdu.DAT
      [2010/06/10 16:42:44 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\Laura Diaz Ragel\Configuración local\Datos de programa\fusioncache.dat

      ========== ZeroAccess Check ==========

      [2005/09/19 12:54:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shdocvw.dll -- [2010/04/16 17:07:57 | 001,510,400 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:52:53 | 000,473,600 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 06:48:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2010/06/11 01:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Datos de programa\toshiba
      [2010/07/18 19:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Alwil Software
      [2012/02/28 22:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\AVAST Software
      [2012/11/10 18:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\AVG Secure Search
      [2012/03/02 13:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\AVG2012
      [2011/07/22 18:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Babylon
      [2011/12/02 21:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\boost_interprocess
      [2011/12/26 21:46:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Datos de programa\Common Files
      [2010/08/04 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\EnterNHelp
      [2010/08/04 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\laserjet
      [2012/11/11 12:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\LogMeIn
      [2012/11/10 19:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\MFAData
      [2010/08/04 18:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Nikon
      [2011/07/22 19:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\SweetIM
      [2012/01/29 19:42:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
      [2010/08/04 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Ultima_T15
      [2010/08/15 21:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
      [2010/06/11 01:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Datos de programa\toshiba
      [2011/12/30 17:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\AVG
      [2012/02/28 23:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\AVG Secure Search
      [2011/12/26 22:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\AVG2012
      [2011/07/22 18:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Babylon
      [2012/06/09 20:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\BabylonToolbar
      [2011/07/22 19:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\facemoods.com
      [2011/12/01 00:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\FreeAudioPack
      [2011/12/01 00:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\FreeCDRipper
      [2011/12/11 23:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\InterVideo
      [2010/11/16 23:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Nikon
      [2012/11/11 12:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\PriceGong
      [2011/12/01 01:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\searchquband
      [2011/12/01 01:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\searchqutoolbar
      [2012/07/22 11:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Spotify
      [2012/06/09 20:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\SumatraPDF
      [2010/06/10 17:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\Telefónica Móviles
      [2010/06/11 01:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Laura Diaz Ragel\Datos de programa\toshiba

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2010/08/29 00:43:35 | 000,001,024 | ---- | M] () -- C:\.rnd
      [2005/09/19 12:46:21 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
      [2010/06/10 16:41:24 | 000,000,211 | RHS- | M] () -- C:\boot.ini
      [2004/08/20 11:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
      [2005/09/19 12:46:21 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
      [2012/10/06 17:17:10 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG
      [2005/09/19 12:46:21 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2005/09/19 12:46:21 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2004/08/20 11:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
      [2010/06/10 16:59:51 | 000,251,168 | RHS- | M] () -- C:\ntldr
      [2012/11/11 12:14:38 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
      [2006/04/05 17:57:07 | 000,000,180 | -H-- | M] () -- C:\SWSTAMP.TXT
      [2001/01/10 11:23:58 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
      [2012/06/09 20:28:24 | 000,000,250 | ---- | M] () -- C:\user.js

      < %PROGRAMFILES%\*.* >

      < %systemroot%\*. /mp /s >

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Datos de programa\TEMP:0B4227B4

      < End of report >

    2. #2
      Ex-Colaborador Avatar de RevesdeLiberte
      Registrado
      feb 2010
      Ubicación
      México
      Mensajes
      7.976

      Re: policia 100 euros

      Hola laura2012
      Bienvenido al Foro de InfoSpyware.





      Por favor has los pasos indicados en esta guía, si puedes ejecuta desde Windows PoliFix.exe: Eliminar Virus de la Policía (Ransomware). Se genera un reporte en C:\PoliFix.txt el cual debes pegar en tu siguiente respuesta.


      Saludos.
      La paciencia es un árbol de raíces amargas, pero de frutos dulces.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de munari
      Registrado
      feb 2008
      Ubicación
      españa
      Mensajes
      18

      Re: policia 100 euros

      Laura: Espero que con la informacion de los pasos a seguir para la eliminacion del troyano que bloquea el acceso a Internet y que incluyo a continuacion.
      Son 2 los archivos que estan infectados:
      (Trojan.Delt) C:\ProgramData\lsass.exe
      (Exploit.Drop.G.S) C:\Users\AppData \Local\tmp\vgsdgdsgsd.exe
      Busca en tu sistema, wgsdgdsgsd.exe y eliminalo, es sistema te comunicara que este archivo no puede eliminarse,intenta por 2ª vez la eliminacion y desaparecera.
      Entra en el registro y abre HKEY LOCAL MACHINE -Software\Microsoft\Windows\CurrentVersion\Run y elimina los registros infectados.
      Escanea el sistema con el programa gratuito "Malwarebytes Anti-Malware" para localizar y eliminar el troyano y el exploit.
      NOTA: Debes entrar en tu sistema en "Modo Seguro"
      Espero que soluciones el problema sin dificultad.
      Saludos