• Registrarse
  • Iniciar sesión


  • Resultados 1 al 2 de 2

    Soy otra victima del virus policia.

    Yo tambien estoy infectado con el virus de la policia y por eso estoy aqui. Tengo el ordenador bloqueado y solo puedo usar el modo seguro con red. Espero que me puedan ayudar :_). Por ...

    1. #1
      Usuario Avatar de Jaume Vilaseca
      Registrado
      dic 2012
      Mensajes
      1

      Malware Soy otra victima del virus policia.

      Yo tambien estoy infectado con el virus de la policia y por eso estoy aqui. Tengo el ordenador bloqueado y solo puedo usar el modo seguro con red. Espero que me puedan ayudar :_). Por lo que pude leer hay que pasar el programa OTL y pegar el report que te da.. pues aqui esta:

      OTL logfile created on: 26/12/2012 23:30:14 - Run 2
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jaume\Downloads
      64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,97 Gb Total Physical Memory | 3,28 Gb Available Physical Memory | 82,76% Memory free
      7,93 Gb Paging File | 7,28 Gb Available in Paging File | 91,74% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 456,33 Gb Total Space | 15,64 Gb Free Space | 3,43% Space Free | Partition Type: NTFS

      Computer Name: JAUME-VAIO | User Name: Jaume | Logged in as Administrator.
      Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Jaume\Downloads\OTL.exe (OldTimer Tools)
      PRC - c:\PROGRA~2\mcafee.com\agent\mcagent.exe (McAfee, Inc.)
      PRC - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (CrossLoopService) -- C:\Users\Jaume\AppData\Local\CrossLoop\CrossLoopService.exe (CrossLoop Inc)
      SRV - (tvnserver) -- C:\Users\Jaume\AppData\Local\CrossLoop\tvnserver.exe (GlavSoft LLC.)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
      SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
      SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
      SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
      SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
      SRV - (MSK80Service) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
      SRV - (EvtEng) -- C:\Archivos de programa\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
      SRV - (RegSrvc) -- C:\Archivos de programa\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
      SRV - (mcmscsvc) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
      SRV - (McODS) -- C:\Archivos de programa\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
      SRV - (McShield) -- C:\Archivos de programa\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
      SRV - (McSysmon) -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
      SRV - (VSNService) -- C:\Archivos de programa\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
      SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
      SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
      SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
      SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
      SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
      SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
      SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
      SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
      SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
      SRV - (VAIO Power Management) -- C:\Archivos de programa\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
      SRV - (McProxy) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
      SRV - (McNASvc) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
      SRV - (btwdins) -- C:\Archivos de programa\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
      SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
      SRV - (VcmINSMgr) -- C:\Archivos de programa\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
      SRV - (VcmIAlzMgr) -- C:\Archivos de programa\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
      SRV - (VcmXmlIfHelper) -- C:\Archivos de programa\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
      SRV - (RtkAudioService) -- C:\Archivos de programa\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
      SRV - (NMSAccess64) -- C:\Windows\SysWOW64\NMSAccess64.exe ()
      SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
      SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
      SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
      DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
      DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
      DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
      DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
      DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)
      DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
      DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
      DRV:64bit: - (ZTEWMSD_637) -- C:\Windows\SysNative\drivers\ZTEWMSD_637.sys (ZTE Corporation)
      DRV:64bit: - (ZTEusbnet) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys (ZTE Corporation)
      DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbnmeaext) -- C:\Windows\SysNative\drivers\ZTEusbnmeaext.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbMB) -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys (ZTE Incorporated)
      DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
      DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
      DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)
      DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)
      DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
      DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
      DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
      DRV:64bit: - (risdptsk) -- C:\Windows\SysNative\drivers\risdsn64.sys (REDC)
      DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimssn64.sys (REDC)
      DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
      DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
      DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
      DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
      DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
      DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
      DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
      DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
      DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
      DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
      DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
      DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
      DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
      DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
      DRV:64bit: - (MPFP) -- C:\Windows\SysNative\drivers\Mpfp.sys (McAfee, Inc.)
      DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
      DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
      DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
      DRV:64bit: - (OV550I) -- C:\Windows\SysNative\drivers\FilmScan.sys (Omnivision Technologies, Inc.)
      DRV:64bit: - (s117unic) -- C:\Windows\SysNative\drivers\s117unic.sys (MCCI Corporation)
      DRV:64bit: - (s117obex) -- C:\Windows\SysNative\drivers\s117obex.sys (MCCI Corporation)
      DRV:64bit: - (s117nd5) -- C:\Windows\SysNative\drivers\s117nd5.sys (MCCI Corporation)
      DRV:64bit: - (s117mdm) -- C:\Windows\SysNative\drivers\s117mdm.sys (MCCI Corporation)
      DRV:64bit: - (s117mgmt) -- C:\Windows\SysNative\drivers\s117mgmt.sys (MCCI Corporation)
      DRV:64bit: - (s117mdfl) -- C:\Windows\SysNative\drivers\s117mdfl.sys (MCCI Corporation)
      DRV:64bit: - (s117bus) -- C:\Windows\SysNative\drivers\s117bus.sys (MCCI Corporation)
      DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\drivers\ElbyCDFL.sys (SlySoft, Inc.)
      DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
      DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
      DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.)
      DRV - (PCLEPCI) -- C:\Windows\SysWOW64\drivers\Pclepci.sys (Pinnacle Systems GmbH)
      DRV - (usbhub) -- C:\Windows\SysWOW64\drivers\usbhub.sys (Microsoft Corporation)
      DRV - (usbehci) -- C:\Windows\SysWOW64\drivers\usbehci.sys (Microsoft Corporation)
      DRV - (usbuhci) -- C:\Windows\SysWOW64\drivers\usbuhci.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVEA&bmod=EU01
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
      IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
      IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKCU\..\SearchScopes\{7FDC4A19-3049-4A1E-A224-4C74E1CC4D1A}: "URL" = http://www.google.es/search?hl=es&q={searchTerms}&meta=&rlz=1I7SVEA_esES355
      IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={62F311E2-0623-42AD-A728-3EDC1ECAAB51}&mid=70d86986933047d09179d16df8dbf209-a5999ae2bd97ea7e7ae49861f3d5bb352c05f030&lang=es-es&ds=gm011&pr=sa&d=2012-05-13 21:31:13&v=11.0.0.9&sap=dsp&q={searchTerms}
      IE - HKCU\..\SearchScopes\{9AD98D43-DA39-4030-8668-8641A4ED7231}: "URL" = http://rover.ebay.com/rover/1/1185-80716-26233-2/4?satitle={searchTerms}
      IE - HKCU\..\SearchScopes\{B97D43DC-74FD-45DE-A9F9-BA349BC02843}: "URL" = http://services.zinio.com/search?s={selection}&rf=sonyslices
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
      FF - prefs.js..browser.startup.homepage: "http://www.google.es/"
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
      FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?barid={7BD4A45D-2C31-4F16-8D3C-3BE4ECD3D672}&src=2&crg=3.1010000.10039&q="


      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
      FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Jaume\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
      FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Jaume\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jaume\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/08/24 19:22:15 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2012/02/22 19:41:11 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/06 17:08:51 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/06 17:08:42 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/03/01 15:59:13 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/06 17:08:51 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/06 17:08:42 | 000,000,000 | ---D | M]

      [2009/11/26 22:17:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jaume\AppData\Roaming\mozilla\Extensions
      [2012/12/04 20:32:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jaume\AppData\Roaming\mozilla\Firefox\Profiles\8gj8h5u9.default\extensions
      [2009/11/29 15:08:02 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Jaume\AppData\Roaming\mozilla\Firefox\Profiles\8gj8h5u9.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
      [2012/11/05 00:32:15 | 000,003,915 | ---- | M] () -- C:\Users\Jaume\AppData\Roaming\mozilla\firefox\profiles\8gj8h5u9.default\searchplugins\sweetim.xml
      [2012/12/06 17:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/12/06 17:08:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      [2012/12/06 17:08:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/04/08 18:28:07 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
      [2012/06/24 12:18:20 | 000,003,771 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
      [2010/05/25 11:36:20 | 000,002,191 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
      [2012/10/04 13:16:56 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/12/06 17:08:50 | 000,004,095 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/12/06 17:08:50 | 000,001,356 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2012/10/20 01:23:56 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/12/06 17:08:50 | 000,001,391 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/12/06 17:08:49 | 000,001,315 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - homepage:
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
      CHR - homepage:
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
      CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Jaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
      CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
      CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
      CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
      CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
      CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
      CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Jaume\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
      CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Jaume\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
      CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Jaume\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
      CHR - Extension: Google Drive = C:\Users\Jaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
      CHR - Extension: YouTube = C:\Users\Jaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\Jaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
      CHR - Extension: SiteAdvisor = C:\Users\Jaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
      CHR - Extension: Gmail = C:\Users\Jaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL ()
      O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Archivos de programa\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll ()
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      O4:64bit: - HKLM..\Run: [Apoint] C:\Archivos de programa\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
      O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Archivos de programa\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4:64bit: - HKLM..\Run: [Skytel] C:\Archivos de programa\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
      O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
      O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
      O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
      O4 - HKLM..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe (SEIKO EPSON CORPORATION)
      O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
      O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
      O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
      O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
      O4 - HKLM..\Run: [McENUI] C:\PROGRA~2\McAfee\MHN\McENUI.exe /hide File not found
      O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
      O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKCU..\Run: [AdobeBridge] File not found
      O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Jaume\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
      O4 - HKCU..\Run: [bqbpfdSnoq] C:\ProgramData\banqchczdca.exe ()
      O4 - HKCU..\Run: [Facebook Update] C:\Users\Jaume\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
      O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
      O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray File not found
      O4 - Startup: C:\Users\Jaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
      O4 - Startup: C:\Users\Jaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk = C:\Users\Jaume\AppData\Local\Temp\_uninst_.bat ()
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html File not found
      O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra Button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra 'Tools' menuitem : Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
      O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
      O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
      O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://192.168.0.200/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClient Control)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04FFDB66-CFEA-4943-B720-00BD4A3DAE25}: DhcpNameServer = 192.168.0.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92391E8D-7696-4EA9-8AFC-7BA42BEB9997}: DhcpNameServer = 192.168.42.129
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8939C2D-F620-423A-9BFC-A257B4D07D67}: DhcpNameServer = 192.168.1.1
      O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O33 - MountPoints2\{108b0f70-3551-11e2-8f63-0024be3f1bfa}\Shell - "" = AutoRun
      O33 - MountPoints2\{108b0f70-3551-11e2-8f63-0024be3f1bfa}\Shell\AutoRun\command - "" = I:\clobex.exe
      O33 - MountPoints2\{4eac8f40-0d16-11e0-9ebb-0024be7957f6}\Shell - "" = AutoRun
      O33 - MountPoints2\{4eac8f40-0d16-11e0-9ebb-0024be7957f6}\Shell\AutoRun\command - "" = H:\AutoRunCardDetector.exe
      O33 - MountPoints2\{6fffef83-8e72-11df-b12d-0024d611683a}\Shell - "" = AutoRun
      O33 - MountPoints2\{6fffef83-8e72-11df-b12d-0024d611683a}\Shell\AutoRun\command - "" = H:\AutoRun.exe
      O33 - MountPoints2\{77b5d5a1-049e-11e0-aa9c-0024d611683a}\Shell - "" = AutoRun
      O33 - MountPoints2\{77b5d5a1-049e-11e0-aa9c-0024d611683a}\Shell\AutoRun\command - "" = H:\MicroLauncher.exe
      O33 - MountPoints2\{cb33d155-ffe0-11df-9d8b-0024be7957f6}\Shell - "" = AutoRun
      O33 - MountPoints2\{cb33d155-ffe0-11df-9d8b-0024be7957f6}\Shell\AutoRun\command - "" = C:\Windows\SysWow64\explorer.exe -- [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation)
      O33 - MountPoints2\{cb33d155-ffe0-11df-9d8b-0024be7957f6}\Shell\explorer\Command - "" = C:\Windows\SysWow64\explorer.exe -- [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation)
      O33 - MountPoints2\H\Shell - "" = AutoRun
      O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\MicroLauncher.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



      CREATERESTOREPOINT
      Unable to start System Restore Service. Error code 1084

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/12/26 22:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
      [2012/12/23 21:19:35 | 000,000,000 | ---D | C] -- C:\Users\Jaume\Desktop\efectos de sonido
      [2012/12/16 22:07:47 | 000,000,000 | ---D | C] -- C:\Users\Jaume\AppData\Local\{5DF4F8E6-4743-44FF-BE10-56C680246E30}
      [2012/12/12 22:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Docudesk
      [2012/12/12 22:26:17 | 000,000,000 | ---D | C] -- C:\Users\Jaume\AppData\Local\PackageAware
      [2012/12/12 21:06:21 | 000,000,000 | ---D | C] -- C:\Users\Jaume\Desktop\fras yoigo
      [2012/12/07 18:49:59 | 000,000,000 | ---D | C] -- C:\Users\Jaume\AppData\Local\{306AA080-D4C5-4D3C-942E-B53BF04D0EAB}
      [2012/12/06 17:08:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2012/12/01 01:53:11 | 000,000,000 | ---D | C] -- C:\Users\Jaume\AppData\Local\{D7210100-F831-4FA6-B4CA-79FBFC8BF6C8}
      [2012/11/30 18:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
      [2012/11/28 11:04:51 | 000,000,000 | ---D | C] -- C:\Users\Jaume\AppData\Roaming\Malwarebytes
      [2012/11/28 11:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/11/28 11:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/11/28 11:04:34 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2012/11/28 11:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2012/06/13 18:55:19 | 005,838,848 | ---- | C] (AEAT) -- C:\Users\Jaume\Actualizacion_Renta2010_windows_1_20.exe
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/12/26 23:24:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/12/26 23:23:35 | 3195,293,696 | -HS- | M] () -- C:\hiberfil.sys
      [2012/12/26 23:09:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/12/26 23:09:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/12/26 23:09:13 | 000,008,212 | ---- | M] () -- C:\Windows\mfebcdata
      [2012/12/26 23:07:25 | 000,099,840 | ---- | M] () -- C:\ProgramData\banqchczdca.exe
      [2012/12/26 23:06:24 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/12/26 22:55:13 | 000,000,928 | ---- | M] () -- C:\Users\Jaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk
      [2012/12/26 20:03:07 | 000,099,840 | ---- | M] () -- C:\Users\Jaume\AppData\Local\banqchczdca.exe
      [2012/12/26 20:00:41 | 000,099,840 | ---- | M] () -- C:\Users\Jaume\AppData\Roaming\banqchczdca.exe
      [2012/12/26 19:37:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/12/26 19:28:02 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2346287640-1512467966-733166750-1001UA.job
      [2012/12/26 18:49:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/12/26 01:21:43 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
      [2012/12/25 23:23:17 | 000,000,090 | ---- | M] () -- C:\Windows\WA.INI
      [2012/12/25 22:59:08 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2346287640-1512467966-733166750-1001Core.job
      [2012/12/25 20:58:17 | 001,825,586 | ---- | M] () -- C:\Users\Jaume\Documents\Fuzzyeyeballs » Others »..pdf
      [2012/12/23 22:48:32 | 000,086,528 | ---- | M] () -- C:\Users\Jaume\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/12/23 21:23:27 | 001,563,536 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/12/23 21:23:27 | 000,706,978 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/12/23 21:23:27 | 000,619,146 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/12/23 21:23:27 | 000,138,884 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/12/23 21:23:27 | 000,107,466 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/12/23 15:53:22 | 005,715,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2012/12/23 01:27:12 | 000,000,257 | ---- | M] () -- C:\Users\Jaume\Desktop\Mi película 2.scn
      [2012/12/23 01:08:10 | 000,007,168 | -H-- | M] () -- C:\Users\Jaume\Desktop\photothumb.db
      [2012/12/17 15:29:28 | 020,178,706 | ---- | M] () -- C:\Users\Jaume\Desktop\Mi película 2.mp4
      [2012/12/15 01:00:00 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
      [2012/12/14 12:57:40 | 000,077,039 | ---- | M] () -- C:\Users\Jaume\Desktop\Infofeina - Vols iniciar el teu camí cap al món laboral.pdf
      [2012/12/05 03:06:10 | 001,921,302 | ---- | M] () -- C:\Users\Jaume\Desktop\Stanley Kubrick ¿Artista obsesivo o genio imprescindible_ _ Cinescopia.pdf
      [2012/12/01 02:15:36 | 000,203,124 | ---- | M] () -- C:\Users\Jaume\Desktop\portrait_18920_jpg_998x1349_q85.jpg
      [2012/12/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
      [2012/11/30 18:39:09 | 000,002,287 | ---- | M] () -- C:\Users\Jaume\Desktop\Google Chrome.lnk
      [2012/11/28 11:04:36 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/11/28 10:57:08 | 095,023,320 | ---- | M] () -- C:\ProgramData\0tbpw.pad
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/12/26 23:09:13 | 000,008,212 | ---- | C] () -- C:\Windows\mfebcdata
      [2012/12/26 23:07:25 | 000,099,840 | ---- | C] () -- C:\ProgramData\banqchczdca.exe
      [2012/12/26 22:55:13 | 000,000,928 | ---- | C] () -- C:\Users\Jaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk
      [2012/12/26 19:37:52 | 000,099,840 | ---- | C] () -- C:\Users\Jaume\AppData\Roaming\banqchczdca.exe
      [2012/12/26 19:36:32 | 000,099,840 | ---- | C] () -- C:\Users\Jaume\AppData\Local\banqchczdca.exe
      [2012/12/25 23:21:25 | 000,000,090 | ---- | C] () -- C:\Windows\WA.INI
      [2012/12/25 20:58:24 | 001,825,586 | ---- | C] () -- C:\Users\Jaume\Documents\Fuzzyeyeballs » Others »..pdf
      [2012/12/23 01:27:07 | 000,000,257 | ---- | C] () -- C:\Users\Jaume\Desktop\Mi película 2.scn
      [2012/12/17 15:22:37 | 020,178,706 | ---- | C] () -- C:\Users\Jaume\Desktop\Mi película 2.mp4
      [2012/12/14 12:57:45 | 000,077,039 | ---- | C] () -- C:\Users\Jaume\Desktop\Infofeina - Vols iniciar el teu camí cap al món laboral.pdf
      [2012/12/05 03:06:13 | 001,921,302 | ---- | C] () -- C:\Users\Jaume\Desktop\Stanley Kubrick ¿Artista obsesivo o genio imprescindible_ _ Cinescopia.pdf
      [2012/12/01 02:15:35 | 000,203,124 | ---- | C] () -- C:\Users\Jaume\Desktop\portrait_18920_jpg_998x1349_q85.jpg
      [2012/11/30 18:39:09 | 000,002,287 | ---- | C] () -- C:\Users\Jaume\Desktop\Google Chrome.lnk
      [2012/11/28 11:04:36 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/11/23 13:54:43 | 095,023,320 | ---- | C] () -- C:\ProgramData\0tbpw.pad
      [2012/11/16 12:41:58 | 000,001,292 | ---- | C] () -- C:\Users\Jaume\baobab.dat
      [2012/11/13 12:29:44 | 000,094,272 | ---- | C] () -- C:\Windows\FreeOCR.net Uninstaller.exe
      [2012/11/05 1453 | 000,057,344 | ---- | C] () -- C:\Windows\ssui.exe
      [2012/08/10 05:37:49 | 000,000,181 | ---- | C] () -- C:\Windows\WININIT.INI
      [2012/03/14 22:19:38 | 000,007,605 | ---- | C] () -- C:\Users\Jaume\AppData\Local\Resmon.ResmonCfg
      [2012/01/08 16:16:00 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
      [2012/01/08 16:15:59 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
      [2012/01/08 16:15:59 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
      [2012/01/08 16:15:58 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
      [2011/12/19 22:49:55 | 000,000,067 | ---- | C] () -- C:\Windows\DVDRegionFreeLite.INI
      [2011/09/16 10:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
      [2011/09/16 10:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
      [2011/09/16 10:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
      [2011/09/16 10:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
      [2011/09/16 10:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
      [2011/08/28 03:08:59 | 000,049,152 | ---- | C] () -- C:\Windows\DelCDSP.exe
      [2011/08/28 03:08:57 | 000,114,688 | ---- | C] () -- C:\Windows\PKCREGD.EXE
      [2011/07/22 13:06:47 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
      [2011/05/04 13:12:00 | 000,000,000 | ---- | C] () -- C:\Users\Jaume\AppData\Local\{421036D0-51EB-48A8-BB57-CDBA1F8C1AAC}
      [2011/04/11 19:47:07 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
      [2011/04/11 19:47:07 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
      [2011/04/11 19:47:07 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
      [2011/04/11 19:47:07 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
      [2011/04/11 19:47:07 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
      [2011/04/11 19:47:07 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
      [2011/04/11 19:47:07 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
      [2011/04/11 19:47:07 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
      [2011/04/11 19:47:07 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
      [2011/04/11 19:47:07 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
      [2011/04/11 19:47:07 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
      [2011/04/11 19:47:07 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
      [2011/04/11 19:47:06 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
      [2011/04/11 19:47:06 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
      [2011/04/11 19:47:06 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
      [2011/04/11 19:47:06 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
      [2011/04/11 19:47:06 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
      [2011/04/11 19:47:06 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
      [2011/04/11 19:47:06 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
      [2011/04/11 19:44:02 | 000,000,025 | ---- | C] () -- C:\Windows\CDE V500DEFGIPSRUk.ini
      [2011/03/05 23:42:40 | 000,020,000 | -H-- | C] () -- C:\ProgramData\W77X4
      [2010/03/01 15:29:56 | 000,086,528 | ---- | C] () -- C:\Users\Jaume\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2009/11/26 15:49:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

      ========== ZeroAccess Check ==========

      [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
      "ThreadingModel" = Both
      "" = C:\$Recycle.Bin\S-1-5-21-2346287640-1512467966-733166750-1001\$f67fc9036540f25fbbec31f925107d47\n.

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\$Recycle.Bin\S-1-5-18\$f67fc9036540f25fbbec31f925107d47\n.
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2012/11/27 21:41:24 | 000,000,000 | -HSD | M] -- C:\Users\Jaume\AppData\Roaming\.#
      [2012/11/28 11:26:29 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\85E8F08FFA82D62BE2A6E11ED106B968
      [2010/03/24 14:36:12 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\AnvSoft
      [2012/06/26 23:30:43 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\calibre
      [2010/12/09 17:24:33 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\EdEt
      [2012/10/03 16:16:52 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\EPSON
      [2010/05/24 15:24:23 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\f2fIntermediate
      [2010/03/10 14:30:31 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Facebook
      [2012/10/11 00:42:01 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\FileMaker
      [2012/09/16 18:47:20 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\FotoPrix
      [2011/10/21 19:47:40 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\GonVisor
      [2011/08/13 15:20:59 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Imor
      [2011/06/15 18:51:03 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Juniper Networks
      [2011/08/17 17:12:43 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Lasersoft Imaging
      [2010/06/21 19:56:15 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\LEGO Company
      [2011/08/06 11:54:03 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\ManyCam
      [2010/06/11 00:01:00 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Nokia
      [2010/06/11 00:01:09 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Nokia Ovi Suite
      [2010/02/25 01:59:37 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Nseries
      [2011/03/12 21:17:42 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\onOne Software
      [2009/12/05 12:59:15 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Opera
      [2010/02/25 01:59:39 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\PC Suite
      [2012/01/23 19:02:27 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\PhotoScape
      [2011/08/05 12:40:01 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Rovio
      [2011/10/26 11:09:10 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Samsung
      [2012/05/14 21:17:34 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Softplicity
      [2010/07/13 12:47:53 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Telefónica Móviles
      [2012/08/10 04:47:05 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Temp
      [2010/10/15 11:26:46 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Toibca
      [2010/10/04 21:40:08 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Uzubuw
      [2011/10/14 20:30:33 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Xaux
      [2010/03/24 23:46:24 | 000,000,000 | ---D | M] -- C:\Users\Jaume\AppData\Roaming\Zylom

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/12/26 23:23:35 | 3195,293,696 | -HS- | M] () -- C:\hiberfil.sys
      [2009/09/08 12:43:10 | 000,000,187 | ---- | M] () -- C:\Installer_Setup.log
      [2009/11/26 14:18:03 | 000,432,454 | ---- | M] () -- C:\lv.log
      [2012/12/26 23:23:48 | 4260,392,960 | -HS- | M] () -- C:\pagefile.sys
      [2009/08/17 14:12:26 | 000,002,849 | ---- | M] () -- C:\RHDSetup.log
      [2009/12/24 14:20:23 | 000,002,976 | ---- | M] () -- C:\RNDIS.log
      [2010/02/18 13:09:27 | 000,000,167 | ---- | M] () -- C:\Setup.log
      [2009/11/26 14:17:19 | 000,000,073 | -H-- | M] () -- C:\splash.idx
      [2009/07/22 19:25:18 | 000,003,712 | -H-- | M] () -- C:\version
      [2012/11/16 12:35:26 | 000,004,298 | ---- | M] () -- C:\WirelessDiagLog.csv

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 3020 bytes -> C:\ProgramData\rkfree:cfg
      @Alternate Data Stream - 24 bytes -> C:\Windows:135F1A148556AB4B

      < End of report >

    2. #2
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: Soy otra victima del virus policia.

      Hola



      Pasá por este link, y hacé exactamente lo que ahí se te indica:


      Guía de cómo eliminar el "Virus de la Policía" (Ransomware)


      Volves con el reporte generado por Polifix y Nos comentas como sigue el problema.


      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.