• Registrarse
  • Iniciar sesión


  • Resultados 1 al 6 de 6

    El sempiterno virus de la doble tilde

    Hola! Desde hace unos días tengo el virus de la doble tilde en mi ordenador de casa (ahora escribo desde el trabajo). He seguido todos los pasos de la guía de esta página para eliminarlo ...

    1. #1
      Usuario Avatar de eldagarposada
      Registrado
      abr 2013
      Ubicación
      España
      Mensajes
      3

      El sempiterno virus de la doble tilde

      Hola! Desde hace unos días tengo el virus de la doble tilde en mi ordenador de casa (ahora escribo desde el trabajo). He seguido todos los pasos de la guía de esta página para eliminarlo (DT Kill, Malwarebytes Antimalware y CCCleaner) varias veces, he consultado el foro, y nada. También instalé el Panda. Pareció desaparecer temporalmente un par de veces pero luego ha vuelto, y ahora para quedarse. ¿Qué puedo hacer? Justo tengo un trabajo urgente qe entregar en 15 días y esto me está ralentizando el trabajo. ¡Gracias!

    2. #2
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.638

      Re: El sempiterno virus de la doble tilde

      Hola




      Descargá OTL By OldTimer





      >>> Ejecutá OTL
      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo asta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Pegá el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:

        NOTA: No copiar la palabra Cita.
        msconfig
        netsvcs
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.




      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    3. #3
      Usuario Avatar de eldagarposada
      Registrado
      abr 2013
      Ubicación
      España
      Mensajes
      3

      Re: El sempiterno virus de la doble tilde

      OTL logfile created on: 4/15/2013 5:40:40 PM - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Elda\Downloads
      Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      2.90 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 61.90% Memory free
      5.80 Gb Paging File | 4.59 Gb Available in Paging File | 79.14% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
      Drive C: | 448.47 Gb Total Space | 409.05 Gb Free Space | 91.21% Space Free | Partition Type: NTFS
      Drive F: | 1.99 Gb Total Space | 1.98 Gb Free Space | 99.77% Space Free | Partition Type: FAT32

      Computer Name: ELDA-HP | User Name: Elda | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Elda\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
      PRC - C:\Users\Elda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      PRC - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Visicom Media Inc.)
      PRC - C:\Program Files\OfferBox\OfferBoxHTTPProxy.exe (Aedge Performance BCN SL)
      PRC - C:\Program Files\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
      PRC - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
      PRC - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
      PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
      PRC - C:\Program Files\InternetEverywhere\WTGService.exe ()
      PRC - C:\Program Files\InternetEverywhere\Launcher.exe (TODO: <Company name>)
      PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
      PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\stacsv.exe (IDT, Inc.)
      PRC - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
      PRC - C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
      PRC - C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
      PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
      PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
      PRC - C:\Program Files\Nuance\PDF Professional 6\PdfPro6Hook.exe (Nuance Communications, Inc.)
      PRC - C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe (Nuance Communications, Inc.)
      PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
      PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\AEstSrv.exe (Andrea Electronics Corporation)
      PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)


      ========== Modules (No Company Name) ==========

      MOD - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
      MOD - c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\a25e06e527720656434230d3ee420427\System.Core.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6954c7f14ea634672cdacf2cd793497e\PresentationFramework.Aero.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c06a0517281bb4a9c7fcaeb58d38cd63\System.Data.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8435718626a24beaeefc98d45ae77127\PresentationFramework.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c0508b05f5c28e37711f447a66368e75\PresentationCore.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll ()
      MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll ()
      MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll ()
      MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll ()
      MOD - C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll ()
      MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll ()
      MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll ()
      MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll ()
      MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll ()
      MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()


      ========== Services (SafeList) ==========

      SRV - (WajamUpdater) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe File not found
      SRV - (BrowserProtect) -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (PSUAService) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      SRV - (NanoServiceMain) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      SRV - (OfferBox update service) -- C:\Program Files\OfferBox\OfferBoxUpdateService.exe (Aedge Performance BCN SL)
      SRV - (HP Support Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
      SRV - (HPDrvMntSvc.exe) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (WTGService) -- C:\Program Files\InternetEverywhere\WTGService.exe ()
      SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\stacsv.exe (IDT, Inc.)
      SRV - (hpHotkeyMonitor) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
      SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
      SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
      SRV - (PDFProFiltSrv) -- C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe (Nuance Communications, Inc.)
      SRV - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\AEstSrv.exe (Andrea Electronics Corporation)
      SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)


      ========== Driver Services (SafeList) ==========

      DRV - (NNSHTTPS) -- C:\Windows\System32\drivers\NNSHttps.sys (Panda Security, S.L.)
      DRV - (NNSSTRM) -- C:\Windows\System32\drivers\NNSStrm.sys (Panda Security, S.L.)
      DRV - (NNSPIHSW) -- C:\Windows\System32\drivers\NNSPihsw.sys (Panda Security, S.L.)
      DRV - (NNSSMTP) -- C:\Windows\System32\drivers\NNSSmtp.sys (Panda Security, S.L.)
      DRV - (NNSTLSC) -- C:\Windows\System32\drivers\NNStlsc.sys (Panda Security, S.L.)
      DRV - (NNSPROT) -- C:\Windows\System32\drivers\NNSProt.sys (Panda Security, S.L.)
      DRV - (NNSPRV) -- C:\Windows\System32\drivers\NNSPrv.sys (Panda Security, S.L.)
      DRV - (NNSPOP3) -- C:\Windows\System32\drivers\NNSPop3.sys (Panda Security, S.L.)
      DRV - (NNSPICC) -- C:\Windows\System32\drivers\NNSpicc.sys (Panda Security, S.L.)
      DRV - (NNSIDS) -- C:\Windows\System32\drivers\NNSIds.sys (Panda Security, S.L.)
      DRV - (NNSHTTP) -- C:\Windows\System32\drivers\NNSHttp.sys (Panda Security, S.L.)
      DRV - (NNSALPC) -- C:\Windows\System32\drivers\NNSAlpc.sys (Panda Security, S.L.)
      DRV - (PSINProt) -- C:\Windows\System32\drivers\PSINProt.sys (Panda Security, S.L.)
      DRV - (PSINProc) -- C:\Windows\System32\drivers\PSINProc.sys (Panda Security, S.L.)
      DRV - (PSINKNC) -- C:\Windows\System32\drivers\PSINKNC.sys (Panda Security, S.L.)
      DRV - (PSINAflt) -- C:\Windows\System32\drivers\PSINAflt.sys (Panda Security, S.L.)
      DRV - (PSINFile) -- C:\Windows\System32\drivers\PSINFile.sys (Panda Security, S.L.)
      DRV - (PSKMAD) -- C:\Windows\System32\drivers\PSKMAD.sys (Panda Security, S.L.)
      DRV - (NNSNAHSL) -- C:\Windows\System32\drivers\NNSNAHSL.sys (Panda Security, S.L.)
      DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
      DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
      DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
      DRV - (rtsuvc) -- C:\Windows\System32\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
      DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
      DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation )
      DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
      DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
      DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
      DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)


      ========== Standard Registry (All) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN España: Hotmail, Messenger, Outlook, Skype, y cuenta Microsoft
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/&quot;executionprotect&quot;/{3D5058E0-816B-4AE2-86A3-6B92C705B9B2}
      IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
      IE - HKLM\..\SearchScopes\{092C53DC-3EB1-4341-9230-84C797F7BD1B}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
      IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1854633

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN España: Hotmail, Messenger, Outlook, Skype, y cuenta Microsoft
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\..\URLSearchHook: {9c905b42-976e-43c1-bc30-fc5937017909} - No CLSID value found
      IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
      IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
      IE - HKCU\..\SearchScopes\{092C53DC-3EB1-4341-9230-84C797F7BD1B}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={searchTerms}&affID=119530&babsrc=SP_ss&mntrId=94BC70F1A1F083EE
      IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://pandasecurityr.mystart.com/?source=5b97eeb3&v=4_0&tbp=rbox&toolbarid=pandasecuritytb&u=63832035BF293EB3E40974516665C5D7&q={searchTerms}
      IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/&quot;executionprotect&quot;/{3D5058E0-816B-4AE2-86A3-6B92C705B9B2}?q={searchTerms}
      IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1854633
      IE - HKCU\..\SearchScopes\{B3DEA6D1-9056-4E0F-B882-FB0D6F57BB21}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYES&apn_uid=EB62DC17-CE17-4845-BAAB-BB89BF0068A5&apn_sauid=226A63FB-6AD8-49E9-9E68-E9DD7070706B
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.offerbox.com
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:56847


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0F827075-B026-42F3-885D-98981EE7B1AE}: C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013/04/10 2003 | 000,000,000 | ---D | M]

      [2013/04/05 16:47:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Elda\AppData\Roaming\mozilla\Extensions
      [2013/04/05 22:27:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Elda\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
      [2013/03/23 00:18:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
      CHR - Extension: Delta Toolbar = C:\Users\Elda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.2_0\
      CHR - Extension: BrowserProtect = C:\Users\Elda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\

      O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll (Zeon Corporation)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
      O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
      O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
      O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
      O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
      O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
      O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
      O3 - HKLM\..\Toolbar: (Nuance PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9C905B42-976E-43C1-BC30-FC5937017909} - No CLSID value found.
      O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
      O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
      O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
      O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
      O4 - HKLM..\Run: [offerbox] C:\Program Files\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
      O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Visicom Media Inc.)
      O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
      O4 - HKLM..\Run: [PDF6 Registry Controller] C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe (Nuance Communications, Inc.)
      O4 - HKLM..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe (Nuance Communications, Inc.)
      O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
      O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      O4 - HKLM..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
      O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
      O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
      O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
      O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
      O4 - HKCU..\Run: [NI4TI6NZFF] C:\Users\Elda\AppData\Roaming\yUGD5ROoF\zjGgvCqBu.exe (bevellers behovingly)
      O4 - HKLM..\RunOnce: [NCInstallQueue] C:\windows\System32\netman.dll (Microsoft Corporation)
      O4 - Startup: C:\Users\Elda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Elda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      O4 - Startup: C:\Users\Elda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
      O8 - Extra context menu item: Abrir con Nuance PDF Converter 6.0 - C:\Program Files\Nuance\PDF Professional 6\cnvres_spa.dll (Nuance Communications, Inc.)
      O8 - Extra context menu item: Anexar al archivo PDF existente - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
      O8 - Extra context menu item: Anexar el contenido de los vínculos seleccionados al archivo PDF existente - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
      O8 - Extra context menu item: Anexar el contenido del vínculo al archivo PDF existente - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
      O8 - Extra context menu item: Crear archivo PDF - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
      O8 - Extra context menu item: Crear archivo PDF del contenido del vínculo - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
      O8 - Extra context menu item: Crear archivos PDF de los vínculos seleccionados - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
      O9 - Extra Button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
      O9 - Extra 'Tools' menuitem : @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000064 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000065 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000066 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000067 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000068 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000069 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000070 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000071 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000072 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000073 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000074 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O13 - gopher Prefix: missing
      O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
      O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD47DB87-A0C8-40C3-BF09-27D2CF111243}: DhcpNameServer = 192.168.1.1
      O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\System32\igfxdev.dll (Intel Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\System32\credssp.dll (Microsoft Corporation)
      O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (kerberos) - C:\windows\System32\kerberos.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (schannel) - C:\windows\System32\schannel.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (wdigest) - C:\windows\System32\wdigest.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (tspkg) - C:\windows\System32\tspkg.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation)
      O31 - SafeBoot: AlternateShell - cmd.exe
      O32 - HKLM CDRom: AutoRun - 1
      O33 - MountPoints2\{da400e68-b93f-11e0-bbcd-e21dce7599d6}\Shell - "" = AutoRun
      O33 - MountPoints2\{da400e68-b93f-11e0-bbcd-e21dce7599d6}\Shell\AutoRun\command - "" = D:\autorun.exe
      O33 - MountPoints2\{f2fae7b6-f26b-11df-89f9-1cc1de9f185a}\Shell - "" = AutoRun
      O33 - MountPoints2\{f2fae7b6-f26b-11df-89f9-1cc1de9f185a}\Shell\AutoRun\command - "" = D:\.\Setup.exe AUTORUN=1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: Sharedaccess - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/04/15 17:23:55 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\dclogs
      [2013/04/15 17:23:26 | 000,046,672 | ---- | C] (Panda Security, S.L.) -- C:\windows\System32\drivers\PSKMAD.sys
      [2013/04/12 19:34:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      [2013/04/12 19:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2013/04/12 19:34:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
      [2013/04/12 19:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
      [2013/04/12 19:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\Google
      [2013/04/12 18:42:44 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\Malwarebytes
      [2013/04/11 09:27:28 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\Panda Security
      [2013/04/11 09:27:06 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Local\panda4_0dn
      [2013/04/11 09:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
      [2013/04/11 09:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering
      [2013/04/11 09:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
      [2013/04/11 09:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\pandasecuritytb
      [2013/04/11 09:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
      [2013/04/11 09:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
      [2013/04/10 2008 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/04/10 2007 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
      [2013/04/10 2007 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2013/04/10 2004 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
      [2013/04/10 2002 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
      [2013/04/10 20:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\Delta
      [2013/04/10 20:09:34 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\OfferBox
      [2013/04/10 20:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\OfferBox
      [2013/04/10 18:47:48 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\yUGD5ROoF
      [2013/04/10 18:36:03 | 000,000,000 | R--D | C] -- C:\Users\Elda\Documents\Scanned Documents
      [2013/04/10 18:36:02 | 000,000,000 | ---D | C] -- C:\Users\Elda\Documents\Fax
      [2013/04/10 18:29:55 | 000,000,000 | ---D | C] -- C:\_DT-Kill
      [2013/04/09 23:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/04/09 23:12:54 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Local\Programs
      [2013/04/06 16:18:59 | 000,000,000 | ---D | C] -- C:\Firefox
      [2013/04/06 16:08:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
      [2013/04/06 16:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
      [2013/04/06 16:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
      [2013/04/06 12:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
      [2013/04/05 22:18:01 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\Roxio Log Files
      [2013/04/05 16:47:37 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\Mozilla
      [2013/04/03 18:27:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
      [2013/04/03 18:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
      [2013/03/27 21:57:58 | 000,000,000 | ---D | C] -- C:\Users\Elda\Local Settings
      [2013/03/27 21:57:49 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\DealPly
      [2013/03/27 21:57:37 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Local\Google
      [2013/03/27 21:57:32 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Local\Lollipop
      [2013/03/24 15:57:01 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\{7C499540-A3EF-45C9-95F0-A0A1EF40E982}
      [2013/03/23 00:18:55 | 000,000,000 | ---D | C] -- C:\windows\System32\searchplugins
      [2013/03/23 00:18:55 | 000,000,000 | ---D | C] -- C:\windows\System32\Extensions
      [2013/03/23 00:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\CureTraffic
      [2013/03/23 00:18:36 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\BabSolution
      [2013/03/23 00:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
      [2013/03/23 00:18:18 | 000,000,000 | ---D | C] -- C:\Users\Elda\AppData\Roaming\Babylon
      [2013/03/23 00:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon

      ========== Files - Modified Within 30 Days ==========

      [2013/04/15 17:43:00 | 000,001,084 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/04/15 17:30:34 | 000,019,760 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/04/15 17:30:34 | 000,019,760 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/04/15 17:27:36 | 000,703,840 | ---- | M] () -- C:\windows\System32\perfh00A.dat
      [2013/04/15 17:27:36 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
      [2013/04/15 17:27:36 | 000,137,806 | ---- | M] () -- C:\windows\System32\perfc00A.dat
      [2013/04/15 17:27:36 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat
      [2013/04/15 17:24:00 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
      [2013/04/15 17:23:40 | 000,001,080 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/04/15 17:23:16 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
      [2013/04/15 17:23:12 | 3116,646,400 | -HS- | M] () -- C:\hiberfil.sys
      [2013/04/14 13:52:35 | 000,022,540 | ---- | M] () -- C:\Users\Elda\Desktop\Sin título 1.odt
      [2013/04/12 19:34:53 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2013/04/12 19:34:48 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2013/04/11 23:26:59 | 000,498,784 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
      [2013/04/10 20:14:40 | 000,000,282 | RHS- | M] () -- C:\ProgramData\ntuser.pol
      [2013/04/10 20:13:49 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/04/10 18:38:01 | 000,012,719 | ---- | M] () -- C:\windows\System32\Config.MPF
      [2013/04/09 23:16:16 | 000,000,316 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForElda.job
      [2013/04/09 16:48:17 | 000,109,785 | ---- | M] () -- C:\Users\Elda\Desktop\El Gobierno sueco no extraditará a Assange si hay riesgo de pena capital Internacional EL PAÍS.html
      [2013/04/09 16:34:16 | 000,712,882 | ---- | M] () -- C:\Users\Elda\Desktop\Decision PESC.pdf
      [2013/04/09 16:28:39 | 000,147,505 | ---- | M] () -- C:\Users\Elda\Desktop\Acuerdo extradicion 2003.pdf
      [2013/04/06 18:25:09 | 002,050,560 | ---- | M] () -- C:\Users\Elda\Desktop\NoticiasM.pps
      [2013/04/05 22:26:20 | 000,000,000 | ---- | M] () -- C:\END
      [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
      [2013/04/03 18:27:59 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
      [2013/03/28 20:28:45 | 000,001,010 | ---- | M] () -- C:\Users\Elda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
      [2013/03/28 20:28:37 | 000,000,976 | ---- | M] () -- C:\Users\Elda\Desktop\Dropbox.lnk
      [2013/03/25 00:07:40 | 000,196,608 | ---- | M] () -- C:\windows\System32\Ikeext.etl

      ========== Files Created - No Company Name ==========

      [2013/04/14 13:52:33 | 000,022,540 | ---- | C] () -- C:\Users\Elda\Desktop\Sin título 1.odt
      [2013/04/12 19:34:53 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2013/04/12 19:34:48 | 000,002,201 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2013/04/12 19:33:19 | 000,001,084 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/04/12 19:33:18 | 000,001,080 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/04/10 2008 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/04/10 20:09:33 | 000,000,991 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OfferBox.lnk
      [2013/04/10 18:40:50 | 000,000,384 | ---- | C] () -- C:\windows\myClean.bat
      [2013/04/09 16:48:17 | 000,109,785 | ---- | C] () -- C:\Users\Elda\Desktop\El Gobierno sueco no extraditará a Assange si hay riesgo de pena capital Internacional EL PAÍS.html
      [2013/04/09 16:34:15 | 000,712,882 | ---- | C] () -- C:\Users\Elda\Desktop\Decision PESC.pdf
      [2013/04/09 16:28:39 | 000,147,505 | ---- | C] () -- C:\Users\Elda\Desktop\Acuerdo extradicion 2003.pdf
      [2013/04/06 18:25:07 | 002,050,560 | ---- | C] () -- C:\Users\Elda\Desktop\NoticiasM.pps
      [2013/04/03 18:27:59 | 000,002,143 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
      [2013/03/24 16:02:08 | 000,000,838 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
      [2013/03/23 00:18:27 | 000,000,000 | ---- | C] () -- C:\END
      [2010/11/17 19:05:16 | 000,000,282 | RHS- | C] () -- C:\ProgramData\ntuser.pol

      ========== ZeroAccess Check ==========

      [2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
      "ThreadingModel" = Both
      "" = shell32.dll -- [2012/01/04 11:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 11:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = fastprox.dll -- [2009/07/14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2013/03/23 00:18:36 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\BabSolution
      [2013/03/23 00:18:18 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\Babylon
      [2013/04/15 17:24:23 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\dclogs
      [2013/03/27 21:57:49 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\DealPly
      [2013/04/15 17:24:08 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\Dropbox
      [2010/11/18 01:48:51 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\InternetEverywhere
      [2012/12/01 16:51:44 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\Nuance
      [2013/04/10 21:15:22 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\OfferBox
      [2012/02/06 19:48:19 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\OpenOffice.org
      [2013/04/11 09:27:28 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\Panda Security
      [2012/02/06 19:04:14 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\SoftGrid Client
      [2011/12/08 13:07:23 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\TP
      [2010/12/18 18:21:01 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\WindSolutions
      [2013/04/10 18:47:48 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\yUGD5ROoF
      [2010/11/17 19:05:15 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\Zeon
      [2013/03/24 15:57:01 | 000,000,000 | ---D | M] -- C:\Users\Elda\AppData\Roaming\{7C499540-A3EF-45C9-95F0-A0A1EF40E982}

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
      [2013/04/15 09:48:48 | 000,004,953 | ---- | M] () -- C:\DT-kill.txt
      [2013/04/05 22:26:20 | 000,000,000 | ---- | M] () -- C:\END
      [2013/04/15 17:23:12 | 3116,646,400 | -HS- | M] () -- C:\hiberfil.sys
      [2013/04/15 17:23:14 | 3116,646,400 | -HS- | M] () -- C:\pagefile.sys
      [2009/10/20 00:43:50 | 000,047,104 | ---- | M] () -- C:\Thumbs.db

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 64 bytes -> C:\Users\Elda\Desktop\Gremlins.(1984).DVDrip.[Español_Spanish].by.slint.(···deplan···).avi:TOC.WMV

      < End of report >

    4. #4
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.638

      Re: El sempiterno virus de la doble tilde

      Hola de Nuevo




      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación


      :processes
      BrowserProtect.exe
      :services
      BrowserProtect
      :OTL
      PRC - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
      MOD - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
      MOD - c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
      SRV - (BrowserProtect) -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
      SRV - (OfferBox update service) -- C:\Program Files\OfferBox\OfferBoxUpdateService.exe (Aedge Performance BCN SL)
      O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
      O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
      O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9C905B42-976E-43C1-BC30-FC5937017909} - No CLSID value found.
      O4 - HKLM..\Run: [offerbox] C:\Program Files\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
      O4 - HKCU..\Run: [NI4TI6NZFF] C:\Users\Elda\AppData\Roaming\yUGD5ROoF\zjGgvCqBu.exe (bevellers behovingly)
      O33 - MountPoints2\{da400e68-b93f-11e0-bbcd-e21dce7599d6}\Shell - "" = AutoRun
      O33 - MountPoints2\{da400e68-b93f-11e0-bbcd-e21dce7599d6}\Shell\AutoRun\command - "" =
      @Alternate Data Stream - 64 bytes -> C:\Users\Elda\Desktop\Gremlins.(1984).DVDrip.[Español_Spanish].by.slint.(···deplan···).avi:TOC.WMV
      :Files
      ipconfig /flushdns /c
      C:\ProgramData\BrowserProtect
      :Commands
      [PURITY]
      [EMPTYTEMP]
      [EMPTYFLASH]
      [RESETHOSTS]

      Presioná el Boton Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.





      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    5. #5
      Usuario Avatar de eldagarposada
      Registrado
      abr 2013
      Ubicación
      España
      Mensajes
      3

      Re: El sempiterno virus de la doble tilde

      Gracias! Hecho. Abajo pego el reporte. Pero la doble tilde contin´´ua, como es f´´acil de ver...



      All processes killed
      ========== PROCESSES ==========
      No active process named BrowserProtect.exe was found!
      No active process named :services was found!
      No active process named BrowserProtect was found!
      No active process named :OTL was found!
      No active process named BrowserProtect.exe was found!
      No active process named BrowserProtect.exe was found!
      No active process named BrowserProtect.dll was found!
      No active process named BrowserProtect.exe was found!
      No active process named OfferBoxUpdateService.exe was found!
      No active process named delta.dll was found!
      No active process named ZeonIEFavClient.dll was found!
      No active process named deltaTlbr.dll was found!
      No active process named WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. was found!
      No active process named WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. was found!
      No active process named WebBrowser: (no name) - {9C905B42-976E-43C1-BC30-FC5937017909} - No CLSID value found. was found!
      No active process named OfferBox.exe was found!
      No active process named zjGgvCqBu.exe was found!
      No active process named Shell - "" = AutoRun was found!
      No active process named command - "" = was found!
      No active process named Gremlins.(1984).DVDrip.[Español_Spanish].by.slint.(···deplan···).avi:TOC.WMV was found!
      No active process named :Files was found!
      No active process named ipconfig /flushdns /c was found!
      No active process named BrowserProtect was found!
      No active process named :Commands was found!
      No active process named [PURITY] was found!
      No active process named [EMPTYTEMP] was found!
      No active process named [EMPTYFLASH] was found!
      No active process named [RESETHOSTS] was found!

      OTL by OldTimer - Version 3.2.69.0 log created on 04152013_211050

      Files\Folders moved on Reboot...

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    6. #6
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.638

      Re: El sempiterno virus de la doble tilde

      Hola




      Descargá la herramienta ComboFix.exe a Tu escritorio.

      • Desactivá temporalmente el Antivirus y/o Antispyware. Cómo deshabilitar temporalmente su Antivirus
      • Cerrá todas las ventanas abiertas.
      • Hacá doble clic en el archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generará un registro en C:\ComboFix.txt.




      Notas Importantes:

      • Mientras CF este trabajando, no debes mover el mouse ya que pararía su proceso.
      • ComboFix Puede Reiniciar automáticamente el PC para completar el proceso de eliminación.
      • Una vez Terminado el Trabajo de ComboFix, podes activar Tu antivirus.
      • No Pongas los Reportes Dentro de Etiquetas Code ni HTML.




      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.


      El reporte generado, se encuentra en C:\ComboFix.txt . Abrilo, seleccionas Todo y lo copias y pegas en Tu próxima respuesta.



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.