Mmmm, i paste that at OTL and click FIX red button?

In OTL you would have to copy all between the lines below as the script

:OTL
PRC - [2012/04/16 13:55:57 | 000,132,608 | -H-- | M] () -- C:\Documents and Settings\admin\Datos de programa\WMPRWISE.EXE
[2012/04/16 13:55:57 | 000,132,608 | -H-- | M] () -- C:\Documents and Settings\admin\Datos de programa\WMPRWISE.EXE
[2012/04/16 02:59:20 | 000,141,312 | ---- | M] () -- C:\Documents and Settings\admin\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Services

:Files

:Reg

:Commands

Or you can just end the process in task manager  and just delete the file to the recycle bin.

Quads

I will do the OTL stuff, paste that and the question is, then i clic the FIX red button??

thanks.

I did that, here's the log.

What's next?

You are still not getting any redirects or problems like when you were infected??

Did a Full Scan with Malwarebytes find anything, with updated definitions??

Quads

Since i did that process with the OTL the computer is working fine. But malaware discovered some threats and suposusely eliminated them. Here's the last log.

I did another full scan with malawarebytes and it didn't find any threats, so it appears to be that it made the action that i show you on the post above.

What's the name of that flash drive in order to unistall it? Or it was deleted?

Oh, by the way, system restore is still OFF.