• Registrarse
  • Iniciar sesión


  • Resultados 1 al 7 de 7

    Malware Qvo 6.(solucionado)

    Resumen del tema: Malware Qvo 6.(solucionado) - Hola amigos. me ha salido tras una descarga el buscador en el navegador Qvo6 y no hay manera de quitarlo. Ya he visto en el foro que había gente que lo tuvo, así que descargué ...

      
    1. #1
      Usuario Avatar de rafamalaga
      Registrado
      oct 2007
      Ubicación
      españa
      Mensajes
      12

      Bien Malware Qvo 6.(solucionado)

      Hola amigos. me ha salido tras una descarga el buscador en el navegador Qvo6 y no hay manera de quitarlo. Ya he visto en el foro que había gente que lo tuvo, así que descargué los programas recomendados, así que pego aquí los resultados, por si podeis echarles un ojo.
      Muchas gracias de antemano y saludos.

      AT-Destroyer:

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 19:52:47 \\\ 02/04/2013
      AT-Destroyer 2.1 By Infospyware ---> www.infospyware.com
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:19.0.2.4814
      Privilegios: Rafa - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: RAFA-PC
      Información del sistema operativo:X86-WIN_7-Service Pack 1
      nombre del usuario:Rafa
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<



      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<

      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\System32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=3219913727_67194_A8FF5092&ts=1364821586


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=3219913727_67194_A8FF5092&ts=1364821586


      HKEY_USERS\S-1-5-21-778163415-3537183498-2063752586-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=3219913727_67194_A8FF5092&ts=1364821586


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "http://www.cyclingnews.com/");
      user_pref("browser.startup.homepage_override.buildID", "20130307023931");
      user_pref("browser.startup.homepage_override.mstone", "19.0.2");
      user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"13\": {\"id\": \"13\",\"title\": \"PriceGong\",\"type\": \"XPI\",\"url\": \"http://www.addonfox.com/downloads/pricegong.xpi\",\"homepage\": \"http://www.pricegong.com/\",\"icon url\": \"http://www.pricegong.com/favicon.ico\",\"is standalone\": \"\",\"xpi euid\": \"8A9386B4-E958-4c4c-ADF4-8F26DB3E4829\",\"category\": \"General\",\"is default\": \"1\",\"name\": \"PriceGong\",\"terms\": \"http://www.pricegong.com/TermsofUse.aspx\",\"description\": \"Compares prices while shoping online\"},\"82\": {\"id\": \"82\",\"title\": \"DealPly\",\"type\": \"XPI\",\"url\": \"http://installs.dealply.com/latest/adfx/adfx/dealply.xpi\",\"homepage\": \"http://www.dealply.com\",\"icon url\": \"http://www.linkular.com/img/icons/publishers/dealply.ico\",\"is standalone\": \"\",\"xpi euid\": \"EB9394A3-4AD6-4918-9537-31A1FD8E8EDF\",\"category\": \"General\",\"is default\": \"1\",\"name\": \"DealPly\",\"description\": \"Tap into thousands of deals and coupons, etc.\"}}}");


      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Rafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\1
      C:\Users\Rafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla

      ======== Listado ===========

      [04/03/2013 13:30] [08/09/2012 21:40] [DI] C:\Users\Rafa\AppData\Roaming\Adobe
      [06/11/2012 21:42] [06/11/2012 21:42] [DI] C:\Users\Rafa\AppData\Roaming\AMPSoft
      [22/01/2013 13:43] [22/01/2013 13:43] [DI] C:\Users\Rafa\AppData\Roaming\Apple Computer
      [16/01/2013 11:22] [16/01/2013 11:22] [DI] C:\Users\Rafa\AppData\Roaming\APP_NAME_NON_STRING
      [ 25/02/2013 9:58] [ 25/02/2013 9:58] [DI] C:\Users\Rafa\AppData\Roaming\Avira
      [02/11/2012 10:13] [02/11/2012 10:13] [DI] C:\Users\Rafa\AppData\Roaming\BlackBean
      [10/09/2012 12:53] [10/09/2012 12:53] [D] C:\Users\Rafa\AppData\Roaming\CheckPoint
      [ 10/09/2012 9:50] [ 10/09/2012 9:50] [DI] C:\Users\Rafa\AppData\Roaming\Corel
      [23/01/2013 20:51] [23/01/2013 20:51] [DI] C:\Users\Rafa\AppData\Roaming\CyberLink
      [23/01/2013 20:45] [08/09/2012 22:06] [DI] C:\Users\Rafa\AppData\Roaming\DAEMON Tools Lite
      [01/04/2013 15:05] [01/04/2013 15:05] [DI] C:\Users\Rafa\AppData\Roaming\eIntaller
      [07/02/2013 11:06] [18/01/2013 11:45] [DI] C:\Users\Rafa\AppData\Roaming\FileZilla
      [09/09/2012 20:30] [09/09/2012 20:30] [DI] C:\Users\Rafa\AppData\Roaming\Garmin
      [01/04/2013 19:43] [08/09/2012 22:05] [DI] C:\Users\Rafa\AppData\Roaming\GlarySoft
      [08/09/2012 21:15] [08/09/2012 21:15] [DI] C:\Users\Rafa\AppData\Roaming\Identities
      [08/09/2012 21:34] [08/09/2012 21:34] [DI] C:\Users\Rafa\AppData\Roaming\Leadertech
      [08/09/2012 21:40] [08/09/2012 21:40] [DI] C:\Users\Rafa\AppData\Roaming\Macromedia
      [28/09/2012 10:28] [28/09/2012 10:28] [DI] C:\Users\Rafa\AppData\Roaming\Malwarebytes
      [14/07/2009 11:07] [08/09/2012 21:15] [DI] C:\Users\Rafa\AppData\Roaming\Media Center Programs
      [29/09/2012 20:22] [08/09/2012 21:15] [SDI] C:\Users\Rafa\AppData\Roaming\Microsoft
      [28/11/2012 20:25] [28/11/2012 20:25] [DI] C:\Users\Rafa\AppData\Roaming\Microsoft Games
      [05/03/2013 11:47] [05/03/2013 11:46] [DI] C:\Users\Rafa\AppData\Roaming\Mozilla
      [11/09/2012 19:47] [11/09/2012 19:47] [DI] C:\Users\Rafa\AppData\Roaming\OpenOffice.org
      [16/01/2013 11:21] [11/09/2012 18:09] [DI] C:\Users\Rafa\AppData\Roaming\pdfforge
      [12/03/2013 20:38] [14/09/2012 10:51] [DI] C:\Users\Rafa\AppData\Roaming\Pro Cycling Manager 2009
      [27/12/2012 20:03] [27/09/2012 17:19] [DI] C:\Users\Rafa\AppData\Roaming\Real
      [26/12/2012 19:19] [26/12/2012 19:19] [DI] C:\Users\Rafa\AppData\Roaming\RealNetworks
      [05/11/2012 11:56] [05/11/2012 11:56] [DI] C:\Users\Rafa\AppData\Roaming\StageManager
      [07/03/2013 17:03] [10/09/2012 9:32] [DI] C:\Users\Rafa\AppData\Roaming\uTorrent
      [15/12/2012 19:33] [14/12/2012 11:09] [DI] C:\Users\Rafa\AppData\Roaming\Wacom
      [ 10/09/2012 9:43] [ 10/09/2012 9:43] [DI] C:\Users\Rafa\AppData\Roaming\WinRAR
      [02/04/2013 18:46] [10/09/2012 13:47] [DI] C:\Users\Rafa\AppData\Roaming\WTablet
      [10/09/2012 13:47] [10/09/2012 13:47] [DI] C:\Users\Rafa\AppData\Roaming\WTouch
      [ 04/12/2012 9:50] [ 31/10/2012 19:39] [DI] C:\Users\Rafa\AppData\Roaming\Wuala
      [14/12/2012 11:09] [11/09/2012 9:19] [D] C:\Program Files\Adobe
      [11/09/2012 12:50] [11/09/2012 12:50] [D] C:\Program Files\Adobe Media Player
      [07/12/2009 12:13] [07/12/2009 12:13] [D] C:\Program Files\AGEIA Technologies
      [06/11/2012 21:42] [06/11/2012 21:42] [D] C:\Program Files\AMP Font Viewer
      [22/01/2013 11:36] [22/01/2013 11:36] [D] C:\Program Files\Apple Software Update
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\Program Files\Archivos comunes
      [25/02/2013 9:52] [25/02/2013 9:52] [D] C:\Program Files\Avira
      [02/11/2012 10:00] [02/11/2012 10:00] [D] C:\Program Files\BlackBeanGames
      [23/01/2013 13:59] [23/01/2013 13:59] [D] C:\Program Files\CCleaner
      [10/09/2012 12:52] [10/09/2012 12:50] [D] C:\Program Files\CheckPoint
      [07/03/2013 17:55] [07/03/2013 17:55] [D] C:\Program Files\City Interactive
      [11/09/2012 17:50] [11/09/2012 17:50] [D] C:\Program Files\Codemasters
      [01/04/2013 15:07] [14/07/2009 4:37] [D] C:\Program Files\Common Files
      [10/09/2012 13:34] [10/09/2012 13:34] [D] C:\Program Files\Corel
      [14/09/2012 10:42] [14/09/2012 10:31] [D] C:\Program Files\Cyanide
      [07/12/2009 12:40] [07/12/2009 12:38] [D] C:\Program Files\CyberLink
      [14/01/2013 9:34] [14/01/2013 9:34] [D] C:\Program Files\DAEMON Tools Lite
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [09/09/2012 20:28] [09/09/2012 20:28] [D] C:\Program Files\DIFX
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\DVD Maker
      [14/09/2012 12:39] [14/09/2012 12:39] [D] C:\Program Files\EA GAMES
      [11/11/2012 12:44] [13/09/2012 18:31] [D] C:\Program Files\EA SPORTS
      [27/11/2012 9:41] [27/11/2012 9:33] [D] C:\Program Files\F1 2012
      [18/01/2013 11:47] [18/01/2013 11:47] [D] C:\Program Files\FileZilla FTP Client
      [13/10/2012 13:43] [13/10/2012 13:43] [D] C:\Program Files\Fox
      [09/09/2012 20:28] [09/09/2012 20:28] [D] C:\Program Files\Garmin
      [09/09/2012 20:28] [09/09/2012 20:28] [D] C:\Program Files\Garmin GPS Plugin
      [01/04/2013 21:47] [08/09/2012 21:50] [D] C:\Program Files\Glary Utilities
      [04/10/2012 13:41] [04/10/2012 13:41] [D] C:\Program Files\GoldenCheetah
      [31/03/2013 20:59] [09/09/2012 20:41] [D] C:\Program Files\Google
      [22/01/2013 20:28] [22/01/2013 20:28] [D] C:\Program Files\Illusion
      [04/02/2013 10:39] [07/12/2009 12:16] [HD] C:\Program Files\InstallShield Installation Information
      [14/03/2013 18:04] [14/07/2009 4:37] [D] C:\Program Files\Internet Explorer
      [14/01/2013 9:33] [31/10/2012 19:40] [D] C:\Program Files\Java
      [08/09/2012 22:09] [08/09/2012 21:33] [D] C:\Program Files\Logitech
      [25/01/2013 21:49] [25/01/2013 21:49] [D] C:\Program Files\Malwarebytes' Anti-Malware
      [29/09/2012 20:35] [07/12/2009 12:58] [D] C:\Program Files\Microsoft
      [17/09/2012 0:15] [17/09/2012 0:15] [D] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [14/07/2009 11:08] [14/07/2009 6:52] [D] C:\Program Files\Microsoft Games
      [16/09/2012 23:08] [16/09/2012 23:08] [D] C:\Program Files\Microsoft Games for Windows - LIVE
      [17/09/2012 0:15] [07/12/2009 12:42] [D] C:\Program Files\Microsoft Office
      [14/03/2013 18:04] [07/12/2009 13:00] [D] C:\Program Files\Microsoft Silverlight
      [07/12/2009 12:58] [07/12/2009 12:58] [D] C:\Program Files\Microsoft SQL Server Compact Edition
      [07/12/2009 12:59] [07/12/2009 12:59] [D] C:\Program Files\Microsoft Sync Framework
      [10/10/2012 14:10] [07/12/2009 12:41] [D] C:\Program Files\Microsoft Works
      [09/09/2012 19:37] [07/12/2009 12:45] [D] C:\Program Files\Microsoft.NET
      [08/03/2013 19:28] [08/03/2013 19:28] [D] C:\Program Files\Mozilla Firefox
      [10/03/2013 11:12] [05/03/2013 11:46] [D] C:\Program Files\Mozilla Maintenance Service
      [14/07/2009 6:52] [14/07/2009 6:52] [D] C:\Program Files\MSBuild
      [11/09/2012 15:41] [11/09/2012 15:40] [D] C:\Program Files\MWSnap
      [11/09/2012 18:10] [11/09/2012 18:10] [D] C:\Program Files\OpenOffice.org 3
      [16/01/2013 11:22] [16/01/2013 11:22] [D] C:\Program Files\PDF Architect
      [16/01/2013 13:24] [16/01/2013 11:21] [D] C:\Program Files\PDFCreator
      [11/09/2012 10:40] [11/09/2012 10:40] [D] C:\Program Files\Polar
      [22/01/2013 19:16] [22/01/2013 19:16] [D] C:\Program Files\PrivitizeVPN
      [29/09/2012 19:48] [29/09/2012 19:48] [D] C:\Program Files\Quark
      [05/03/2013 20:07] [22/01/2013 11:37] [D] C:\Program Files\QuickTime
      [26/12/2012 19:18] [27/09/2012 17:19] [D] C:\Program Files\Real
      [26/12/2012 19:18] [26/12/2012 19:18] [D] C:\Program Files\RealNetworks
      [07/12/2009 12:16] [07/12/2009 12:16] [D] C:\Program Files\Realtek
      [14/07/2009 6:52] [14/07/2009 6:52] [D] C:\Program Files\Reference Assemblies
      [10/09/2012 13:47] [10/09/2012 13:46] [D] C:\Program Files\Tablet
      [10/09/2012 13:47] [10/09/2012 13:47] [D] C:\Program Files\TabletPlugins
      [07/12/2009 12:17] [07/12/2009 12:16] [HD] C:\Program Files\Temp
      [30/10/2012 17:54] [30/10/2012 17:54] [D] C:\Program Files\Trend Micro
      [04/02/2013 10:38] [01/02/2013 11:42] [D] C:\Program Files\Ubi Soft
      [04/02/2013 9:55] [04/02/2013 9:46] [D] C:\Program Files\Ubisoft
      [14/07/2009 6:53] [14/07/2009 6:53] [HD] C:\Program Files\Uninstall Information
      [15/01/2013 9:11] [10/09/2012 9:33] [D] C:\Program Files\uTorrent
      [27/02/2013 18:39] [27/02/2013 18:39] [D] C:\Program Files\VS Revo Group
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\Windows Defender
      [10/09/2012 17:44] [14/07/2009 11:08] [D] C:\Program Files\Windows Journal
      [17/09/2012 9:49] [07/12/2009 12:57] [D] C:\Program Files\Windows Live
      [07/12/2009 12:57] [07/12/2009 12:57] [D] C:\Program Files\Windows Live SkyDrive
      [10/09/2012 17:44] [14/07/2009 4:37] [D] C:\Program Files\Windows Mail
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\Windows Media Player
      [08/09/2012 21:15] [14/07/2009 4:37] [D] C:\Program Files\Windows NT
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\Windows Photo Viewer
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\Windows Portable Devices
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\Windows Sidebar
      [10/09/2012 9:43] [10/09/2012 9:43] [D] C:\Program Files\WinRAR
      [10/09/2012 13:47] [10/09/2012 13:47] [D] C:\Program Files\WTouch
      [31/10/2012 19:41] [31/10/2012 19:41] [D] C:\Program Files\Wuala CBFS
      [22/01/2013 19:16] [22/01/2013 19:16] [D] C:\Program Files\ZoomEx
      [15/02/2013 9:29] [07/12/2009 12:37] [DI] C:\ProgramData\Adobe
      [11/09/2012 13:04] [11/09/2012 13:04] [DI] C:\ProgramData\ALM
      [22/01/2013 11:36] [22/01/2013 11:36] [DI] C:\ProgramData\Apple
      [22/01/2013 11:37] [22/01/2013 11:37] [DI] C:\ProgramData\Apple Computer
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Application Data
      [25/02/2013 9:52] [25/02/2013 9:52] [DI] C:\ProgramData\Avira
      [01/04/2013 15:10] [01/04/2013 15:06] [DI] C:\ProgramData\BlueStacksSetup
      [10/09/2012 12:50] [10/09/2012 12:50] [DI] C:\ProgramData\CheckPoint
      [22/01/2013 19:16] [22/01/2013 19:16] [DI] C:\ProgramData\CLSoft LTD
      [27/11/2012 9:43] [27/11/2012 9:43] [DI] C:\ProgramData\Codemasters
      [18/09/2012 10:24] [10/09/2012 13:36] [DI] C:\ProgramData\Corel
      [07/12/2009 12:40] [07/12/2009 12:38] [DI] C:\ProgramData\CyberLink
      [11/09/2012 12:16] [08/09/2012 22:06] [DI] C:\ProgramData\DAEMON Tools Lite
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Datos de programa
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Desktop
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Documentos
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Documents
      [02/04/2013 18:47] [01/04/2013 15:07] [DI] C:\ProgramData\eSafe
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Escritorio
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Favorites
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Favoritos
      [22/01/2013 19:16] [05/11/2012 10:56] [DI] C:\ProgramData\InstallMate
      [26/09/2012 17:54] [21/09/2012 9:51] [DI] C:\ProgramData\iolo
      C:\ProgramData\KGyGaAvL.sys [HSAI] 2,45 KB 0
      [08/09/2012 21:34] [08/09/2012 21:33] [DI] C:\ProgramData\LogiShrd
      [28/09/2012 10:28] [28/09/2012 10:28] [DI] C:\ProgramData\Malwarebytes
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Menú Inicio
      [29/09/2012 20:35] [14/07/2009 4:37] [SDI] C:\ProgramData\Microsoft
      [14/03/2013 13:15] [07/12/2009 12:43] [DI] C:\ProgramData\Microsoft Help
      [08/09/2012 21:21] [08/09/2012 21:21] [DI] C:\ProgramData\Mozilla
      [07/01/2010 11:17] [07/12/2009 12:15] [DI] C:\ProgramData\NVIDIA
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Plantillas
      [26/12/2012 19:20] [27/09/2012 17:18] [DI] C:\ProgramData\Real
      [26/12/2012 19:18] [26/12/2012 19:18] [DI] C:\ProgramData\RealNetworks
      [11/09/2012 13:30] [11/09/2012 13:30] [DI] C:\ProgramData\regid.1986-12.com.adobe
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Start Menu
      [31/10/2012 19:41] [31/10/2012 19:41] [DI] C:\ProgramData\Sun
      [07/12/2009 12:39] [07/12/2009 12:38] [DI] C:\ProgramData\Temp
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Templates
      [07/12/2009 12:48] [07/12/2009 12:48] [DI] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

      ==================== EOF ==================



      -------------------------------------------------------------------------------------------------------------------



      ADWcleaner:


      # AdwCleaner v2.115 - Fichero creado el 02/04/2013 a 20:02:12
      # Actualizado el 17/03/2013 por Xplode
      # Sistema operativo : Windows 7 Home Premium Service Pack 1 (32 bits)
      # Usuario : Rafa - RAFA-PC
      # Modo de inicio : Normal
      # Ejecutado desde : C:\Users\Rafa\Desktop\adwcleaner.exe
      # Opción [Supresión]


      ***** [Servicios] *****

      Parado & Suprimido : desksvc

      ***** [Ficheros / Carpetas] *****

      Carpeta Suprimido : C:\Program Files\Zoomex
      Carpeta Suprimido : C:\ProgramData\clsoft ltd
      Carpeta Suprimido : C:\ProgramData\InstallMate
      Carpeta Suprimido : C:\Users\Rafa\AppData\Local\Conduit
      Carpeta Suprimido : C:\Users\Rafa\AppData\LocalLow\Conduit
      Carpeta Suprimido : C:\Users\Rafa\AppData\LocalLow\PriceGong
      Carpeta Suprimido : C:\Users\Rafa\AppData\Roaming\pdfforge

      ***** [Registro] *****

      Clave Supprimida : HKCU\Software\AppDataLow\Software\Conduit
      Clave Supprimida : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
      Clave Supprimida : HKCU\Software\AppDataLow\Software\PriceGong
      Clave Supprimida : HKCU\Software\AppDataLow\Software\SmartBar
      Clave Supprimida : HKCU\Software\AppDataLow\SProtector
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
      Clave Supprimida : HKCU\Software\StartSearch
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
      Clave Supprimida : HKLM\SOFTWARE\Software
      Clave Supprimida : HKLM\Software\SProtector

      ***** [Navegadores] *****

      -\\ Internet Explorer v9.0.8112.16470

      [OK] El registro no contiene ninguna entrada ilegítima.

      -\\ Mozilla Firefox v19.0.2 (es-ES)

      Fichero : C:\Users\Rafa\AppData\Roaming\Mozilla\Firefox\Profiles\pxscglek.default\prefs.js

      [OK] El fichero no contiene ninguna entrada ilegítima.

      Fichero : C:\Users\Invitado\AppData\Roaming\Mozilla\Firefox\Profiles\vq2wd9de.default\prefs.js

      [OK] El fichero no contiene ninguna entrada ilegítima.

      -\\ Google Chrome v26.0.1410.43

      Fichero : C:\Users\Rafa\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] El fichero no contiene ninguna entrada ilegítima.

      *************************

      AdwCleaner[S1].txt - [2273 octets] - [02/04/2013 20:02:12]

      ########## EOF - C:\AdwCleaner[S1].txt - [2333 octets] ##########

    2. #2
      Usuario Habitual Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.537

      re: Malware Qvo 6.(solucionado)

      Hola!

      porfavor en que navegadores sucede??

      Realiza Los Siguientes Pasos (si no puedes con uno salta al siguiente)

      EN MODO SEGURO CON FUNCIONES DE RED

      Descarga,actualiza y realiza un escaneo completo con el malwarebytes:Manual de Malwarebytes Anti-Malware 2.0

      -Instala el programa con idioma español.
      -Vete a la pestaña actualizar y actualizas a la ultima version
      -Vete a la pestaña Escáner y realizas un Ánalisis completo.
      -Una vez finalizado, pulsa sobre "Mostrar los Resultados " y "Eliminar Seleccionadas" como se demuestra en esta FOTO
      -Todas las amenazas tienen que estar marcadas con un visto ()
      -En el caso de que te pida reiniciar,reinicia.
      -Peganos el reporte del escaneo del malwarebytes despues de reiniciar,esta en la pestaña Registros.


      Descarga Ccleaner:Manual de CCleaner <------------ Este paso es MUY IMPORTANTE

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad

      Realiza un análisis completo con Eset Nod32 online ----------> Version Descargable E Instalable: Eset Smart Installer Y mas aca su manual ---------->MANUAL DE ESET ONLINE

      1- Lo ejecutas.

      2-Marcas las casillas de Eliminar las amenazas detectadas y analizar archivos.

      3- Haces clic en Configuración adicional y ahi marcas las casillas:

      - Analizar en busca de aplicaciones potencialmente indeseables.

      - Analizar en busca de aplicaciones potencialmente peligrosas.

      - Activar la tecnolgía Anti-Stealth.



      4- Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Cuando acabe haz clic en Finalizar

      5- Localizar el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log
      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.
      • Debes cerrar todos los programas que estes usando durante el proceso
      • Desactiva temporalmente el Antivirus y/o Antispyware. o cualquier tipo de defensa que tenga en su PC
      • Ejecuta AT-Destroyer como administrador (Click Derecho Ejecutar como/Como Administrador).
      • Elige la Opcion #1 (Buscar y Destruir)
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado AT DESTROYER le indicara El tipo y numero mediante una Pantalla negra Con los datos anteriormente nombrados
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      • NOTA: en la mayoria de los casos pedira un Reinicio de la PC, si esto pasa busque en reporte en C:/AT-Destroyer.txt
      • Si algún programa no inicia, reiniciar la PC.
      • Descarga AdwCleaner En su PC
      • NOTA: Cerra todos los programas antes de ejecutar esta herramienta.
      • Desactiva temporalmente el Antivirus y/o Antispyware. o cualquier tipo de defensa que tenga en su PC
      • Copia en el escritorio el programa Adwcleaner y lo ejecutas Como Administrador (Click Derecho Ejecutar como/Como Administrador).
      • Una Vez abierto le das a Supresión y esperas que termine su trabajo.
      • Se va a abrir un reporte donde muestra lo que detecto, lo copias y lo pegas acá.
      • NOTA: En caso de que EL PROGRAMA te pida reiniciar hazlo .
      • En caso de que no se abra el reporte lo buscas en C:\AdwCleaner[R1].txt


      saludos
      º El reporte del Malwarebytes, que se encuentra en su pestaña REGISTROS
      º El reporte del Eset Nod32
      º El reporte de at destroyer
      º El reporte de AdwCleaner
      º Nos cuentas como funciona tu pc ahora

      *Si tienes alguna duda,te puedes imprimir las instrucciones para hacer un mejor seguimiento.

      #BarcelonaS.C <3 #TrueHistory! By:Martyn :''D

    3. #3
      Usuario Avatar de rafamalaga
      Registrado
      oct 2007
      Ubicación
      españa
      Mensajes
      12

      re: Malware Qvo 6.(solucionado)

      Hola. en pregunta a lo de los navegadores, me sale el buscador Qvo6 en todos, Firefox y Chrome. El IE Explorer no lo uso, pero también.

      Hasta el momento sigue saliendo el buscador como página de inicio a pesar de haberlo quitado en lso administradores de buscadores.

      Ahora os pego aquí los reportes de lso escaneos en modo seguro.


      Malwarebytes


      Malwarebytes Anti-Malware 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2013.04.02.13

      Windows 7 Service Pack 1 x86 NTFS (modo seguro)
      Internet Explorer 9.0.8112.16421
      Rafa :: RAFA-PC [administrador]

      03/04/2013 0:15:26
      mbam-log-2013-04-03 (00-15-26).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 447787
      Tiempo transcurrido: 46 minuto(s), 28 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)

      -------------------------------------------------------------------

      Eset Nod32

      ESETSmartInstaller@High as downloader log:
      all ok
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # OnlineScanner.ocx=1.0.0.6920
      # api_version=3.0.2
      # EOSSerial=7aa82d346d7d2f4085fedd6f73b151ba
      # engine=13535
      # end=finished
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=false
      # unsafe_checked=false
      # antistealth_checked=true
      # utc_time=2013-04-03 08:43:09
      # local_time=2013-04-03 10:43:09 (+0100, Hora de verano romance)
      # country="Spain"
      # lang=3082
      # osver=6.1.7601 NT Service Pack 1
      # compatibility_mode=1799 16775166 100 97 48530 135649894 41310 0
      # compatibility_mode=5893 16776574 100 94 18751 116609780 0 0
      # compatibility_mode=9217 16777214 75 4 17704214 17704214 0 0
      # scanned=238729
      # found=3
      # cleaned=3
      # scan_time=10716
      sh=F1842628ED01885954D4C3A4E1F4337B8AFD9209 ft=0 fh=0000000000000000 vn="múltiples amenazas (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Backup My Data\Rafa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\ee2072e-4490b68e"
      sh=D3E2282C5D7CBEADEE71DDDA63B582FCDC3700D0 ft=0 fh=0000000000000000 vn="una variante de Java/Exploit.CVE-2013-0422.CF Troyano (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Users\Rafa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\61362581-3e6ece9f"
      sh=802030550A291730CF507AD61CDF0FA6EE35E3EF ft=0 fh=0000000000000000 vn="múltiples amenazas (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Users\Rafa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\61362581-7ed0e18d"


      --------------------------------------------------------------------

      AT Destroyer

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 10:51:04 \\\ 03/04/2013
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:19.0.2.4814
      Privilegios: Rafa - Administrador
      Modo Actual: Modo Seguro.
      Nombre del pc: RAFA-PC
      Información del sistema operativo:X86-WIN_7-Service Pack 1
      nombre del usuario:Rafa
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<



      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<



      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\System32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=3219913727_67194_A8FF5092&ts=1364821586


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=3219913727_67194_A8FF5092&ts=1364821586


      HKEY_USERS\S-1-5-21-778163415-3537183498-2063752586-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=3219913727_67194_A8FF5092&ts=1364821586


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "http://www.cyclingnews.com/");
      user_pref("browser.startup.homepage_override.buildID", "20130307023931");
      user_pref("browser.startup.homepage_override.mstone", "19.0.2");


      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Rafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\2
      C:\Users\Rafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
      C:\Users\Rafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk

      ======== Listado ===========

      [04/03/2013 13:30] [08/09/2012 21:40] [DI] C:\Users\Rafa\AppData\Roaming\Adobe
      [06/11/2012 21:42] [06/11/2012 21:42] [DI] C:\Users\Rafa\AppData\Roaming\AMPSoft
      [22/01/2013 13:43] [22/01/2013 13:43] [DI] C:\Users\Rafa\AppData\Roaming\Apple Computer
      [16/01/2013 11:22] [16/01/2013 11:22] [DI] C:\Users\Rafa\AppData\Roaming\APP_NAME_NON_STRING
      [ 25/02/2013 9:58] [ 25/02/2013 9:58] [DI] C:\Users\Rafa\AppData\Roaming\Avira
      [02/11/2012 10:13] [02/11/2012 10:13] [DI] C:\Users\Rafa\AppData\Roaming\BlackBean
      [10/09/2012 12:53] [10/09/2012 12:53] [D] C:\Users\Rafa\AppData\Roaming\CheckPoint
      [ 10/09/2012 9:50] [ 10/09/2012 9:50] [DI] C:\Users\Rafa\AppData\Roaming\Corel
      [23/01/2013 20:51] [23/01/2013 20:51] [DI] C:\Users\Rafa\AppData\Roaming\CyberLink
      [23/01/2013 20:45] [08/09/2012 22:06] [DI] C:\Users\Rafa\AppData\Roaming\DAEMON Tools Lite
      [01/04/2013 15:05] [01/04/2013 15:05] [DI] C:\Users\Rafa\AppData\Roaming\eIntaller
      [07/02/2013 11:06] [18/01/2013 11:45] [DI] C:\Users\Rafa\AppData\Roaming\FileZilla
      [09/09/2012 20:30] [09/09/2012 20:30] [DI] C:\Users\Rafa\AppData\Roaming\Garmin
      [01/04/2013 19:43] [08/09/2012 22:05] [DI] C:\Users\Rafa\AppData\Roaming\GlarySoft
      [08/09/2012 21:15] [08/09/2012 21:15] [DI] C:\Users\Rafa\AppData\Roaming\Identities
      [08/09/2012 21:34] [08/09/2012 21:34] [DI] C:\Users\Rafa\AppData\Roaming\Leadertech
      [08/09/2012 21:40] [08/09/2012 21:40] [DI] C:\Users\Rafa\AppData\Roaming\Macromedia
      [28/09/2012 10:28] [28/09/2012 10:28] [DI] C:\Users\Rafa\AppData\Roaming\Malwarebytes
      [14/07/2009 11:07] [08/09/2012 21:15] [DI] C:\Users\Rafa\AppData\Roaming\Media Center Programs
      [29/09/2012 20:22] [08/09/2012 21:15] [SDI] C:\Users\Rafa\AppData\Roaming\Microsoft
      [28/11/2012 20:25] [28/11/2012 20:25] [DI] C:\Users\Rafa\AppData\Roaming\Microsoft Games
      [05/03/2013 11:47] [05/03/2013 11:46] [DI] C:\Users\Rafa\AppData\Roaming\Mozilla
      [11/09/2012 19:47] [11/09/2012 19:47] [DI] C:\Users\Rafa\AppData\Roaming\OpenOffice.org
      [12/03/2013 20:38] [14/09/2012 10:51] [DI] C:\Users\Rafa\AppData\Roaming\Pro Cycling Manager 2009
      [27/12/2012 20:03] [27/09/2012 17:19] [DI] C:\Users\Rafa\AppData\Roaming\Real
      [26/12/2012 19:19] [26/12/2012 19:19] [DI] C:\Users\Rafa\AppData\Roaming\RealNetworks
      [05/11/2012 11:56] [05/11/2012 11:56] [DI] C:\Users\Rafa\AppData\Roaming\StageManager
      [07/03/2013 17:03] [10/09/2012 9:32] [DI] C:\Users\Rafa\AppData\Roaming\uTorrent
      [15/12/2012 19:33] [14/12/2012 11:09] [DI] C:\Users\Rafa\AppData\Roaming\Wacom
      [ 10/09/2012 9:43] [ 10/09/2012 9:43] [DI] C:\Users\Rafa\AppData\Roaming\WinRAR
      [ 03/04/2013 7:36] [ 10/09/2012 13:47] [DI] C:\Users\Rafa\AppData\Roaming\WTablet
      [10/09/2012 13:47] [10/09/2012 13:47] [DI] C:\Users\Rafa\AppData\Roaming\WTouch
      [ 04/12/2012 9:50] [ 31/10/2012 19:39] [DI] C:\Users\Rafa\AppData\Roaming\Wuala
      [14/12/2012 11:09] [11/09/2012 9:19] [D] C:\Program Files\Adobe
      [11/09/2012 12:50] [11/09/2012 12:50] [D] C:\Program Files\Adobe Media Player
      [07/12/2009 12:13] [07/12/2009 12:13] [D] C:\Program Files\AGEIA Technologies
      [06/11/2012 21:42] [06/11/2012 21:42] [D] C:\Program Files\AMP Font Viewer
      [22/01/2013 11:36] [22/01/2013 11:36] [D] C:\Program Files\Apple Software Update
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\Program Files\Archivos comunes
      [25/02/2013 9:52] [25/02/2013 9:52] [D] C:\Program Files\Avira
      [02/11/2012 10:00] [02/11/2012 10:00] [D] C:\Program Files\BlackBeanGames
      [23/01/2013 13:59] [23/01/2013 13:59] [D] C:\Program Files\CCleaner
      [10/09/2012 12:52] [10/09/2012 12:50] [D] C:\Program Files\CheckPoint
      [07/03/2013 17:55] [07/03/2013 17:55] [D] C:\Program Files\City Interactive
      [11/09/2012 17:50] [11/09/2012 17:50] [D] C:\Program Files\Codemasters
      [01/04/2013 15:07] [14/07/2009 4:37] [D] C:\Program Files\Common Files
      [10/09/2012 13:34] [10/09/2012 13:34] [D] C:\Program Files\Corel
      [14/09/2012 10:42] [14/09/2012 10:31] [D] C:\Program Files\Cyanide
      [07/12/2009 12:40] [07/12/2009 12:38] [D] C:\Program Files\CyberLink
      [14/01/2013 9:34] [14/01/2013 9:34] [D] C:\Program Files\DAEMON Tools Lite
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [09/09/2012 20:28] [09/09/2012 20:28] [D] C:\Program Files\DIFX
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\DVD Maker
      [14/09/2012 12:39] [14/09/2012 12:39] [D] C:\Program Files\EA GAMES
      [11/11/2012 12:44] [13/09/2012 18:31] [D] C:\Program Files\EA SPORTS
      [03/04/2013 7:42] [03/04/2013 7:42] [D] C:\Program Files\ESET
      [27/11/2012 9:41] [27/11/2012 9:33] [D] C:\Program Files\F1 2012
      [18/01/2013 11:47] [18/01/2013 11:47] [D] C:\Program Files\FileZilla FTP Client
      [13/10/2012 13:43] [13/10/2012 13:43] [D] C:\Program Files\Fox
      [09/09/2012 20:28] [09/09/2012 20:28] [D] C:\Program Files\Garmin
      [09/09/2012 20:28] [09/09/2012 20:28] [D] C:\Program Files\Garmin GPS Plugin
      [01/04/2013 21:47] [08/09/2012 21:50] [D] C:\Program Files\Glary Utilities
      [04/10/2012 13:41] [04/10/2012 13:41] [D] C:\Program Files\GoldenCheetah
      [31/03/2013 20:59] [09/09/2012 20:41] [D] C:\Program Files\Google
      [22/01/2013 20:28] [22/01/2013 20:28] [D] C:\Program Files\Illusion
      [04/02/2013 10:39] [07/12/2009 12:16] [HD] C:\Program Files\InstallShield Installation Information
      [14/03/2013 18:04] [14/07/2009 4:37] [D] C:\Program Files\Internet Explorer
      [14/01/2013 9:33] [31/10/2012 19:40] [D] C:\Program Files\Java
      [08/09/2012 22:09] [08/09/2012 21:33] [D] C:\Program Files\Logitech
      [25/01/2013 21:49] [25/01/2013 21:49] [D] C:\Program Files\Malwarebytes' Anti-Malware
      [29/09/2012 20:35] [07/12/2009 12:58] [D] C:\Program Files\Microsoft
      [17/09/2012 0:15] [17/09/2012 0:15] [D] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [14/07/2009 11:08] [14/07/2009 6:52] [D] C:\Program Files\Microsoft Games
      [16/09/2012 23:08] [16/09/2012 23:08] [D] C:\Program Files\Microsoft Games for Windows - LIVE
      [17/09/2012 0:15] [07/12/2009 12:42] [D] C:\Program Files\Microsoft Office
      [14/03/2013 18:04] [07/12/2009 13:00] [D] C:\Program Files\Microsoft Silverlight
      [07/12/2009 12:58] [07/12/2009 12:58] [D] C:\Program Files\Microsoft SQL Server Compact Edition
      [07/12/2009 12:59] [07/12/2009 12:59] [D] C:\Program Files\Microsoft Sync Framework
      [10/10/2012 14:10] [07/12/2009 12:41] [D] C:\Program Files\Microsoft Works
      [09/09/2012 19:37] [07/12/2009 12:45] [D] C:\Program Files\Microsoft.NET
      [08/03/2013 19:28] [08/03/2013 19:28] [D] C:\Program Files\Mozilla Firefox
      [10/03/2013 11:12] [05/03/2013 11:46] [D] C:\Program Files\Mozilla Maintenance Service
      [14/07/2009 6:52] [14/07/2009 6:52] [D] C:\Program Files\MSBuild
      [11/09/2012 15:41] [11/09/2012 15:40] [D] C:\Program Files\MWSnap
      [11/09/2012 18:10] [11/09/2012 18:10] [D] C:\Program Files\OpenOffice.org 3
      [16/01/2013 11:22] [16/01/2013 11:22] [D] C:\Program Files\PDF Architect
      [16/01/2013 13:24] [16/01/2013 11:21] [D] C:\Program Files\PDFCreator
      [11/09/2012 10:40] [11/09/2012 10:40] [D] C:\Program Files\Polar
      [22/01/2013 19:16] [22/01/2013 19:16] [D] C:\Program Files\PrivitizeVPN
      [29/09/2012 19:48] [29/09/2012 19:48] [D] C:\Program Files\Quark
      [05/03/2013 20:07] [22/01/2013 11:37] [D] C:\Program Files\QuickTime
      [26/12/2012 19:18] [27/09/2012 17:19] [D] C:\Program Files\Real
      [26/12/2012 19:18] [26/12/2012 19:18] [D] C:\Program Files\RealNetworks
      [07/12/2009 12:16] [07/12/2009 12:16] [D] C:\Program Files\Realtek
      [14/07/2009 6:52] [14/07/2009 6:52] [D] C:\Program Files\Reference Assemblies
      [10/09/2012 13:47] [10/09/2012 13:46] [D] C:\Program Files\Tablet
      [10/09/2012 13:47] [10/09/2012 13:47] [D] C:\Program Files\TabletPlugins
      [07/12/2009 12:17] [07/12/2009 12:16] [HD] C:\Program Files\Temp
      [30/10/2012 17:54] [30/10/2012 17:54] [D] C:\Program Files\Trend Micro
      [04/02/2013 10:38] [01/02/2013 11:42] [D] C:\Program Files\Ubi Soft
      [04/02/2013 9:55] [04/02/2013 9:46] [D] C:\Program Files\Ubisoft
      [14/07/2009 6:53] [14/07/2009 6:53] [HD] C:\Program Files\Uninstall Information
      [15/01/2013 9:11] [10/09/2012 9:33] [D] C:\Program Files\uTorrent
      [27/02/2013 18:39] [27/02/2013 18:39] [D] C:\Program Files\VS Revo Group
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\Windows Defender
      [10/09/2012 17:44] [14/07/2009 11:08] [D] C:\Program Files\Windows Journal
      [17/09/2012 9:49] [07/12/2009 12:57] [D] C:\Program Files\Windows Live
      [07/12/2009 12:57] [07/12/2009 12:57] [D] C:\Program Files\Windows Live SkyDrive
      [10/09/2012 17:44] [14/07/2009 4:37] [D] C:\Program Files\Windows Mail
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\Windows Media Player
      [08/09/2012 21:15] [14/07/2009 4:37] [D] C:\Program Files\Windows NT
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\Windows Photo Viewer
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\Windows Portable Devices
      [10/09/2012 17:44] [14/07/2009 6:52] [D] C:\Program Files\Windows Sidebar
      [10/09/2012 9:43] [10/09/2012 9:43] [D] C:\Program Files\WinRAR
      [10/09/2012 13:47] [10/09/2012 13:47] [D] C:\Program Files\WTouch
      [31/10/2012 19:41] [31/10/2012 19:41] [D] C:\Program Files\Wuala CBFS
      [15/02/2013 9:29] [07/12/2009 12:37] [DI] C:\ProgramData\Adobe
      [11/09/2012 13:04] [11/09/2012 13:04] [DI] C:\ProgramData\ALM
      [22/01/2013 11:36] [22/01/2013 11:36] [DI] C:\ProgramData\Apple
      [22/01/2013 11:37] [22/01/2013 11:37] [DI] C:\ProgramData\Apple Computer
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Application Data
      [25/02/2013 9:52] [25/02/2013 9:52] [DI] C:\ProgramData\Avira
      [01/04/2013 15:10] [01/04/2013 15:06] [DI] C:\ProgramData\BlueStacksSetup
      [10/09/2012 12:50] [10/09/2012 12:50] [DI] C:\ProgramData\CheckPoint
      [27/11/2012 9:43] [27/11/2012 9:43] [DI] C:\ProgramData\Codemasters
      [18/09/2012 10:24] [10/09/2012 13:36] [DI] C:\ProgramData\Corel
      [07/12/2009 12:40] [07/12/2009 12:38] [DI] C:\ProgramData\CyberLink
      [11/09/2012 12:16] [08/09/2012 22:06] [DI] C:\ProgramData\DAEMON Tools Lite
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Datos de programa
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Desktop
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Documentos
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Documents
      [03/04/2013 7:38] [01/04/2013 15:07] [DI] C:\ProgramData\eSafe
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Escritorio
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Favorites
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Favoritos
      [26/09/2012 17:54] [21/09/2012 9:51] [DI] C:\ProgramData\iolo
      C:\ProgramData\KGyGaAvL.sys [HSAI] 2,45 KB 0
      [08/09/2012 21:34] [08/09/2012 21:33] [DI] C:\ProgramData\LogiShrd
      [28/09/2012 10:28] [28/09/2012 10:28] [DI] C:\ProgramData\Malwarebytes
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Menú Inicio
      [29/09/2012 20:35] [14/07/2009 4:37] [SDI] C:\ProgramData\Microsoft
      [14/03/2013 13:15] [07/12/2009 12:43] [DI] C:\ProgramData\Microsoft Help
      [08/09/2012 21:21] [08/09/2012 21:21] [DI] C:\ProgramData\Mozilla
      [07/01/2010 11:17] [07/12/2009 12:15] [DI] C:\ProgramData\NVIDIA
      [08/09/2012 21:15] [08/09/2012 21:15] [HSDLI] C:\ProgramData\Plantillas
      [26/12/2012 19:20] [27/09/2012 17:18] [DI] C:\ProgramData\Real
      [26/12/2012 19:18] [26/12/2012 19:18] [DI] C:\ProgramData\RealNetworks
      [11/09/2012 13:30] [11/09/2012 13:30] [DI] C:\ProgramData\regid.1986-12.com.adobe
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Start Menu
      [31/10/2012 19:41] [31/10/2012 19:41] [DI] C:\ProgramData\Sun
      [07/12/2009 12:39] [07/12/2009 12:38] [DI] C:\ProgramData\Temp
      [08/09/2012 21:49] [08/09/2012 21:49] [HSDLI] C:\ProgramData\Templates
      [07/12/2009 12:48] [07/12/2009 12:48] [DI] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

      ==================== EOF ==================
      ---------------------------------------------------------------------------------------

      AdwCleaner

      # AdwCleaner v2.115 - Fichero creado el 03/04/2013 a 10:55:31
      # Actualizado el 17/03/2013 por Xplode
      # Sistema operativo : Windows 7 Home Premium Service Pack 1 (32 bits)
      # Usuario : Rafa - RAFA-PC
      # Modo de inicio : Modo seguro con funciones de red
      # Ejecutado desde : C:\Users\Rafa\Desktop\adwcleaner.exe
      # Opción [Supresión]


      ***** [Servicios] *****


      ***** [Ficheros / Carpetas] *****

      Carpeta Suprimido : C:\Users\Rafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk
      Suprimido al reiniciar : C:\Users\Rafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk

      ***** [Registro] *****

      Clave Supprimida : HKCU\Software\Google\Chrome\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk
      Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk

      ***** [Navegadores] *****

      -\\ Internet Explorer v9.0.8112.16470

      [OK] El registro no contiene ninguna entrada ilegítima.

      -\\ Mozilla Firefox v19.0.2 (es-ES)

      Fichero : C:\Users\Rafa\AppData\Roaming\Mozilla\Firefox\Profiles\pxscglek.default\prefs.js

      [OK] El fichero no contiene ninguna entrada ilegítima.

      Fichero : C:\Users\Invitado\AppData\Roaming\Mozilla\Firefox\Profiles\vq2wd9de.default\prefs.js

      [OK] El fichero no contiene ninguna entrada ilegítima.

      -\\ Google Chrome v26.0.1410.43

      Fichero : C:\Users\Rafa\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] El fichero no contiene ninguna entrada ilegítima.

      *************************

      AdwCleaner[S1].txt - [2402 octets] - [02/04/2013 20:02:12]
      AdwCleaner[S2].txt - [1617 octets] - [03/04/2013 10:55:31]

      ########## EOF - C:\AdwCleaner[S2].txt - [1677 octets] ##########
      --------------------------------------------------------------------------------------

    4. #4
      Usuario Habitual Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.537

      re: Malware Qvo 6.(solucionado)

      Hola!

      ok! el problema es que el maldito virus es algo duro.

      Sigamos:


      Desinstala GoogleChorme y Mozilla con este programa en MODO AVANZADO:

      Revo Uninstaller | InfoSpyware ---> Manual de Revo Uninstaller

      Luego (sin instalarlo) haces esto:

      NOTA: en el ccleaner usa limpiador de registro y basura y el otro de registro

      CCleaner - Descargar | InfoSpyware ----> Manual de CCleaner

      Argente - Registry Cleaner | InfoSpyware ----> Manual de Argente - Registry Cleaner


      y ahora si lo descargas desde aqui y lo instalas:

      Navegador web Firefox en español de España | Más rápido, más seguro y más personalizable


      https://www.google.com/intl/es/chrome/browser/?hl=es




      PD: con IE has esto porfavor:

      Cómo restablecer la configuración de Internet Explorer


      saludos!!
      #BarcelonaS.C <3 #TrueHistory! By:Martyn :''D

    5. #5
      Usuario Avatar de rafamalaga
      Registrado
      oct 2007
      Ubicación
      españa
      Mensajes
      12

      re: Malware Qvo 6.(solucionado)

      Ahora si, genial. Ya no me sale el Qvo6 en ningún navegador.
      Muchas gracias por la ayuda :)
      Se puede dar por cerrado el tema.
      saludos!

    6. #6
      Usuario Habitual Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.537

      re: Malware Qvo 6.(solucionado)

      Hola!

      solo quedaria que hagas esto:

      Desinstala ESET (en caso de que lo descargaras) Lo desinstalas como un programa normal

      Abre AT DESTROYER y dale a "Desinstalar"

      Abre AdwCleaner y dale a Desinstalar

      El Ccleaner te recomiendo que lo dejes :D!

      con MALWAREBYTES haces esto:



      La herramienta de eliminación de rastros tras la desinstalación de Malwarebytes se debe de usar del siguiente modo:

      • Desinstale MBAM y reinicie su equipo.
      • Descargue y ejecute mbam-clean.exe
      • Reinicie nuevamente su equipo.

      Una ves hecho todo eso pasa el Ccleaner en modo limpiador y registro!

      luegos haces esto:

      ¿Cómo puedo borrar la memoria caché de Java?

      y ahora si me das la orden y cierro el tema

      saludos
      #BarcelonaS.C <3 #TrueHistory! By:Martyn :''D

    7. #7
      Usuario Avatar de rafamalaga
      Registrado
      oct 2007
      Ubicación
      españa
      Mensajes
      12

      re: Malware Qvo 6.(solucionado)

      Listo, he hecho como me has dicho.
      Todo perfecto, muchas gracias, podemos dar por cerrado el tema.
      Saludos!!