• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 11

    !!!Virus del Grupo de Delitos Telemáticos !!Urgente

    ...

    1. #1
      Usuario Avatar de facumaxx
      Registrado
      jun 2014
      Ubicación
      Argentina
      Mensajes
      6

      Atención !!!Virus del Grupo de Delitos Telemáticos !!Urgente

      Bueno pasa que hoy estaba navegando en incognito con el google chrome en paginas
      xxx , y resulta que derrepente me aparece una ventana aparte abierta del mismo navegador
      q decia q provoque un delito por descargar musica pirata ilegalmente y otras boludeces, y me puse
      a averiguar (estaba muy asustado) y resulta que me encontre con esto http://www.pcrisk.es/guias-de-desinfeccion/7244-virus-del-grupo-de-delitos-telematicos-su-ordenador-personal-ha-sido-bloqueado

      y use un programa llamado Info Spyware para ver si alguien entro a mi ordenador o algo asi y me aparecio esto


      [CODE]~~~~~~~~~~~| Inicio:

      *IFS (InfoSpyware First Steps) v 1.1
      *www.InfoSpyware.com | www.ForoSpyware.com
      *Iniciado: 11/06/2014 a las 15h.23m.44s

      ~~~~~~~~~~~| Información del Sistema:

      OS: Microsoft Windows 7 Ultimate x64 Service Pack 1
      Idioma: Spanish (Spain, International Sort) (España|es-ES)
      Permisos de Administrador / ON
      Windows se Inició en Modo Seguro con Funciones de Red
      Drive: C:\Windows (Install: \Device\HarddiskVolume2)

      ~~~~~~~~~~~| Arquitectura Fisica:

      CPU: Gigabyte Technology Co., Ltd.
      CPU Modelo: To be filled by O.E.M.
      Procesador: AMD A4-3300 APU with Radeon(tm) HD Graphics (x64-BasedPC)
      Memoria RAM: 3 Gb. En Uso: 35 %
      Video: AMD Radeon HD 6410D
      Chip: AMD Radeon HD 6410D (0x9645) Capacidad video:512 MB (Internal DAC(400MHz))

      ~~~~~~~~~~~| Unidades

      C: [FIXED|NTFS|SYS] - [148.9 Gb][61.9 Gb][86.10 Gb]
      E: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      F: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      G: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      H: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      D: [CDROM]
      I: [CDROM]
      C:\ Fragmentación total 36.73% - Desfragmentar unidad

      ~~~~~~~~~~~| Seguridad del SO

      SafeBoot: Inicio en Modo seguro Correcto
      Security Center: Correcto (Servicio Activo)
      Windows Update: Correcto (Servicio Activo) [LST: 2013-07-08 16:12:06][LD: 2013-07-08 18:14:16][LI: 2013-07-08 17:59:25][LRP: 2014-05-09 20:05:49]
      AV: avast! Antivirus *Protección Residente [ON] / Actualizado*
      SP: Windows Defender *Protección Residente [ON] / Actualizar*
      SP: avast! Antivirus *Protección Residente [ON] / Actualizado*
      FW: Windows Firewall *Habilitado*

      ~~~~~~~~~~~| Update Check

      Internet Explorer Versión Instalada 10 (Requiere Actualización)
      Mozilla FireFox Versión Instalada 29.0.1
      Google Chrome Versión Instalada 35.0.1916.114
      Adobe Flash Player Versión Instalada 13.0
      Consola Java Versión Instalada 7 Update 51 (7.0.510.13)

      ~~~~~~~~~~~| Process List


      ~~~~~~~~~~~| Install Check


      avast! Free Antivirus [9.0.2018]

      ~~~~~~~~~~~| Registry Check

      HKLM\Run: []
      HKLM\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
      HKLM\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
      HKLM\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      HKLM\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
      HKLM\Run: [GoogleChromeAutoLaunch_CF0D12F859BF15DAB73FDD0B7E1E013D] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
      Winlogon(x64): Shell = explorer.exe
      Winlogon: Shell = explorer.exe
      Userinit(x64): Userinit = C:\Windows\system32\userinit.exe,
      Userinit: Userinit = C:\Windows\system32\userinit.exe,

      [HKCR\.\.open\command] -> Navegador Preferido es FireFox
      user_pref("browser.search.defaultenginename", "Trovi search");
      user_pref("browser.search.selectedEngine", "Trovi search");
      user_pref("browser.search.useDBForOrder", "false");
      user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3326021&octid=EB_ORIGINAL_CTID&ISID=M18538253-D201-49AE-BF8D-C5F1C1DC5778&SearchSource=55&CUI=&UM=5&UP=SP24416720-EEAD-4CC7-8A95-07B8973CFABD&SSPV=");

      ~~~~~~~~~~~| PUPs Check

      HKCU\Software\1ClickDownload
      HKCU64\Software\1ClickDownload
      HKCU\Software\Conduit
      HKCU\Software\AppDataLow\Software\Conduit
      HKCU64\Software\Conduit
      HKCU\Software\lollipop
      HKCU64\Software\lollipop
      HKLM\Software\SearchProtect
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
      HKCU\Software\AppDataLow\Software\Smartbar
      HKCU\Software\Softonic
      HKCU64\Software\Softonic
      HKCU\Software\systweak
      HKLM\Software\systweak
      HKCU64\Software\systweak
      HKLM64\SOFTWARE\Tarma Installer

      C:\Users\Usuario\AppData\Local\Conduit
      C:\Users\Usuario\AppData\LocalLow\Conduit
      C:\Users\Usuario\AppData\Local\cre
      C:\Users\Usuario\AppData\Roaming\GetRightToGo
      C:\Users\Usuario\AppData\Local\lollipop
      C:\Program Files (x86)\SearchProtect
      C:\Users\Usuario\AppData\Local\SearchProtect
      C:\Program Files (x86)\SimilarSites
      C:\Users\Usuario\AppData\Roaming\SimilarSites
      C:\Users\Usuario\AppData\Roaming\systweak
      C:\Users\Usuario\AppData\LocalLow\TB

      ~~~~~~~~~~~| Listado 7 Días (Predeterminado)

      [11/06/2014 15:23] - C:\FSTool
      [11/06/2014 15:23] - C:\IFS.log

      ~~~~~~~~~~~| End Report
      *Finalizado 15:27:11
      *Se limpiaron los archivos temporales
      *[1593670] C:\Users\Usuario\Downloads\IFS.exe
      *Herramienta de Análisis e investigación [/CODE

      Espero su ayuda urgente! gracias

    2. #2
      Moderador
      Avatar de @JonathanM
      Registrado
      may 2006
      Ubicación
      Chile
      Mensajes
      11.752

      Re: !!!Virus del Grupo de Delitos Telemáticos !!Urgente

      Hola

      Recomendación... deja de entrar a páginas de XXX, lo unico que hace es infectar el sistema y no es bueno para ti y para nadie.

      Y por lo visto estas muy infectado...

      [HKCR\.\.open\command] -> Navegador Preferido es FireFox
      user_pref("browser.search.defaultenginename", "Trovi search");
      user_pref("browser.search.selectedEngine", "Trovi search");
      user_pref("browser.search.useDBForOrder", "false");
      user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3326021&octid=EB_ORIGINAL_CTID&ISID=M18538253-D201-49AE-BF8D-C5F1C1DC5778&SearchSource=55&CUI=&UM=5&UP=SP24416720-EEAD-4CC7-8A95-07B8973CFABD&SSPV=");


      HKCU\Software\1ClickDownload
      HKCU64\Software\1ClickDownload
      HKCU\Software\Conduit
      HKCU\Software\AppDataLow\Software\Conduit
      HKCU64\Software\Conduit
      HKCU\Software\lollipop
      HKCU64\Software\lollipop
      HKLM\Software\SearchProtect
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
      HKCU\Software\AppDataLow\Software\Smartbar
      HKCU\Software\Softonic
      HKCU64\Software\Softonic
      HKCU\Software\systweak
      HKLM\Software\systweak
      HKCU64\Software\systweak
      HKLM64\SOFTWARE\Tarma Installer

      C:\Users\Usuario\AppData\Local\Conduit
      C:\Users\Usuario\AppData\LocalLow\Conduit
      C:\Users\Usuario\AppData\Local\cre
      C:\Users\Usuario\AppData\Roaming\GetRightToGo
      C:\Users\Usuario\AppData\Local\lollipop
      C:\Program Files (x86)\SearchProtect
      C:\Users\Usuario\AppData\Local\SearchProtect
      C:\Program Files (x86)\SimilarSites
      C:\Users\Usuario\AppData\Roaming\SimilarSites
      C:\Users\Usuario\AppData\Roaming\systweak
      C:\Users\Usuario\AppData\LocalLow\TB
      Para una buena desinfección, descarga y guardar las herramientas en el ¡Escritorio! es muy importante seguir el procedimiento como se te escriben para avanzar con el tema sin ningún problema, debes respetar el orden de los pasos. Si ya tienes las aplicaciones qué se manda a descargar, no hace falta que lo vuelvas a bajar.

      Realiza estos pasos:

      << Paso 1 >> Descarga y lo guardas en el Escritorio



      << Paso 2 >> Usa el Ccleaner para limpiar el sistema.
      Primero utilizá la opción de "Limpiador"para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos. Luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

      Deshabilita temporalmente tu antivirus. y cierra todos los programas abiertos..
      << Paso 3 >> Ejecuta Junkware Removal Tool utility (en Windows 7 u 8 ejecutar como "Administrador")

      • Presiona cualquier tecla para continuar y espera pacientemente a que termine su proceso.
      • Al finalizar, un registro (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próximo mensaje de respuesta


      << Paso 4 >> Ejecuta AdwCleaner a tu escritorio (En Windows Vista o 7, presiona clic derecho sobre el ícono y elige Ejecutar como Administrador)

      • Presiona Escanear, luego que termine el análisis, presiona el botón limpiar.
      • El programa te pedira qué reinicies el sistema, dile
      • Al reinicio se te abrira el informe (reporte).
      • Nos pones el informe de AdwCleaner en este mismo tema.


      << Paso 5 >> Ejecuta Malwarebytes' Anti-Malware. (Previamente actualizado)

      • Realiza un escaneo completo del PC y elimina las infecciones que este detecte. El reporte queda guardado en la pestaña "Logs" o "Registros" en español, abres el reporte y copias el contenido para pegarlo en este tema.


      • Nos pegas los reporte en este orden:
        • JRT
        • AdwCleaner
        • MBAM
      NOTA IMPORTANTE

      NO Pongas los Reportes Dentro de Etiquetas Code ni HTML.
      NO descargues o instales mas programas mientras terminamos la desinfección.

      Salu2
      Recuerda volver y nos comentas los resultados
      <¡D3vIL!>

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de facumaxx
      Registrado
      jun 2014
      Ubicación
      Argentina
      Mensajes
      6

      Re: !!!Virus del Grupo de Delitos Telemáticos !!Urgente

      El malwarebytes Malwarebytes Anti-Malware 2.0 | InfoSpyware ahi cuando lo descargo y lo ejecuto me aparece un error que dice "The setup files are corrupted. Please obtain a new copy of the program"

    4. #4
      Usuario Avatar de facumaxx
      Registrado
      jun 2014
      Ubicación
      Argentina
      Mensajes
      6

      Re: !!!Virus del Grupo de Delitos Telemáticos !!Urgente

      iD3vil Por las dudas antes de ha ver echo todo esto utilize un programa de esta pagina q se llama polifix para ver si me sacaba el virus policia o algo asi y me dio esto de info spyware :

      //////////////////// PoliFix 2.0.8.3 By InfoSpyware ////////////////////

      Ejecutado Desde: J:\polifix.exe
      Fecha: 11/06/2014 | Hora: 16:08:10
      Sistema Operativo: Windows 7 De X64 Bits
      Modo De Arranque: Modo Normal
      Usuario: Usuario | (Administrador)
      Version De Java 32: 7.0.510.13
      Version De Java 64: No Instalado
      Punto de Restauracion: PoliFix_2.0.8.3


      =========================== Malwares Eliminados ===========================



      ============================= Poli-Heurística =============================


      ================================== Startup ================================

      HKLM - Run: [] -
      HKLM - Run: [AvastUI.exe] - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
      HKLM - Run: [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
      HKLM - Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      HKCU - Run: [ares] - "C:\Program Files (x86)\Ares\Ares.exe" -h
      HKCU - Run: [GoogleChromeAutoLaunch_CF0D12F859BF15DAB73FDD0B7E1E013D] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
      Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = C:\Users\Usuario\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe


      ============================ Scan Suplementario ===========================

      C:\ProgramData\Adobe
      C:\ProgramData\AMD
      C:\ProgramData\Ament.ini
      C:\ProgramData\APN
      C:\ProgramData\Application Data
      C:\ProgramData\ATI
      C:\ProgramData\AVAST Software
      C:\ProgramData\Codemasters
      C:\ProgramData\Common Files
      C:\ProgramData\C__Users_Usuario_AppData_Local_Temp_ir_ext_temp_0_AutoPlay_Docs_RealHideIP.exe
      C:\ProgramData\C__Users_Usuario_AppData_Local_Temp_ir_ext_temp_0_AutoPlay_Docs_SmartHideIP.exe
      C:\ProgramData\DAEMON Tools Lite
      C:\ProgramData\DAEMON Tools Pro
      C:\ProgramData\Datos de programa
      C:\ProgramData\Desktop
      C:\ProgramData\Documentos
      C:\ProgramData\Documents
      C:\ProgramData\Escritorio
      C:\ProgramData\Favorites
      C:\ProgramData\Favoritos
      C:\ProgramData\HP
      C:\ProgramData\IePluginService
      C:\ProgramData\InstallMate
      C:\ProgramData\ItsReadyApp
      C:\ProgramData\LogMeIn
      C:\ProgramData\Malwarebytes
      C:\ProgramData\Menú Inicio
      C:\ProgramData\MFAData
      C:\ProgramData\Microsoft
      C:\ProgramData\Microsoft Help
      C:\ProgramData\Mozilla
      C:\ProgramData\Nero
      C:\ProgramData\Oracle
      C:\ProgramData\Package Cache
      C:\ProgramData\Plantillas
      C:\ProgramData\PMB Files
      C:\ProgramData\RealHideIP
      C:\ProgramData\SecuROM
      C:\ProgramData\Skype
      C:\ProgramData\SmartHideIP
      C:\ProgramData\Solid State Networks
      C:\ProgramData\Solidshield
      C:\ProgramData\Start Menu
      C:\ProgramData\Steam
      C:\ProgramData\Sun
      C:\ProgramData\Tarma Installer
      C:\ProgramData\Templates
      C:\ProgramData\Ubisoft
      C:\ProgramData\WPM
      C:\Users\Usuario\AppData\Roaming\.minecraft
      C:\Users\Usuario\AppData\Roaming\.minecraft - copia.zip
      C:\Users\Usuario\AppData\Roaming\Adobe
      C:\Users\Usuario\AppData\Roaming\asdasdasdasd
      C:\Users\Usuario\AppData\Roaming\ATI
      C:\Users\Usuario\AppData\Roaming\AVAST Software
      C:\Users\Usuario\AppData\Roaming\Avnex
      C:\Users\Usuario\AppData\Roaming\BSplayer PRO
      C:\Users\Usuario\AppData\Roaming\C__Users_Usuario_AppData_Local_Temp_ir_ext_temp_0_AutoPlay_Docs_RealHideIP.exe
      C:\Users\Usuario\AppData\Roaming\C__Users_Usuario_AppData_Local_Temp_ir_ext_temp_0_AutoPlay_Docs_SmartHideIP.exe
      C:\Users\Usuario\AppData\Roaming\DAEMON Tools Lite
      C:\Users\Usuario\AppData\Roaming\DAEMON Tools Pro
      C:\Users\Usuario\AppData\Roaming\DeskTunes
      C:\Users\Usuario\AppData\Roaming\DiskDefrag
      C:\Users\Usuario\AppData\Roaming\Dropbox
      C:\Users\Usuario\AppData\Roaming\DVD Flick
      C:\Users\Usuario\AppData\Roaming\GetRightToGo
      C:\Users\Usuario\AppData\Roaming\GlarySoft
      C:\Users\Usuario\AppData\Roaming\Hamachi
      C:\Users\Usuario\AppData\Roaming\HpUpdate
      C:\Users\Usuario\AppData\Roaming\Identities
      C:\Users\Usuario\AppData\Roaming\IminentToolbar
      C:\Users\Usuario\AppData\Roaming\IMVU
      C:\Users\Usuario\AppData\Roaming\IMVUClient
      C:\Users\Usuario\AppData\Roaming\launcher_profiles.json
      C:\Users\Usuario\AppData\Roaming\libraries
      C:\Users\Usuario\AppData\Roaming\LolClient
      C:\Users\Usuario\AppData\Roaming\Macromedia
      C:\Users\Usuario\AppData\Roaming\Malwarebytes
      C:\Users\Usuario\AppData\Roaming\Media Center Programs
      C:\Users\Usuario\AppData\Roaming\Microsoft
      C:\Users\Usuario\AppData\Roaming\minecraft 1.6.4 copia de seguridad
      C:\Users\Usuario\AppData\Roaming\MKKE
      C:\Users\Usuario\AppData\Roaming\mods164copiade de seguridad
      C:\Users\Usuario\AppData\Roaming\MotioninJoy
      C:\Users\Usuario\AppData\Roaming\Mozilla
      C:\Users\Usuario\AppData\Roaming\Need for Speed World
      C:\Users\Usuario\AppData\Roaming\Nero
      C:\Users\Usuario\AppData\Roaming\newnext.me
      C:\Users\Usuario\AppData\Roaming\PunkBuster
      C:\Users\Usuario\AppData\Roaming\RealHideIP
      C:\Users\Usuario\AppData\Roaming\Riot Games
      C:\Users\Usuario\AppData\Roaming\SecondLife
      C:\Users\Usuario\AppData\Roaming\SecuROM
      C:\Users\Usuario\AppData\Roaming\SimilarSites
      C:\Users\Usuario\AppData\Roaming\Skype
      C:\Users\Usuario\AppData\Roaming\SmartHideIP
      C:\Users\Usuario\AppData\Roaming\SupTab
      C:\Users\Usuario\AppData\Roaming\systweak
      C:\Users\Usuario\AppData\Roaming\Theta
      C:\Users\Usuario\AppData\Roaming\Unity
      C:\Users\Usuario\AppData\Roaming\uTorrent
      C:\Users\Usuario\AppData\Roaming\versions
      C:\Users\Usuario\AppData\Roaming\WinRAR
      C:\Users\Usuario\AppData\Roaming\WinZipper
      C:\Users\Usuario\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42
      C:\Users\Usuario\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B
      C:\Users\Usuario\AppData\Local\Temp\jrt
      C:\Users\Usuario\AppData\Local\Temp\~DF73DBF0E78047A133.TMP


      ========================== 11/06/2014 - 16:08:41 ==========================

    5. #5
      Moderador
      Avatar de @JonathanM
      Registrado
      may 2006
      Ubicación
      Chile
      Mensajes
      11.752

      Re: !!!Virus del Grupo de Delitos Telemáticos !!Urgente

      Hola

      Elimina los temporales, cookies y todo archivo innecesario con Ccleaner e intenta descargar MBAM, Porfavor hace los pasos que te puse y no otros ya que nos liamos ok.

      Espero los reporte de:

      JRT
      AdwCleaner
      MBAM
      Saludos
      <¡D3vIL!>

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de facumaxx
      Registrado
      jun 2014
      Ubicación
      Argentina
      Mensajes
      6

      Re: !!!Virus del Grupo de Delitos Telemáticos !!Urgente

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Thisisu
      Version: 6.1.4 (04.06.2014:1)
      OS: Windows 7 Ultimate x64
      Ran by Usuario on 11/06/2014 at 16:30:13,86
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      ~~~ Services



      ~~~ Registry Values

      Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
      Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
      Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
      Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
      Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



      ~~~ Registry Keys

      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api
      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api.1
      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers
      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers.1
      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\webcakeieclient.dll
      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
      Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\distromatic
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchprotect
      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0051581.BHO
      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0051581.Sandbox
      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0051581.Sandbox.1
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0051581.BHO
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0051581.Sandbox
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0051581.Sandbox.1
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511151181}
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}



      ~~~ Files

      Successfully deleted: [File] "C:\end"



      ~~~ Folders

      Successfully deleted: [Folder] "C:\ProgramData\apn"
      Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
      Successfully deleted: [Folder] "C:\Users\Usuario\AppData\Roaming\getrighttogo"
      Successfully deleted: [Folder] "C:\Users\Usuario\AppData\Roaming\newnext.me"
      Successfully deleted: [Folder] "C:\Users\Usuario\AppData\Roaming\similarsites"
      Successfully deleted: [Folder] "C:\Users\Usuario\AppData\Roaming\systweak"
      Successfully deleted: [Folder] "C:\Users\Usuario\appdata\locallow\conduit"
      Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
      Successfully deleted: [Folder] "C:\Program Files (x86)\secretsauce"
      Successfully deleted: [Folder] "C:\Program Files (x86)\similarsites"
      Successfully deleted: [Folder] "C:\Users\Usuario\AppData\Roaming\microsoft\windows\start menu\programs\mobogenie"
      Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



      ~~~ FireFox

      Successfully deleted: [File] C:\Users\Usuario\AppData\Roaming\mozilla\firefox\profiles\cam2fr8c.default\user.js
      Successfully deleted: [Folder] C:\Users\Usuario\AppData\Roaming\mozilla\firefox\profiles\cam2fr8c.default\extensions\[email protected]
      Successfully deleted the following from C:\Users\Usuario\AppData\Roaming\mozilla\firefox\profiles\cam2fr8c.default\prefs.js

      user_pref("CT3318151.FF19Solved", "true");
      user_pref("CT3318151.UserID", "UN40572706101762233");
      user_pref("CT3318151.fullUserID", "UN40572706101762233.IN.20140207194806");
      user_pref("CT3318151.installDate", "07/02/2014 19:48:13");
      user_pref("CT3318151.installSessionId", "{85FDED1A-1434-4FEE-9A7D-225598E677C1}");
      user_pref("CT3318151.installSp", "false");
      user_pref("CT3318151.installerVersion", "1.8.1.4");
      user_pref("CT3318151.searchRevert", "false");
      user_pref("CT3318151.searchUninstallUserMode", "1");
      user_pref("CT3318151.searchUserMode", "1");
      user_pref("CT3318151.toolbarInstallDate", "07-02-2014 19:48:07");
      user_pref("CT3318151.versionFromInstaller", "10.23.0.722");
      user_pref("CT3318151.xpeMode", "1");
      user_pref("accessibility.lightning.homepage", "hxxp://www.awesomehp.com/?type=hp&ts=1392737071&from=ild&uid=SAMSUNGXHD161GJ_S14DJ9DS823125");
      user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.testingGaq.value", "%22hxxp%3A//extclickmedia-maynemyltf.netdna-ss
      user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
      user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.name", "FTdownloader V9.0");
      user_pref("extensions.crossrider.bic", "143ca61308ebab002bdbc8cc6514c034");
      user_pref("extensions.iminent.admin", false);
      user_pref("extensions.iminent.aflt", "orgnl");
      user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
      user_pref("extensions.iminent.autoRvrt", "false");
      user_pref("extensions.iminent.dfltLng", "");
      user_pref("extensions.iminent.excTlbr", false);
      user_pref("extensions.iminent.ffxUnstlRst", false);
      user_pref("extensions.iminent.id", "005a883500000000000094de8038de96");
      user_pref("extensions.iminent.instlDay", "16095");
      user_pref("extensions.iminent.instlRef", "");
      user_pref("extensions.iminent.newTab", false);
      user_pref("extensions.iminent.prdct", "iminent");
      user_pref("extensions.iminent.prtnrId", "iminent");
      user_pref("extensions.iminent.rvrt", "false");
      user_pref("extensions.iminent.smplGrp", "none");
      user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
      user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
      user_pref("extensions.iminent.vrsn", "1.8.28.3");
      user_pref("extensions.iminent.vrsnTs", "1.8.28.314:27:57");
      user_pref("extensions.iminent.vrsni", "1.8.28.3");
      user_pref("iminent.LayoutId", "1");
      user_pref("iminent.ShowThankyouPixel", "0");
      user_pref("iminent.adapters", "{\"beamrise\":{\"CountryCode\":\"AR\",\"NoAds\":false,\"Status\":2,\"expireTime\":\"13906731421521814400\"},\"java\":{\"CountryCode\":\"AR\",\"N
      user_pref("iminent.enabledAds", "false");
      user_pref("iminent.registerToolbarEvent109", "1390860137100");
      user_pref("iminent.registerToolbarEvent111", "1390860137108");
      user_pref("iminent.registerToolbarEvent122", "1390860137116");
      user_pref("iminent.version", "8.4.3.1");
      user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.4.3.1\",\"InstallEventCTime\":1390866615115,\"InstallEvent\":\"True\"}");
      user_pref("smartbar.machineId", "FWV3C2ZJVZHKRYLVQUSU1EBN86H4MRH/RE6VLNDQVK6LP+MHR6S9AHYW1TJFUQOTS63VIBATRVH4PJWCUUWPPQ");
      Emptied folder: C:\Users\Usuario\AppData\Roaming\mozilla\firefox\profiles\cam2fr8c.default\minidumps [36 files]



      ~~~ Chrome

      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo



      ~~~ Event Viewer Logs were cleared





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 11/06/2014 at 16:37:41,13
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


      # AdwCleaner v3.212 - Reporte Creado 11/06/2014 en 16:42:23
      # Actualizado 05/06/2014 por Xplode
      # Sistema Operativo : Windows 7 Ultimate Service Pack 1 (64 bits)
      # Nombre de usuario : Usuario - USUARIO-PC
      # Ejecutado desde : C:\Users\Usuario\Desktop\adwcleaner.exe
      # Opción : Limpiar

      ***** [ Servicios ] *****

      [#] Servicio Borrar : CltMngSvc
      [#] Servicio Borrar : IePluginService
      [x] No Borrar : winzipersvc

      ***** [ Archivos / Carpetas ] *****

      Carpeta Borrar : C:\ProgramData\IePluginService
      Carpeta Borrar : C:\ProgramData\ItsReadyApp
      Carpeta Borrar : C:\ProgramData\WPM
      Carpeta Borrar : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
      Carpeta Borrar : C:\Program Files (x86)\IminentToolbar
      Carpeta Borrar : C:\Program Files (x86)\SupTab
      Carpeta Borrar : C:\Program Files (x86)\WinZipper
      Carpeta Borrar : C:\Program Files (x86)\FTdownloader V9.0
      Carpeta Borrar : C:\Users\Usuario\AppData\Local\BeamriseUninstall
      Carpeta Borrar : C:\Users\Usuario\AppData\Local\Conduit
      Carpeta Borrar : C:\Users\Usuario\AppData\Local\cool_mirage
      Carpeta Borrar : C:\Users\Usuario\AppData\Local\genienext
      Carpeta Borrar : C:\Users\Usuario\AppData\Local\lollipop
      Carpeta Borrar : C:\Users\Usuario\AppData\Local\Mobogenie
      Carpeta Borrar : C:\Users\Usuario\AppData\Local\NativeMessaging
      Carpeta Borrar : C:\Users\Usuario\AppData\Local\SearchProtect
      Carpeta Borrar : C:\Users\Usuario\AppData\LocalLow\FTdownloader V9.0
      Carpeta Borrar : C:\Users\Usuario\AppData\Roaming\IminentToolbar
      Carpeta Borrar : C:\Users\Usuario\AppData\Roaming\SupTab
      Carpeta Borrar : C:\Users\Usuario\AppData\Roaming\WinZipper
      Carpeta Borrar : C:\Users\Usuario\Documents\Mobogenie
      Carpeta Borrar : C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\cam2fr8c.default\CT3318151
      Carpeta Borrar : C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\cam2fr8c.default\Extensions\[email protected]
      Carpeta Borrar : C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\cam2fr8c.default\Extensions\[email protected]
      Carpeta Borrar : C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\cam2fr8c.default\Extensions\[email protected]
      Carpeta Borrar : C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\cam2fr8c.default\Extensions\[email protected]b397ece11.com
      Carpeta Borrar : C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\cam2fr8c.default\Extensions\{f2e99efd-72dc-4c5d-9f7c-219133ff8e40}
      Archivo Borrar : C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\cam2fr8c.default\Extensions\[email protected]
      Archivo Borrar : C:\Windows\System32\roboot64.exe
      Archivo Borrar : C:\Users\Usuario\daemonprocess.txt
      Archivo Borrar : C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\cam2fr8c.default\searchplugins\ask-search.xml
      Archivo Borrar : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\awesomehp.xml
      Archivo Borrar : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\delta-homes.xml
      Archivo Borrar : C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\cam2fr8c.default\searchplugins\iminent.xml
      Archivo Borrar : C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
      Archivo Borrar : C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
      Archivo Borrar : C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx
      Archivo Borrar : C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
      Archivo Borrar : C:\Windows\System32\Tasks\PutLockerDownloader V6.0-codedownloader
      Archivo Borrar : C:\Windows\System32\Tasks\PutLockerDownloader V6.0-firefoxinstaller
      Archivo Borrar : C:\Windows\Tasks\FTdownloader V9.0-codedownloader.job
      Archivo Borrar : C:\Windows\System32\Tasks\FTdownloader V9.0-codedownloader
      Archivo Borrar : C:\Windows\Tasks\FTdownloader V9.0-firefoxinstaller.job
      Archivo Borrar : C:\Windows\System32\Tasks\FTdownloader V9.0-firefoxinstaller

      ***** [ Accesos directos ] *****

      Acceso directo Desinfectado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      Acceso directo Desinfectado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
      Acceso directo Desinfectado : C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      Acceso directo Desinfectado : C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
      Acceso directo Desinfectado : C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
      Acceso directo Desinfectado : C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
      Acceso directo Desinfectado : C:\Users\Usuario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk

      ***** [ Registro ] *****

      Valor Borrar : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
      Valor Borrar : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
      Clave Borrar : HKCU\Software\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb
      Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb
      Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
      Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
      Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71d5c9df-923d-44f6-afb6-3140f3e31ba2}
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a04292c6-bb68-4ec2-8380-e021c34a5e40}
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba74437c-ca1e-49dd-aab4-f7ff55cdaed4}
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e646e38f-1d50-4fe0-acfe-52fbb1f5cf41}
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{efc97af1-4a76-4c8e-9aa5-c191406caec7}
      Clave Borrar : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511151181}
      Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511151181}
      Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
      Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71d5c9df-923d-44f6-afb6-3140f3e31ba2}
      Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a04292c6-bb68-4ec2-8380-e021c34a5e40}
      Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba74437c-ca1e-49dd-aab4-f7ff55cdaed4}
      Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e646e38f-1d50-4fe0-acfe-52fbb1f5cf41}
      Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{efc97af1-4a76-4c8e-9aa5-c191406caec7}
      Datos Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
      Clave Borrar : HKCU\Software\lollipop
      Clave Borrar : HKCU\Software\AppDataLow\Software\FTdownloader V9.0
      Clave Borrar : HKLM\Software\awesomehpSoftware
      Clave Borrar : HKLM\Software\delta-homesSoftware
      Clave Borrar : HKLM\Software\hdcode
      Clave Borrar : HKLM\Software\IePlugin
      Clave Borrar : HKLM\Software\SupTab
      Clave Borrar : HKLM\Software\supWPM
      Clave Borrar : HKLM\Software\V9
      Clave Borrar : HKLM\Software\winzipersvc
      Clave Borrar : HKLM\Software\FTdownloader V9.0
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
      Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FTdownloader V9.0
      Clave Borrar : [x64] HKLM\SOFTWARE\Tarma Installer
      Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
      Datos Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

      ***** [ Navegadores ] *****

      -\\ Internet Explorer v10.0.9200.16618

      Ajustes Restaurar : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
      Ajustes Restaurar : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
      Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
      Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
      Ajustes Restaurar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
      Ajustes Restaurar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
      Ajustes Restaurar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
      Ajustes Restaurar : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

      -\\ Mozilla Firefox v29.0.1 (es-ES)

      [ Archivo : C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\cam2fr8c.default\prefs.js ]

      Linea borrada : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3326021&octid=EB_ORIGINAL_CTID&ISID=M18538253-D201-49AE-BF8D-C5F1C1DC5778&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP24416720-EEAD-4CC[...]
      Linea borrada : user_pref("browser.search.defaultenginename", "Trovi search");
      Linea borrada : user_pref("browser.search.selectedEngine", "Trovi search");
      Linea borrada : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3326021&octid=EB_ORIGINAL_CTID&ISID=M18538253-D201-49AE-BF8D-C5F1C1DC5778&SearchSource=55&CUI=&UM=5&UP=SP24416720-EEAD-4CC7-8A95[...]
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.InstallationThankYouPage", true);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.InstallationTime", 1393015414);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581_dbWasSet", true);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581_dbWasSet_FF25_FIX", true[...]
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.active", true);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.addressbar", "NA");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.addressbarenhanced", "");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.asyncdb.was_copied", "true");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.asyncdb_dbWasSet", true);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.asyncdb_dbWasSet_FF25_FIX", true);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.asyncinternaldb.was_copied", "true");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.asyncinternaldb_dbWasSet", true);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.asyncinternaldb_dbWasSet_FF25_FIX", true);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.backgroundver", 5);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.certdomaininstaller", "");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.changeprevious", false);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.InstallationTime.value", "%221393015414%22");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001069%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie._GPL_aoi.value", "%221394927305%22");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie._GPL_parent_zoneid.value", "%22536767%22");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.au.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.au.value", "%222014-3-15%22");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.cm_page_views.expiration", "Thu Jun 12 2014 14:52:49 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.cm_page_views.value", "26");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.cnt.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.cnt.value", "%22AR%22");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.first_run.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.first_run.value", "%221%22");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.install.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.install.value", "%222014-2-21%22");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.jw_token.value", "%22c29ca327-78e4-8c0f-970a-02cc1e4fb48a%22");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.partner_is_not_installed.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.partner_is_not_installed.value", "true");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.partner_last_seen.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.partner_last_seen.value", "1394830304228");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.cookie.testingGaq.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.description", "FT Downloader - download files 5 times faster!");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.domain", "");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.enablesearch", false);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.homepage", "");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.iframe", false);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%229774F41BAE9045FDBD70C4CC5D5BC[...]
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001069%22%2C%22sub_id%22%3A%220%22%2C%[...]
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001069%22%2C%22sub_id%22%3A%220%2[...]
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%229774F41BAE9045FDBD70[...]
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_appVer.value", "54");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_lastVersion.value", "2");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_meta.value", "%7B%7D");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_nextCheck.expiration", "Wed Jun 11 2014 21:29:09 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_nextCheck.value", "true");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_queue.value", "%7B%7D");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.__defualt_browser__.value", "%22ff%22");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%229774F41B[...]
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.monetization_plugin_bundledWithHash.value", "null");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.monetization_plugin_last_executable_request.expiration", "Mon Jun 09 2014 06:27:04 GMT-[...]
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//dl_151.yac.mx/download[...]
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT-0300");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.lastDailyReport", "1402511347337");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.lastUpdate", "1402511344595");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.manifesturl", "");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.newtab", "");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.opensearch", "");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.pluginsurl", "hxxp://js.datademoserv.com/plugin/apps/51581/plugins/na/ff/plugins.json");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.pluginsversion", 49);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.publisher", "installdaddy");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.searchstatus", 0);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.setnewtab", false);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.thankyou", "");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.updateinterval", 360);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.51581.ver", 54);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.FilesValidatorDueTime", "1402511403132");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.apps", "51581");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.bic", "143ca61308ebab002bdbc8cc6514c034");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.cid", 51581);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.firstrun", false);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.hadappinstalled", true);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.installationdate", 1393017750);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.modetype", "production");
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.reportInstall", true);
      Linea borrada : user_pref("extensions.a457fdf2235764b129012c3017e51228f6cd2d432a21e4fc29951217b397ece11com51581.statsDailyCounter", 86);
      Linea borrada : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
      Linea borrada : user_pref("extentions.webcake.installId", "3ad2a0fa-2a16-45ac-b2f0-8906225d1ce1");
      Linea borrada : user_pref("iminent.adapters", "{\"beamrise\":{\"CountryCode\":\"AR\",\"NoAds\":false,\"Status\":2,\"expireTime\":\"13906731421521814400\"},\"java\":{\"CountryCode\":\"AR\",\"NoAds\":false,\"Status\":2[...]
      Linea borrada : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.4.3.1\",\"InstallEventCTime\":1390866615115,\"InstallEvent\":\"True\"}");

      -\\ Google Chrome v35.0.1916.114

      [ Archivo : C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\preferences ]

      Borrar [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3326021&octid=EB_ORIGINAL_CTID&ISID=M18538253-D201-49AE-BF8D-C5F1C1DC5778&SearchSource=58&CUI=&UM=5&UP=SP24416720-EEAD-4CC7-8A95-07B8973CFABD&q={searchTerms}&SSPV=
      Borrar [Search Provider] : hxxp://uk.ask.com/ar?siteid=38302770&qsrc=999&l=dis&ad=pub&an=dis&x=0&y=0&q={searchTerms}
      Borrar [Search Provider] : hxxp://www.softonic.com/s/{searchTerms}
      Borrar [Startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3326021&octid=EB_ORIGINAL_CTID&ISID=M18538253-D201-49AE-BF8D-C5F1C1DC5778&SearchSource=55&CUI=&UM=5&UP=SP24416720-EEAD-4CC7-8A95-07B8973CFABD&SSPV=
      Borrar [Extension] : bcfjehbfanfhgoehogmbiebedkidedjb
      Borrar [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
      Borrar [Extension] : fjoijdanhaiflhibkljeklcghcmmfffh
      Borrar [Extension] : flpcjncodpafbgdpnkljologafpionhb
      Borrar [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
      Borrar [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
      Borrar [Extension] : pkndmigholgfjlniaohblojbhgjbkakn

      *************************

      AdwCleaner[R0].txt - [33822 octets] - [11/06/2014 16:39:07]
      AdwCleaner[R1].txt - [33883 octets] - [11/06/2014 16:41:01]
      AdwCleaner[S0].txt - [29375 octets] - [11/06/2014 16:42:23]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29436 octets] ##########




      MBAM ANALISIS

      Malwarebytes Anti-Malware
      Malwarebytes | Free Anti-Malware & Internet Security Software

      Fecha del Análisis: 11/06/2014
      Tiempo de Análisis: 16:54:14
      Logfile: malware.txt
      Administrador: Si

      Versión: 2.00.2.1012
      Malware Database: v2014.06.11.07
      Rootkit Database: v2014.06.02.01
      Licencia: Premium
      Malware Protection: Activado
      Malicious Website Protection: Activado
      Self-protection: Desactivado

      SO: Windows 7 Service Pack 1
      CPU: x64
      Archivos del Sistema: NTFS
      Usuario: Usuario

      Tipo de Análisis: Análisis Completo
      Resultado: Completado
      Objetos Analizados: 388944
      Tiempo Transcurrido: 1 hr, 10 min, 31 seg

      Memoria: Activado
      Inicio: Activado
      Filesystem: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heuristics: Activado
      PUP: Activado
      PUM: Activado

      Procesos: 0
      (No malicious items detected)

      Modulos: 0
      (No malicious items detected)

      Llaves del Registro: 2
      PUP.Optional.FTdownloader.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FTdownloader V9.0, Quarantined, [979c185f3f3c1125153b5365a35f15eb],
      PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, Quarantined, [ec4723542457fc3a85b8d3e533cfa65a],

      Valores del Registro: 0
      (No malicious items detected)

      Datos del Registro: 1
      PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[77bc4334f982d264152fef846c987090]

      Carpetas: 1
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],

      Archivo: 10
      PUP.Optional.Softonic.A, C:\Users\Usuario\Downloads\SoftonicDownloader_para_avg-anti-spyware.exe, Quarantined, [d95a284f3f3c44f2408d66bc7b86df21],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\000345.log, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\000346.ldb, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\CURRENT, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\LOCK, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\LOG, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\LOG.old, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\MANIFEST-000343, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.Trovi.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.trovi.com/?gd=&ctid=CT3326021&octid=EB_ORIGINAL_CTID&ISID=M18538253-D201-49AE-BF8D-C5F1C1DC5778&SearchSource=55&CUI=&UM=5&UP=SP24416720-EEAD-4CC7-8A95-07B8973CFABD&SSPV=" ],), Replaced,[b28173046d0e65d13c0c3868c53f35cb]
      PUP.Optional.Trovi.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "search_url": "http://www.trovi.com/Results.aspx?gd=&ctid=CT3326021&octid=EB_ORIGINAL_CTID&ISID=M18538253-D201-49AE-BF8D-C5F1C1DC5778&SearchSource=58&CUI=&UM=5&UP=SP24416720-EEAD-4CC7-8A95-07B8973CFABD&q={searchTerms}&SSPV=",), Replaced,[201325523348043299b15b45c53f9070]

      Physical Sectors: 0
      (No malicious items detected)


      (end)



      MBAM REGISTRO DE PROTECCION

      Malwarebytes Anti-Malware
      Malwarebytes | Free Anti-Malware & Internet Security Software

      Fecha del Análisis: 11/06/2014
      Tiempo de Análisis: 16:54:14
      Logfile: PROTECCION.txt
      Administrador: Si

      Versión: 2.00.2.1012
      Malware Database: v2014.06.11.07
      Rootkit Database: v2014.06.02.01
      Licencia: Premium
      Malware Protection: Activado
      Malicious Website Protection: Activado
      Self-protection: Desactivado

      SO: Windows 7 Service Pack 1
      CPU: x64
      Archivos del Sistema: NTFS
      Usuario: Usuario

      Tipo de Análisis: Análisis Completo
      Resultado: Completado
      Objetos Analizados: 388944
      Tiempo Transcurrido: 1 hr, 10 min, 31 seg

      Memoria: Activado
      Inicio: Activado
      Filesystem: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heuristics: Activado
      PUP: Activado
      PUM: Activado

      Procesos: 0
      (No malicious items detected)

      Modulos: 0
      (No malicious items detected)

      Llaves del Registro: 2
      PUP.Optional.FTdownloader.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FTdownloader V9.0, Quarantined, [979c185f3f3c1125153b5365a35f15eb],
      PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, Quarantined, [ec4723542457fc3a85b8d3e533cfa65a],

      Valores del Registro: 0
      (No malicious items detected)

      Datos del Registro: 1
      PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[77bc4334f982d264152fef846c987090]

      Carpetas: 1
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],

      Archivo: 10
      PUP.Optional.Softonic.A, C:\Users\Usuario\Downloads\SoftonicDownloader_para_avg-anti-spyware.exe, Quarantined, [d95a284f3f3c44f2408d66bc7b86df21],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\000345.log, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\000346.ldb, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\CURRENT, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\LOCK, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\LOG, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\LOG.old, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.CrossRider.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkaplhdbgkcmjnbdflmhkkioklkffcla\MANIFEST-000343, Quarantined, [79ba2c4beb9081b52e23cec32dd5dc24],
      PUP.Optional.Trovi.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.trovi.com/?gd=&ctid=CT3326021&octid=EB_ORIGINAL_CTID&ISID=M18538253-D201-49AE-BF8D-C5F1C1DC5778&SearchSource=55&CUI=&UM=5&UP=SP24416720-EEAD-4CC7-8A95-07B8973CFABD&SSPV=" ],), Replaced,[b28173046d0e65d13c0c3868c53f35cb]
      PUP.Optional.Trovi.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "search_url": "http://www.trovi.com/Results.aspx?gd=&ctid=CT3326021&octid=EB_ORIGINAL_CTID&ISID=M18538253-D201-49AE-BF8D-C5F1C1DC5778&SearchSource=58&CUI=&UM=5&UP=SP24416720-EEAD-4CC7-8A95-07B8973CFABD&q={searchTerms}&SSPV=",), Replaced,[201325523348043299b15b45c53f9070]

      Physical Sectors: 0
      (No malicious items detected)


      (end)

    7. #7
      Moderador
      Avatar de @JonathanM
      Registrado
      may 2006
      Ubicación
      Chile
      Mensajes
      11.752

      Re: !!!Virus del Grupo de Delitos Telemáticos !!Urgente

      Hola

      Verifica como esta todo tras los pasos......

      Saludos
      <¡D3vIL!>

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de facumaxx
      Registrado
      jun 2014
      Ubicación
      Argentina
      Mensajes
      6

      Re: !!!Virus del Grupo de Delitos Telemáticos !!Urgente

      Y como verifico? Osea por ahora no me salto ningun error ni nada raro

    9. #9
      Moderador
      Avatar de @JonathanM
      Registrado
      may 2006
      Ubicación
      Chile
      Mensajes
      11.752

      Re: !!!Virus del Grupo de Delitos Telemáticos !!Urgente

      Hola

      Desfragmenta los disco con Defraggler (Manual)

      Descarga DelFix en el escritorio de windows.
      • Haz doble clic para ejecutarlo.
      • Ventana principal, marca solamente la casilla Remove disinfection tools
      • Clic en Run.

      Al terminar Se abrirá un reporte llamado DelFix.txt, pega el reporte en este mismo tema.
      Saludos


      Saludos
      <¡D3vIL!>

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de facumaxx
      Registrado
      jun 2014
      Ubicación
      Argentina
      Mensajes
      6

      Re: !!!Virus del Grupo de Delitos Telemáticos !!Urgente

      wtf tarda como 9 horas desfragmentar el disco O.O

    Página 1 de 2 12 ÚltimoÚltimo