Solucionado virus?

Estado
Cerrado para nuevas respuestas

ilu

Nuevo Miembro
Miembro
Hola! antes que nada este sitio es el que era forospyware.net? cambio? por que no puedo ver mis otros temas ya cerrados, ni aca ni intentando entrar en esa direccion, ya que me redirecciona aca.
Queria saber si es virus y como eliminar el "search protect" y el "web shield" ya que al bajar un archivo se descargaron solos.

GRacias!!
 

lorshaft92

El Jedi Exiliado
Super Moderador
Hola Ilu, bienvenido, Forospyware .net como Trucoswindows .es, son foros hermanados que fueron cerrados y se redirecciona a este, se decidió concentrar todo en uno solo.

Por lo que he averiguado tanto Search Protect y Web Shield, no son nada buenos, así que corresponde eliminarlos, te dejo un link con consejos para realizar primeros pasos y luego hacer un log de Hijackthis, así luego lo miran los especialistas.

Importante - Consejos antes de pegar su log de HijackThis

Saludos ;)
 

ilu

Nuevo Miembro
Miembro
Hola, gracias por responder, te cuento que ayer (antes de escribir aca) pasamos el avast y encontro 20 y pico de virus, lo pasamos en arranque y detecto 40 y pico. Luego habiamos pasado el malwarebytes que detecto 600 y pico y el adwcleaner que volvio a detectar los mismos que el malwarebytes, que ya habiamos puesto en cuarentena, nose por que los detecto de nuevo el otro programa. Lo raro es que ahora que veo los logs dice no haber detectado nada, los copio....

Malwarebytes Anti-Malware
Insertar CODE, HTML o PHP:
www.malwarebytes.org

Fecha del Análisis: 04/06/2015
Tiempo de Análisis: 10:30:07 p.m.
Archivo de registro: malwarebytes.txt
Administrador: Si

Versión: 2.01.6.1022
Base de datos de Malwares: v2015.06.04.05
Base de datos de rootkits: v2015.06.02.01
Licencia: Gratis
Protección contra el Malware: Desactivado
Protección de Webs  Maliciosas: Desactivado
Autoprotección: Desactivado

SO: Windows 7 Service Pack 1
CPU: x64
Archivos del Sistema: NTFS
Usuario: Usuario

Tipo de Análisis: Análisis Estándar
Resultado: Completado
Objetos Analizados: 400714
Tiempo Transcurrido: 23 min, 33 seg

Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Activado
PUM: Activado

Procesos: 6
PUP.Optional.PayByAds.A, C:\Users\Usuario\AppData\Local\bdraw\bdraw\1.3.26.12\bdraw.exe, 1452, Se eliminará al Reiniciar, [2293b303d8b29b9b1e6df278996de917]
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 2052, Se eliminará al Reiniciar, [c0f5eaccccbea78f25ae888f8979a957]
PUP.Optional.Giner, C:\Program Files (x86)\XTab\CmdShell.exe, 2204, Se eliminará al Reiniciar, [189df3c36525ae8834ca0d64b84edf21]
PUP.Optional.Giner, C:\Program Files (x86)\XTab\HPNotify.exe, 2252, Se eliminará al Reiniciar, [3580f1c591f926108a7439386d9952ae]
PUP.Optional.WebShield.A, C:\ProgramData\IyZawYIHFH\GePKEH.exe, 3112, Se eliminará al Reiniciar, [f0c594223f4b0a2c5a3e05f1de2317e9]
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1568, Se eliminará al Reiniciar, [edc89620ef9b8fa71a39e714fe0560a0]

Modulos: 9
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\BrowserAction.dll, Se eliminará al Reiniciar, [af06278fb5d557df8c9790b8a2600cf4],
PUP.Optional.Giner, C:\Program Files (x86)\XTab\IeWatchDog.dll, Se eliminará al Reiniciar, [e5d0e7cfe2a80333a25cea8763a3c33d],
PUP.Optional.Browserwatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, Se eliminará al Reiniciar, [1a9bddd90c7e7cba2dcb75af26e05ba5],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Se eliminará al Reiniciar, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Se eliminará al Reiniciar, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Se eliminará al Reiniciar, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Se eliminará al Reiniciar, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Se eliminará al Reiniciar, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Se eliminará al Reiniciar, [92234472474350e6928004f459aa6898],

Llaves del Registro: 161
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service,  Cuarentena, [c0f5eaccccbea78f25ae888f8979a957],
PUP.Optional.WebShield.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GePKEH,  Cuarentena, [f0c594223f4b0a2c5a3e05f1de2317e9],
PUP.Optional.PrimaryColor.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{588b71a1-b0bc-422a-9c3a-658c73ef0290}Gw64,  Cuarentena, [a213269024662610f30f84ee0bfb7a86],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3},  Cuarentena, [a015f4c261293501a7a8306e5da654ac],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3},  Cuarentena, [a015f4c261293501a7a8306e5da654ac],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3},  Cuarentena, [a015f4c261293501a7a8306e5da654ac],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C},  Cuarentena, [674e92248bfff145c667204a8c77c040],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C},  Cuarentena, [674e92248bfff145c667204a8c77c040],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C},  Cuarentena, [674e92248bfff145c667204a8c77c040],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6},  Cuarentena, [0baa9a1cbad0bb7b8379e68382812cd4],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6},  Cuarentena, [0baa9a1cbad0bb7b8379e68382812cd4],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6},  Cuarentena, [0baa9a1cbad0bb7b8379e68382812cd4],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8},  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{39CB8175-E224-4446-8746-00566302DF8D},  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{39CB8175-E224-4446-8746-00566302DF8D},  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{39CB8175-E224-4446-8746-00566302DF8D},  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\esrv.deltaESrvc.1,  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\esrv.deltaESrvc,  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.deltaESrvc,  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.deltaESrvc,  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.deltaESrvc.1,  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.deltaESrvc.1,  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8},  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F},  Cuarentena, [4d689125ed9d33033573ef6f58ab2ad6],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88},  Cuarentena, [4d689125ed9d33033573ef6f58ab2ad6],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8},  Cuarentena, [4d689125ed9d33033573ef6f58ab2ad6],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8},  Cuarentena, [4d689125ed9d33033573ef6f58ab2ad6],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8},  Cuarentena, [4d689125ed9d33033573ef6f58ab2ad6],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88},  Cuarentena, [4d689125ed9d33033573ef6f58ab2ad6],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88},  Cuarentena, [4d689125ed9d33033573ef6f58ab2ad6],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F},  Cuarentena, [4d689125ed9d33033573ef6f58ab2ad6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3},  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3},  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltadskBnd.1,  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltadskBnd,  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltadskBnd,  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltadskBnd,  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltadskBnd.1,  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltadskBnd.1,  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82E1477C-B154-48D3-9891-33D83C26BCD3},  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82E1477C-B154-48D3-9891-33D83C26BCD3},  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87},  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE},  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE},  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87},  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaHlpr.1,  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaHlpr,  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltaHlpr,  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltaHlpr,  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87},  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltaHlpr.1,  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltaHlpr.1,  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87},  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87},  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4599D05A-D545-4069-BB42-5895B4EAE05B},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1231839B-064E-4788-B865-465A1B5266FD},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2DAC2231-CC35-482B-97C5-CED1D4185080},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{57C91446-8D81-4156-A70E-624551442DE9},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7AD65FD1-79E0-406D-B03C-DD7C14726D69},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{97DD820D-2E20-40AD-B01E-6730B2FCE630},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B177446D-54A4-4869-BABC-8566110B4BE0},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F05B12E1-ADE8-4485-B45B-898748B53C37},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1231839B-064E-4788-B865-465A1B5266FD},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2DAC2231-CC35-482B-97C5-CED1D4185080},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{57C91446-8D81-4156-A70E-624551442DE9},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7AD65FD1-79E0-406D-B03C-DD7C14726D69},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{97DD820D-2E20-40AD-B01E-6730B2FCE630},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B177446D-54A4-4869-BABC-8566110B4BE0},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F05B12E1-ADE8-4485-B45B-898748B53C37},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1231839B-064E-4788-B865-465A1B5266FD},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2DAC2231-CC35-482B-97C5-CED1D4185080},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{57C91446-8D81-4156-A70E-624551442DE9},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7AD65FD1-79E0-406D-B03C-DD7C14726D69},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{97DD820D-2E20-40AD-B01E-6730B2FCE630},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B177446D-54A4-4869-BABC-8566110B4BE0},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F05B12E1-ADE8-4485-B45B-898748B53C37},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{4599D05A-D545-4069-BB42-5895B4EAE05B},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{4599D05A-D545-4069-BB42-5895B4EAE05B},  Cuarentena, [f4c15d59b3d7ca6c97b7a5f99b685fa1],
PUP.Optional.Babylon.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9},  Cuarentena, [2392575fb7d30333ec0690d45aa91fe1],
PUP.Optional.Babylon.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9},  Cuarentena, [2392575fb7d30333ec0690d45aa91fe1],
Adware.Zwangi, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33524C00-63FB-43DB-A6BF-0A4E14B24649},  Cuarentena, [179ef7bf5e2cc472736a3d3e6b98ee12],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85},  Cuarentena, [e3d28333721855e13a097b23b251c23e],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199},  Cuarentena, [e4d1dadc206a2c0a1e771b832bd821df],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08},  Cuarentena, [6f467e383b4f82b474229905fc078080],
PUP.Optional.PullUpdate.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WebShield,  Cuarentena, [4a6bc7ef09810234699650217b8b2dd3],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Delta Chrome Toolbar,  Cuarentena, [0ea71e986d1d69cd3d88d8907392a759],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86},  Cuarentena, [f8bd8f277614a294fac01b5d57ae8080],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork,  Cuarentena, [b7fefcbae0aa171f112741a5da29c33d],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr,  Cuarentena, [5560d6e04446072fb1eb9587768ebc44],
PUP.Optional.FFPluginHp.A, HKLM\SOFTWARE\WOW6432NODE\FFPluginHp,  Cuarentena, [ded76056b5d575c127279a4d04ffcd33],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect,  Cuarentena, [a70eac0a0f7b91a5c44d22d645be5ea2],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent,  Cuarentena, [4c69c0f606849e9817ad0630b450c937],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware,  Cuarentena, [efc6aa0cc5c53501284fed207490b44c],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect,  Cuarentena, [f0c5eaccc0ca181e900c02681fe651af],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance,  Cuarentena, [7a3bdadcc0ca7cba6367d51f7c87ec14],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\DELTA\DELTA\Instl,  Cuarentena, [585dcfe70e7cc076ccd6e36d6e976997],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\eooncjejnppfjjklapaamhcdmjbilmde,  Cuarentena, [387d773fa2e841f5d58741c82fd5c23e],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86},  Cuarentena, [a80d4e68682270c6e8d25f19fc09a25e],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP,  Cuarentena, [cbea7145bdcd89adad3bf9f891726997],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar,  Cuarentena, [b500dcdae4a651e5f8ef7081d52e6e92],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com,  Cuarentena, [08ad16a091f9d06600a0629d44bf817f],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance,  Cuarentena, [91247a3cdfab36008e57d02190738080],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB,  Cuarentena, [3580eec8a1e984b27577f81371934db3],
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS,  Cuarentena, [ac0901b54b3f8fa7204293e3e91cd927],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect,  Cuarentena, [edc89620ef9b8fa71a39e714fe0560a0],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect,  Cuarentena, [664f5c5a0d7dd066f60ab44e5fa58977],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\DataMngr,  Cuarentena, [dcd982348dfd39fd4f252a210afb08f8],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\DataMngr_Toolbar,  Cuarentena, [7f36fabc632706309dd6212af90c54ac],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\HomeTab,  Cuarentena, [95208d29800a181e37b0df3d51b3f40c],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\SearchProtectWS,  Cuarentena, [feb708aeafdbf640b931757c45be629e],
PUP.Optional.TNT.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\TNT2,  Cuarentena, [694c15a1e6a46dc9e1b79b58c43fe11f],
PUP.Optional.Wajam.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\WajIntEnhance,  Cuarentena, [556040769bef53e33398cb298182a25e],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE,  Cuarentena, [387d01b54b3fb2840e5702666a9bfb05],
PUP.Optional.Babylon.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\BABSOLUTION\Updater,  Cuarentena, [872e179fe1a94ceade98212b887d43bd],
PUP.Optional.Delta.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\DELTA\DELTA,  Cuarentena, [8a2b4571642673c3ba5c9cae2dd8c43c],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A},  Cuarentena, [298c6056f397989ebaff9fd9669fdf21],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0},  Cuarentena, [b1047a3cbdcd191d1b9e98e0996cf30d],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86},  Cuarentena, [f0c5b1058604b383f0c996e25fa6c937],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{35D308B2-9329-4805-9E3D-FD33247291E5},  Cuarentena, [50658036b8d239fde7d23c3cc83dfe02],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C},  Cuarentena, [882dae0846441521b6034d2b8b7af907],
PUP.Optional.Iminent.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP,  Cuarentena, [d5e0d0e6addde353daa513dbdc27619f],
PUP.Optional.Iminent.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar,  Cuarentena, [991cb402fc8e96a0fd83c22ce81b9b65],
PUP.Optional.Linkey.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey,  Cuarentena, [5f566e48197167cf047d34ba946fa25e],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect,  Cuarentena, [fdb88a2cf793d5614cbd68155fa6d729],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com,  Cuarentena, [d7de2c8a6c1e9e98166c46a8cd36d22e],
PUP.Optional.Wajam.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance,  Cuarentena, [9f1610a60585f4424340e40af21146ba],
PUP.Optional.FastSearch.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MOZILLA\EXTENDS,  Cuarentena, [b302ffb7bad080b6973944a228db669a],
PUP.Optional.Wajam.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\SIMPLYTECH\HomeTabWajIEnhance,  Cuarentena, [e6cf1e9838523ef84b9b5a9720e320e0],
PUP.Optional.KeepMySearch.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000_Classes\keepmysearch,  Cuarentena, [595c6a4c1f6b1f178950837942c138c8],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26},  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaappCore.1,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaappCore,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltaappCore,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltaappCore,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltaappCore.1,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltaappCore.1,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26},  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B},  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\d,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\d,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\d,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B},  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\delta,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],

Valores del Registro: 24
PUP.Optional.PayByAds.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|bdraw, C:\Users\Usuario\AppData\Local\bdraw\bdraw\1.3.26.12\bdraw.exe,  Cuarentena, [2293b303d8b29b9b1e6df278996de917]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{82E1477C-B154-48D3-9891-33D83C26BCD3}, Delta Toolbar,  Cuarentena, [8332734390fa989ec887efaed72c0af6]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{82E1477C-B154-48D3-9891-33D83C26BCD3},  Cuarentena, [278effb7c4c60b2b96b9f2ab58ab659b],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf,  Cuarentena, [f8bd8f277614a294fac01b5d57ae8080]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms},  Cuarentena, [f8bd5561becc6acccaf0f385fc09e11f]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf,  Cuarentena, [a80d4e68682270c6e8d25f19fc09a25e]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms},  Cuarentena, [0aabae083159d363c4f628508085a65a]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_ar_268,  Cuarentena, [a114c4f292f8c76fdd6deb1124df8f71],
PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|searchffv2@gmail.com, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com,  Cuarentena, [34819b1beb9f2b0bb19cfa86d72e37c9]
PUP.Optional.SweetSearch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|sweetsearch@gmail.com, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\sweetsearch@gmail.com,  Cuarentena, [9223476f206a83b30f33e50325de8a76]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, tugs,  Cuarentena, [3580eec8a1e984b27577f81371934db3]
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, A9D18522-4BDB-4B43-9A3E-B7CEBD90531D,  Cuarentena, [ac0901b54b3f8fa7204293e3e91cd927]
PUP.Optional.Delta.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\DELTA\DELTA|tlbrSrchUrl,  Cuarentena, [8a2b4571642673c3ba5c9cae2dd8c43c],
PUP.Optional.Delta.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\DELTA\DELTA|lastB, http://www1.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=2436F4EC38938273,  Cuarentena, [41741d9986041a1c1744064cb94c35cb]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&ts=1433272914&type=default&q={searchTerms},  Cuarentena, [298c6056f397989ebaff9fd9669fdf21]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&ts=1433272914&type=default&q={searchTerms},  Cuarentena, [e4d18b2bf694e25467520e6a57aebe42]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&ts=1433272914&type=default&q={searchTerms},  Cuarentena, [b1047a3cbdcd191d1b9e98e0996cf30d]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://www.istartsurf.com//favicon.ico,  Cuarentena, [a90cecca92f8fb3b7c3d780073926e92]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf,  Cuarentena, [f0c5b1058604b383f0c996e25fa6c937]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&ts=1433272914&type=default&q={searchTerms},  Cuarentena, [7144b501eb9f40f67c3d82f656aff10f]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|TopResultURL, http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms},  Cuarentena, [b0054274d4b688ae9326df996a9b6a96]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{35D308B2-9329-4805-9E3D-FD33247291E5}|URL, http://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&ts=1433272914&type=default&q={searchTerms},  Cuarentena, [50658036b8d239fde7d23c3cc83dfe02]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://www.istartsurf.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&ts=1433272914&type=default&q={searchTerms},  Cuarentena, [882dae0846441521b6034d2b8b7af907]
PUP.Optional.FastSearch.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MOZILLA\EXTENDS|appid, searchffv2@gmail.com,  Cuarentena, [b302ffb7bad080b6973944a228db669a]

Datos del Registro: 13
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX, Bueno: (iexplore.exe), Malo: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX),Sustituido,[813423934545eb4bcd9a70bbf80e58a8]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms}, Bueno: (www.google.com), Malo: (http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms}),Sustituido,[c5f000b675158fa73bb195948f7705fb]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX, Bueno: (www.google.com), Malo: (http://www.istartsurf.com/?type=hp&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX),Sustituido,[694c872f216901358f5d67c227dfda26]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX, Bueno: (www.google.com), Malo: (http://www.istartsurf.com/?type=hp&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX),Sustituido,[397cd2e454368fa77c706dbc36d0fa06]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms}, Bueno: (www.google.com), Malo: (http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms}),Sustituido,[2e87e5d195f5aa8c19d366c38a7c6e92]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bueno: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Malo: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Sustituido,[6d4872444842c5717c60f045ba4cef11]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX, Bueno: (iexplore.exe), Malo: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX),Sustituido,[1d98efc742489a9c80e769c2858142be]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms}, Bueno: (www.google.com), Malo: (http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms}),Sustituido,[ad08892d6c1e89ad73790524fc0a6f91]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX, Bueno: (www.google.com), Malo: (http://www.istartsurf.com/?type=hp&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX),Sustituido,[8e27e4d2c6c4989eedff3feaf61048b8]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX, Bueno: (www.google.com), Malo: (http://www.istartsurf.com/?type=hp&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX),Sustituido,[2d881d99c6c4a096f7f55ecba165c53b]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms}, Bueno: (www.google.com), Malo: (http://www.istartsurf.com/web/?type=ds&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX&q={searchTerms}),Sustituido,[f4c1833357339e9877758e9b34d217e9]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bueno: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Malo: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Sustituido,[9d18a0164743bb7be7f5c96c12f4f20e]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-851791630-2127062975-4264042411-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX, Bueno: (www.google.com), Malo: (http://www.istartsurf.com/?type=hp&ts=1433272792&z=34c02bbe4657d1b5ff505fag5z4c3c4o2mdo4mbb8m&from=tugs&uid=HITACHIXHTS545025B9A300_100625PBN204CSGGS78TX),Sustituido,[674e397de4a6b482cf1b9b8ec93db44c]
 

ilu

Nuevo Miembro
Miembro
Carpetas: 102
Insertar CODE, HTML o PHP:
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab, Se eliminará al Reiniciar, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\image,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.WebShield.A, C:\Users\Usuario\AppData\Local\WebShield,  Cuarentena, [a60f70463e4c8ea8f67140d84db7dd23],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\BabSolution\Shared,  Cuarentena, [0ea71e986d1d69cd3d88d8907392a759],
PUP.Optional.MultiPlug.A, C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174,  Cuarentena, [cfe6d8de1a701125a988433731d417e9],
PUP.Optional.MultiPlug.A, C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb,  Cuarentena, [cfe6d8de1a701125a988433731d417e9],
PUP.Optional.MultiPlug.A, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174,  Cuarentena, [a5105462fc8ea096b9788dedfa0b9070],
PUP.Optional.MultiPlug.A, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb,  Cuarentena, [a5105462fc8ea096b9788dedfa0b9070],
PUP.Optional.MultiPlug.A, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174,  Cuarentena, [773eaa0c0387d95d80b190ea32d3c13f],
PUP.Optional.MultiPlug.A, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb,  Cuarentena, [773eaa0c0387d95d80b190ea32d3c13f],
PUP.Optional.MultiPlug.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174,  Cuarentena, [ac09f0c603878aac6ac7067434d1dd23],
PUP.Optional.MultiPlug.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\jccocffecajimkdjgfpjhlpiimcnadhb,  Cuarentena, [ac09f0c603878aac6ac7067434d1dd23],
PUP.Optional.Amonetize.A, C:\ProgramData\Usiarurolwle\1.0.1.0,  Cuarentena, [c9ec1e986228fc3a01de1f621ee7837d],
PUP.Optional.Amonetize.A, C:\ProgramData\Usiarurolwle,  Cuarentena, [c9ec1e986228fc3a01de1f621ee7837d],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\components,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\META-INF,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.BabSolution.A, C:\Users\Usuario\AppData\Roaming\BabSolution\CR,  Cuarentena, [35803d7968220a2c77ee596d748f9e62],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Se eliminará al Reiniciar, [c7eef9bddbaf5adc7a28dcea847fd729],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update,  Cuarentena, [c7eef9bddbaf5adc7a28dcea847fd729],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService,  Cuarentena, [0ca95a5cbdcd25114d05ffca9271e21e],
PUP.Optional.OnlySearch, C:\Users\Usuario\AppData\Local\onlysearch,  Cuarentena, [f8bd8f270b7f59ddbc1bc805c83b58a8],
PUP.Optional.OnlySearch, C:\Users\Usuario\AppData\Local\onlysearch\onlysearch,  Cuarentena, [f8bd8f270b7f59ddbc1bc805c83b58a8],
PUP.Optional.OnlySearch, C:\Users\Usuario\AppData\Local\onlysearch\onlysearch\1.3.12.9,  Cuarentena, [f8bd8f270b7f59ddbc1bc805c83b58a8],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate,  Cuarentena, [585d1c9a1377fd39997c776544bf11ef],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update,  Cuarentena, [585d1c9a1377fd39997c776544bf11ef],
PUP.Optional.BDraw.A, C:\Users\Usuario\AppData\Local\bdraw\bdraw, Se eliminará al Reiniciar, [b401684ef892063025eb855eec1751af],
PUP.Optional.BDraw.A, C:\Users\Usuario\AppData\Local\bdraw\bdraw\1.3.26.12, Se eliminará al Reiniciar, [b401684ef892063025eb855eec1751af],
PUP.Optional.SweetSearch.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\sweetsearch@gmail.com,  Cuarentena, [377e179f6b1fa492433ef7ec7c8732ce],
PUP.Optional.SweetSearch.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\sweetsearch@gmail.com\chrome,  Cuarentena, [377e179f6b1fa492433ef7ec7c8732ce],
PUP.Optional.SweetSearch.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\sweetsearch@gmail.com\chrome\content,  Cuarentena, [377e179f6b1fa492433ef7ec7c8732ce],
PUP.Optional.SweetSearch.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\sweetsearch@gmail.com\chrome\skin,  Cuarentena, [377e179f6b1fa492433ef7ec7c8732ce],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Local\delta\delta,  Cuarentena, [f6bf8d29e5a57cba72f4b82c9d6644bc],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Local\delta\delta\1.3.25.0,  Cuarentena, [f6bf8d29e5a57cba72f4b82c9d6644bc],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Local\delta\delta\1.3.25.0\downloads,  Cuarentena, [f6bf8d29e5a57cba72f4b82c9d6644bc],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.0,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.0\bh,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\include,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\include\tools,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\lib,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\module,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\pack,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\en,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\en-US,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\es,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\es-419,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\fr,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\fr-BE,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CA,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CH,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\fr-LU,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\it,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\it-CH,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\pl,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\pt-BR,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\ru,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\ru-MO,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\tr,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\vi,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\zh-CN,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\zh-TW,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\skin,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\defaults,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\defaults\preferences,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.PullUpdate.A, C:\ProgramData\IyZawYIHFH\dat, Se eliminará al Reiniciar, [02b35b5b781248eea7424132ce38c739],
PUP.Optional.PullUpdate.A, C:\ProgramData\IyZawYIHFH, Se eliminará al Reiniciar, [02b35b5b781248eea7424132ce38c739],

Archivo: 310
PUP.Optional.PayByAds.A, C:\Users\Usuario\AppData\Local\bdraw\bdraw\1.3.26.12\bdraw.exe, Se eliminará al Reiniciar, [2293b303d8b29b9b1e6df278996de917],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, Se eliminará al Reiniciar, [c0f5eaccccbea78f25ae888f8979a957],
PUP.Optional.Giner, C:\Program Files (x86)\XTab\CmdShell.exe, Se eliminará al Reiniciar, [189df3c36525ae8834ca0d64b84edf21],
PUP.Optional.Giner, C:\Program Files (x86)\XTab\HPNotify.exe, Se eliminará al Reiniciar, [3580f1c591f926108a7439386d9952ae],
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\BrowserAction.dll, Se eliminará al Reiniciar, [af06278fb5d557df8c9790b8a2600cf4],
PUP.Optional.Giner, C:\Program Files (x86)\XTab\IeWatchDog.dll, Se eliminará al Reiniciar, [e5d0e7cfe2a80333a25cea8763a3c33d],
PUP.Optional.Browserwatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, Se eliminará al Reiniciar, [1a9bddd90c7e7cba2dcb75af26e05ba5],
PUP.Optional.WebShield.A, C:\ProgramData\IyZawYIHFH\GePKEH.exe, Se eliminará al Reiniciar, [f0c594223f4b0a2c5a3e05f1de2317e9],
PUP.Optional.PrimaryColor.A, C:\Windows\System32\drivers\{588b71a1-b0bc-422a-9c3a-658c73ef0290}Gw64.sys,  Cuarentena, [a213269024662610f30f84ee0bfb7a86],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.0\deltasrv.exe,  Cuarentena, [2095edc9bad052e4d2caf378e122e020],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.0\deltaTlbr.dll,  Cuarentena, [8332734390fa989ec887efaed72c0af6],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.0\bh\delta.dll,  Cuarentena, [d7decfe7f694ad89b19d3d60ef1422de],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\IyZawYIHFH\dat\gtfVyZZAtG.dll, Se eliminará al Reiniciar, [6d48932364262f07b987a07d9472b24e],
PUP.Optional.PullUpdate.C, C:\ProgramData\IyZawYIHFH\dat\IroCeUxF.dll, Se eliminará al Reiniciar, [61545f57cebc3204fc03d59c37cf6b95],
PUP.Optional.WebShield.A, C:\ProgramData\IyZawYIHFH\dat\NeQgeYCPE.exe, Se eliminará al Reiniciar, [e7ce05b19eeccf67791f0beb43be3ac6],
PUP.Optional.WebShield.A, C:\ProgramData\IyZawYIHFH\dat\nFWKTF.exe, Se eliminará al Reiniciar, [d8dd833355351323a5f3f50106fb936d],
PUP.Optional.PullUpdate.C, C:\ProgramData\WebShield\Uninstall.exe,  Cuarentena, [4a6bc7ef09810234699650217b8b2dd3],
PUP.Optional.Browserwatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll,  Cuarentena, [15a0c9ed5e2c5fd7698fd94b66a0b54b],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe,  Cuarentena, [f2c3d3e3d2b86bcbc966fe253ac6a759],
PUP.Optional.Softonic.SID.C, C:\Users\Usuario\Downloads\Setup.exe,  Cuarentena, [f9bc585eddad8ea879459fd2976fa55b],
PUP.Optional.Softonic.A, C:\Users\Usuario\Downloads\SoftonicDownloader_para_flight-simulator-x.exe,  Cuarentena, [6f461a9cdab03600a9031f376c958e72],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\uninstall.exe,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\conf,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1031.xpi,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\install.data,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Se eliminará al Reiniciar, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Se eliminará al Reiniciar, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\searchProvider.xml,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about_bk.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn_apply.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\close.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf.xml,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf_back.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\input_bk.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\logo.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\main.xml,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_1.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_2.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\rigth_arrow.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\settings.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\data.html,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE.html,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE8.html,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\main.css,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\ver.txt,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\google_trends.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon128.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon16.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon48.png,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\loading.gif,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\logo32.ico,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\common.js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ga.js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.xdomainrequest.min.js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\js.js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\library.js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xdomain.min.js,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW\messages.json,  Cuarentena, [92234472474350e6928004f459aa6898],
PUP.Optional.IStartSurf.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\searchplugins\istartsurf.xml,  Cuarentena, [6f46ac0a96f4a78fd0bd58b6f60e14ec],
PUP.Optional.Babylon.A, C:\Windows\System32\Tasks\EPUpdater,  Cuarentena, [4d68f7bf008a270fbdc35dbab15353ad],
PUP.Optional.Lyrics.A, C:\Windows\System32\Tasks\LyricsContainer Update,  Cuarentena, [7144bff7018979bdf58df81ff0140cf4],
PUP.Optional.WebShield.A, C:\Users\Usuario\AppData\Local\WebShield\data2.dat,  Cuarentena, [a60f70463e4c8ea8f67140d84db7dd23],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\searchplugins\softonic.xml,  Cuarentena, [40755165cebce74fd6f35ace729234cc],
PUP.Optional.Babylon.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\searchplugins\babylon.xml,  Cuarentena, [714472449ded8caa88fb54d71ce8c838],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\searchplugins\delta.xml,  Cuarentena, [7243575f2e5cb77fbff249e2e91b7c84],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\BabSolution\Shared\Delta.ico,  Cuarentena, [0ea71e986d1d69cd3d88d8907392a759],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\BabSolution\Shared\BabMaint.exe,  Cuarentena, [0ea71e986d1d69cd3d88d8907392a759],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\BabSolution\Shared\BUSolution.dll,  Cuarentena, [0ea71e986d1d69cd3d88d8907392a759],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\BabSolution\Shared\chu.js,  Cuarentena, [0ea71e986d1d69cd3d88d8907392a759],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\BabSolution\Shared\GUninstaller.exe,  Cuarentena, [0ea71e986d1d69cd3d88d8907392a759],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\BabSolution\Shared\SetupParams.ini,  Cuarentena, [0ea71e986d1d69cd3d88d8907392a759],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\BabSolution\Shared\sqlite3.dll,  Cuarentena, [0ea71e986d1d69cd3d88d8907392a759],
PUP.Optional.GoForFiles.A, C:\Windows\System32\Tasks\GoforFilesUpdate,  Cuarentena, [ded76353147604327261a7c89c69be42],
PUP.Optional.BDraw.A, C:\Windows\System32\Tasks\bdraw Updater,  Cuarentena, [02b34f67becc9b9b26dbb3c72ed7d22e],
PUP.Optional.MultiPlug.A, C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js,  Cuarentena, [cfe6d8de1a701125a988433731d417e9],
PUP.Optional.MultiPlug.A, C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html,  Cuarentena, [cfe6d8de1a701125a988433731d417e9],
PUP.Optional.MultiPlug.A, C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js,  Cuarentena, [cfe6d8de1a701125a988433731d417e9],
PUP.Optional.MultiPlug.A, C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json,  Cuarentena, [cfe6d8de1a701125a988433731d417e9],
PUP.Optional.MultiPlug.A, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js,  Cuarentena, [a5105462fc8ea096b9788dedfa0b9070],
PUP.Optional.MultiPlug.A, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html,  Cuarentena, [a5105462fc8ea096b9788dedfa0b9070],
PUP.Optional.MultiPlug.A, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js,  Cuarentena, [a5105462fc8ea096b9788dedfa0b9070],
PUP.Optional.MultiPlug.A, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json,  Cuarentena, [a5105462fc8ea096b9788dedfa0b9070],
PUP.Optional.MultiPlug.A, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js,  Cuarentena, [773eaa0c0387d95d80b190ea32d3c13f],
PUP.Optional.MultiPlug.A, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html,  Cuarentena, [773eaa0c0387d95d80b190ea32d3c13f],
PUP.Optional.MultiPlug.A, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js,  Cuarentena, [773eaa0c0387d95d80b190ea32d3c13f],
PUP.Optional.MultiPlug.A, C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json,  Cuarentena, [773eaa0c0387d95d80b190ea32d3c13f],
PUP.Optional.MultiPlug.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js,  Cuarentena, [ac09f0c603878aac6ac7067434d1dd23],
PUP.Optional.MultiPlug.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html,  Cuarentena, [ac09f0c603878aac6ac7067434d1dd23],
PUP.Optional.MultiPlug.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js,  Cuarentena, [ac09f0c603878aac6ac7067434d1dd23],
PUP.Optional.MultiPlug.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json,  Cuarentena, [ac09f0c603878aac6ac7067434d1dd23],
PUP.Optional.Amonetize.A, C:\ProgramData\Usiarurolwle\1.0.1.0\eohumfru.exe.config,  Cuarentena, [c9ec1e986228fc3a01de1f621ee7837d],
PUP.Optional.Amonetize.A, C:\ProgramData\Usiarurolwle\1.0.1.0\sqlite3.dll,  Cuarentena, [c9ec1e986228fc3a01de1f621ee7837d],
PUP.Optional.Amonetize.A, C:\ProgramData\Usiarurolwle\dat.dat,  Cuarentena, [c9ec1e986228fc3a01de1f621ee7837d],
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Se eliminará al Reiniciar, [edc89620ef9b8fa71a39e714fe0560a0],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\chrome.manifest,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\install.rdf,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\components\FFDisp.dll,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\delta.css,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\delta.xul,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\dpk.htm,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\hlprs.js,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\loader.xul,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\mtstart.js,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\serp.js,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\tmplt.js,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\arwDwn.gif,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\closeo.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\help_16.gif,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\home.gif,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\icon_seperator.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\logo.PNG,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\privecy_16_hot.gif,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\sign.jpg,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\specialoffer.gif,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\tellafriend.gif,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\uninstall.gif,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ae.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\bg.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ch.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\cn.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\cz.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\de.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\eg.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\en.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\es.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\fr.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\gr.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\he.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\il.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\it.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ja.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\jp.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\nl.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\no.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\pl.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\pt.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ro.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ru.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\sa.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\se.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\sv.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\tr.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ua.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\us.png,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\META-INF\manifest.mf,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\META-INF\zigbert.rsa,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\ffxtlbr@delta.com\META-INF\zigbert.sf,  Cuarentena, [5560bafc3c4e95a1c97dd4e410f3ee12],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\appCntrl.js,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.html,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.js,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CrmAdpt.dll,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ct.js,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CTB.dll,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\dpk.js,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.htm,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.js,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\json2.min.js,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\logo.png,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\manifest.json,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\pref.json,  Cuarentena, [23928036a6e4e3537c67a514de258b75],
PUP.Optional.BabSolution.A, C:\Users\Usuario\AppData\Roaming\BabSolution\CR\Delta.crx,  Cuarentena, [35803d7968220a2c77ee596d748f9e62],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf,  Cuarentena, [c7eef9bddbaf5adc7a28dcea847fd729],
PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService\repository.xml,  Cuarentena, [0ca95a5cbdcd25114d05ffca9271e21e],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf,  Cuarentena, [585d1c9a1377fd39997c776544bf11ef],
PUP.Optional.BDraw.A, C:\Users\Usuario\AppData\Local\bdraw\bdraw\updt.js,  Cuarentena, [b401684ef892063025eb855eec1751af],
PUP.Optional.BDraw.A, C:\Users\Usuario\AppData\Local\bdraw\bdraw\1.3.26.12\app.ini,  Cuarentena, [b401684ef892063025eb855eec1751af],
PUP.Optional.BDraw.A, C:\Users\Usuario\AppData\Local\bdraw\bdraw\1.3.26.12\bdsetup.exe,  Cuarentena, [b401684ef892063025eb855eec1751af],
PUP.Optional.BDraw.A, C:\Users\Usuario\AppData\Local\bdraw\bdraw\1.3.26.12\chromext64.dll,  Cuarentena, [b401684ef892063025eb855eec1751af],
PUP.Optional.BDraw.A, C:\Users\Usuario\AppData\Local\bdraw\bdraw\1.3.26.12\eLkobpek.dll,  Cuarentena, [b401684ef892063025eb855eec1751af],
PUP.Optional.BDraw.A, C:\Users\Usuario\AppData\Local\bdraw\bdraw\1.3.26.12\res.dll,  Cuarentena, [b401684ef892063025eb855eec1751af],
PUP.Optional.SweetSearch.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\sweetsearch@gmail.com\chrome.manifest,  Cuarentena, [377e179f6b1fa492433ef7ec7c8732ce],
PUP.Optional.SweetSearch.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\sweetsearch@gmail.com\install.rdf,  Cuarentena, [377e179f6b1fa492433ef7ec7c8732ce],
PUP.Optional.SweetSearch.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\sweetsearch@gmail.com\chrome\content\toolbar.js,  Cuarentena, [377e179f6b1fa492433ef7ec7c8732ce],
PUP.Optional.SweetSearch.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\sweetsearch@gmail.com\chrome\content\toolbar.xul,  Cuarentena, [377e179f6b1fa492433ef7ec7c8732ce],
PUP.Optional.SweetSearch.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\sweetsearch@gmail.com\chrome\skin\icon.png,  Cuarentena, [377e179f6b1fa492433ef7ec7c8732ce],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Local\delta\delta\1.3.25.0\app.ini,  Cuarentena, [f6bf8d29e5a57cba72f4b82c9d6644bc],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Local\delta\delta\1.3.25.0\bdraw.exe,  Cuarentena, [f6bf8d29e5a57cba72f4b82c9d6644bc],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Local\delta\delta\1.3.25.0\bdsetup.exe,  Cuarentena, [f6bf8d29e5a57cba72f4b82c9d6644bc],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Local\delta\delta\1.3.25.0\chromext64.dll,  Cuarentena, [f6bf8d29e5a57cba72f4b82c9d6644bc],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Local\delta\delta\1.3.25.0\hlpr64.exe,  Cuarentena, [f6bf8d29e5a57cba72f4b82c9d6644bc],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Local\delta\delta\1.3.25.0\res.dll,  Cuarentena, [f6bf8d29e5a57cba72f4b82c9d6644bc],
PUP.Optional.Delta.A, C:\Users\Usuario\AppData\Local\delta\delta\1.3.25.0\downloads\newVrsn.exe,  Cuarentena, [f6bf8d29e5a57cba72f4b82c9d6644bc],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.0\deltaApp.dll,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.0\deltaEng.dll,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.0\GUninstaller.exe,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.0\uninstall.exe,  Cuarentena, [af06ab0b31594ee8d19601e30003db25],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome.manifest,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\install.rdf,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\index.html,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\quick_start.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\quick_start.xul,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\include\speed_dial.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\about_blank_hook.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\misc.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\popup_image_helper.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\urlrequestor.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\js.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\lib\doT.min.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\lib\jquery.autocomplete.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\module\hotSearch.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\module\mostgrid.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\module\search.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\module\stat.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\pack\common.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\pack\ga.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\content\js\pack\xagainit.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\en\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\en-US\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\es\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\es-419\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\fr\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\fr-BE\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CA\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CH\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\fr-LU\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\it\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\it-CH\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\pl\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\pt-BR\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\ru\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\ru-MO\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\tr\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\vi\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\zh-CN\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\locale\zh-TW\locale.properties,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\skin\default_logo.png,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\skin\googlelogo.png,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\skin\google_trends.png,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\skin\icon.png,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\skin\loading.gif,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\skin\logo.png,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\skin\newtab.ico,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\skin\simple.css,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\chrome\skin\style.css,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\defaults\preferences\fvd.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\defaults\preferences\preferences.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules\addonmanager.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules\aes.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules\config.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules\dialogs.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules\last_tab.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules\misc.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules\properties.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules\remoterequest.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules\restoreprefs.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.FastStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\extensions\searchffv2@gmail.com\modules\settings.js,  Cuarentena, [6253b1050d7d14221c088b5acb38a060],
PUP.Optional.PullUpdate.A, C:\ProgramData\IyZawYIHFH\dat\NeQgeYCPE.exe.config, Se eliminará al Reiniciar, [02b35b5b781248eea7424132ce38c739],
PUP.Optional.PullUpdate.A, C:\ProgramData\IyZawYIHFH\dat\nFWKTF.exe.config, Se eliminará al Reiniciar, [02b35b5b781248eea7424132ce38c739],
PUP.Optional.PullUpdate.A, C:\ProgramData\IyZawYIHFH\GePKEH.dat, Se eliminará al Reiniciar, [02b35b5b781248eea7424132ce38c739],
PUP.Optional.PullUpdate.A, C:\ProgramData\IyZawYIHFH\GePKEH.exe.config,  Cuarentena, [02b35b5b781248eea7424132ce38c739],
PUP.Optional.PullUpdate.A, C:\ProgramData\IyZawYIHFH\info.dat, Se eliminará al Reiniciar, [02b35b5b781248eea7424132ce38c739],
PUP.Optional.IStartSurf.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (user_pref("browser.search.selectedEngine", "istartsurf");), Sustituido,[a70ef5c1b3d7d85e2417c5af0cfa52ae]
PUP.Optional.QuickStart.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Sustituido,[714483336129280e8ae4363fb254768a]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (user_pref("extensions.Softonic.admin", false);), Sustituido,[0aaba412fe8c6acca78efc7afe08cf31]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (ferences

/* Do not edit this file.
*
), Sustituido,[7a3b9b1ba1e9c274e74ecda99a6c758b]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (references

/* Do not edit this file.
*
* If you make changes to this file ), Sustituido,[af067046eaa00432270eaec8ed1927d9]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (e.
*
* If you make changes to this file while t), Sustituido,[199c6d49ec9e5cda0c291264a16524dc]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (ces

/* Do not edit this file.
*
* If you), Sustituido,[a114694d0e7c89adfd38a9cd5fa75ca4]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (erences

/* Do not edit this file.
*
* If ), Sustituido,[298c872f4c3e51e56fc6a9cd18ee06fa]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (rences

/* Do not edit this file.
*
* If), Sustituido,[aa0bedc938521d19f540f383e125ed13]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (ferences

/* Do not edit this file.
*
* If), Sustituido,[763f46703753d75f5fd6d4a216f0ed13]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (rences

/* Do not edit this file.
*
* If you m), Sustituido,[d8dde9cddfab8bab6fc6472f10f654ac]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (es

/* Do not edit this file.
*
* If y), Sustituido,[dbda298d7119b87eec49b6c0f80e01ff]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (references

/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be ove), Sustituido,[5c59278f147603335fd66d0922e48e72]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (tion is running,
* the changes will be ove), Sustituido,[7342feb8b3d7d462a98c076f8f772fd1]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (references

/* Do not edit this file.
*
* If you make changes to t), Sustituido,[189df0c6cfbb0e28ee47d5a111f5cc34]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: ( this file.
*
* If you make changes to this fil), Sustituido,[4075575fc6c406307cb9f2845caa1fe1]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (ces

/* Do not edit this file.
*
* If you make c), Sustituido,[c0f5af07addd9c9aaa8bb4c27c8a9b65]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (

/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten wh), Sustituido,[bafbe3d38a003ef83ff6383e4eb82ad6]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (ion is running,
* the changes will be overwr), Sustituido,[4075377fe3a70135e74e730362a4f10f]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (ferences

/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwrit), Sustituido,[f6bfb20433576bcbc2734234bf4710f0]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (n is running,
* the changes will be overwritten w), Sustituido,[40756b4b8208c4723cf91066cc3a926e]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (ces

/* Do not edit this file.
*
* If you make ), Sustituido,[1c9995212c5ed46273c24a2cec1add23]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (s

/* Do not edit this file.
*
* If you m), Sustituido,[d3e29c1a9dedaf87161fc0b690769a66]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (erences

/* Do not edit this file.
*
* If y), Sustituido,[efc6bafc95f5f145ad88d79fb254669a]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (ences

/* Do not edit this file.
*
* If you make changes to this f), Sustituido,[3e77971fdcaeea4cef461c5a9d69956b]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: ( this file.
*
* If you make changes to this file while the a), Sustituido,[dadb338307838caa60d51462699da759]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the applicat), Sustituido,[d9dce7cfe8a23105af86581e7b8bfd03]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (s running,
* the changes will be overwritten whe), Sustituido,[51645b5b137737ff52e3e5914abccf31]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (nces

/* Do not edit this file.
*
* If you make change), Sustituido,[04b1e4d2c3c765d1c76e4d29db2bdd23]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: ( Do not edit this file.
*
* If you make changes), Sustituido,[7d38437315752d09f63f2056d53128d8]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (user_pref("extensions.Softonic.hmpgUrl", "http://search.softonic.com/MOY00017/tb_v1?SearchSource=13&cc=&mi=2436761c000000000000f4ec38938273");), Sustituido,[971e4175e7a3fb3b0538e690d630ce32]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (te.lastUpdateTime.addon-background-update-timer", 1433385851);
user_pref("app.update.lastUpdateTime.background-update-timer", 1433455574);
us), Sustituido,[ae07ddd90882d06682bbc2b402040ef2]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (ing,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:), Sustituido,[fbbabdf94a4032042f0e01750afcfe02]
PUP.Optional.Softonic.A, C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\prefs.js, Bueno: (), Malo: (imer", 1433455574);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1433382848);
user_pref("app.update.lastUpdateTime.bro), Sustituido,[664fa90d2466aa8cd766b3c39670cb35]

Sectores Físicos: 0
(Sin elementos maliciosos detectados)


(end)
 

ilu

Nuevo Miembro
Miembro
Segundo malwarebytes

Malwarebytes Anti-Malware
Insertar CODE, HTML o PHP:
www.malwarebytes.org

Fecha del Análisis: 04/06/2015
Tiempo de Análisis: 11:31:46 p.m.
Archivo de registro: malwarebytes1.txt
Administrador: Si

Versión: 2.01.6.1022
Base de datos de Malwares: v2015.06.04.05
Base de datos de rootkits: v2015.06.02.01
Licencia: Gratis
Protección contra el Malware: Desactivado
Protección de Webs  Maliciosas: Desactivado
Autoprotección: Desactivado

SO: Windows 7 Service Pack 1
CPU: x64
Archivos del Sistema: NTFS
Usuario: Usuario

Tipo de Análisis: Análisis Estándar
Resultado: Completado
Objetos Analizados: 401021
Tiempo Transcurrido: 21 min, 11 seg

Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Activado
PUM: Activado

Procesos: 0
(Sin elementos maliciosos detectados)

Modulos: 0
(Sin elementos maliciosos detectados)

Llaves del Registro: 0
(Sin elementos maliciosos detectados)

Valores del Registro: 0
(Sin elementos maliciosos detectados)

Datos del Registro: 0
(Sin elementos maliciosos detectados)

Carpetas: 0
(Sin elementos maliciosos detectados)

Archivo: 0
(Sin elementos maliciosos detectados)

Sectores Físicos: 0
(Sin elementos maliciosos detectados)

(end)
 

ilu

Nuevo Miembro
Miembro
AdwCleaner:
Insertar CODE, HTML o PHP:
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat->C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat.vir
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe->C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe.vir
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico->C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico.vir
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll->C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll.vir
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll->C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir
C:\ProgramData\WebShield\data.dat->C:\AdwCleaner\Quarantine\C\ProgramData\WebShield\data.dat.vir
C:\ProgramData\WebShield\WebShield.ico->C:\AdwCleaner\Quarantine\C\ProgramData\WebShield\WebShield.ico.vir
C:\ProgramData\b6a2029b2e3bacd5\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140619152131->C:\AdwCleaner\Quarantine\C\ProgramData\b6a2029b2e3bacd5\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140619152131.vir
C:\Program Files (x86)\Iminent\Iminent.crx->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.crx.vir
C:\Users\Administrador\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html->C:\AdwCleaner\Quarantine\C\Users\Administrador\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html.vir
C:\Users\Administrador\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js->C:\AdwCleaner\Quarantine\C\Users\Administrador\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js.vir
C:\Users\Administrador\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js->C:\AdwCleaner\Quarantine\C\Users\Administrador\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js.vir
C:\Users\Administrador\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Administrador\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json.vir
C:\Users\Administrador\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html->C:\AdwCleaner\Quarantine\C\Users\Administrador\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html.vir
C:\Users\Administrador\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js->C:\AdwCleaner\Quarantine\C\Users\Administrador\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js.vir
C:\Users\Administrador\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js->C:\AdwCleaner\Quarantine\C\Users\Administrador\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js.vir
C:\Users\Administrador\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Administrador\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json.vir
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html->C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html.vir
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js->C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js.vir
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js->C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js.vir
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json->C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json.vir
C:\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html->C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html.vir
C:\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js->C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js.vir
C:\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js->C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js.vir
C:\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json->C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json.vir
C:\Users\Invitado\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html->C:\AdwCleaner\Quarantine\C\Users\Invitado\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html.vir
C:\Users\Invitado\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js->C:\AdwCleaner\Quarantine\C\Users\Invitado\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js.vir
C:\Users\Invitado\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js->C:\AdwCleaner\Quarantine\C\Users\Invitado\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js.vir
C:\Users\Invitado\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Invitado\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json.vir
C:\Users\Invitado\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html->C:\AdwCleaner\Quarantine\C\Users\Invitado\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html.vir
C:\Users\Invitado\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js->C:\AdwCleaner\Quarantine\C\Users\Invitado\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js.vir
C:\Users\Invitado\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js->C:\AdwCleaner\Quarantine\C\Users\Invitado\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js.vir
C:\Users\Invitado\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Invitado\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json.vir
C:\Users\Usuario\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html.vir
C:\Users\Usuario\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js.vir
C:\Users\Usuario\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js.vir
C:\Users\Usuario\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Local\Chromatic Browser\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json.vir
C:\Users\Usuario\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\background.html.vir
C:\Users\Usuario\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\content.js.vir
C:\Users\Usuario\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\lsdb.js.vir
C:\Users\Usuario\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Local\torch\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb\174\manifest.json.vir
C:\Users\Usuario\AppData\Roaming\Babylon\log_file.txt->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Roaming\Babylon\log_file.txt.vir
C:\Users\Usuario\AppData\Roaming\goforfiles\blacklist.dat->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Roaming\goforfiles\blacklist.dat.vir
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\user.js->C:\AdwCleaner\Quarantine\C\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\n1wkeegl.default\user.js.vir
 

ilu

Nuevo Miembro
Miembro
Y por ultimo hoy pasamos el hijackthis, pego el log..
Insertar CODE, HTML o PHP:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:34:50 p.m., on 05/06/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
E:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe
O4 - HKLM\..\Run: [EnergyCut] C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - Global Startup: TP-LINK Wireless Utility.lnk = C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0EB4CC10-7A36-4896-8452-83BC485E04C9}: NameServer = 85.17.255.198,46.19.33.120
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Servicio de actualización de Google (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Enumerador de bus IP PnP-X (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Enrutamiento y acceso remoto (RemoteAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 22949 bytes
Gracias!!!
 

Kbite

Aprender y compartir
Administrador
Hola ilu.

El log de HijackThis está limpio de virus o de cualquier tipo de malware.

El Malwarebytes, en su primer análisis eliminó lo mucho que detectó, y en el segundo ya no había nada por borrar. El AdwCleaner también hizo bien su trabajo, tenías mucha, pero que mucha basura en los navegadores.

Pero si te fijas todo lo eliminado eran PUPs (secuestradores de páginas de inicio y cambios en el buscador predeterminado) que no son más que programas no deseados que acostumbran a instalarse a través de la instalación de algún programa sin tu conocimiento y no son virus al uso que afecten al sistema operativo, pero que pueden hacer la navegación lenta y tediosa.

El que una herramienta de seguridad elimine los archivos que se han movido a la Cuarentena es normal y de ahí que los veas dos veces, eliminados primero por una y después por otra que elimina la Cuarentena de la primera.

Creo que ahora estas limpio de amenazas, pero viendo lo que se eliminó te aconsejaría que utilices la segunda herramienta recomendada para ver si algún resto quedó sin detectar: JunkWare Removal Tool

En tu respuesta nos comentas como te va todo ahora y si podemos dar el tema como solucionado para cerrarlo o necesitas algo más.

Saludos, Kbite
 

ilu

Nuevo Miembro
Miembro
Hola, resulta que al bajar esta aplicacion me salta esta ventana de avast, sera seguro? lo estare bajando bien?

GRacias!
 

Adjuntos

lorshaft92

El Jedi Exiliado
Super Moderador
Hola Ilu, es un falso positivo, asegurate que el Avast sea la última versión y que este actualizada la base de datos, te lo comento porque uso Avast Free y mi no me ha saltado.

Si Avast no deja descargarlo, desactivarlo temporariamente, click secundario del mouse sobre el icono de Avast en la barra de tareas, Control de escudos de Avast > Desactivar durante 10 minutos.

Ejecutas el programa recomendado para que haga su tarea, tras reiniciar el Avast va a regresar a la normalidad, cuando se aplican estas herramientas los antivirus deben estar desactivados para que no molesten en el proceso.

Saludos ;)
 

ilu

Nuevo Miembro
Miembro
Hola, perdon la tardanza, gracias por la respuesta, daria por cerrado el post ya que el dueño de la notebook viajo con ella y no va a poder seguir los pasos. Cualquier inconveniente vuelvo a abrir otro.
Mil gracias como siempre!!!
 
Estado
Cerrado para nuevas respuestas
Arriba Pie