problema con un archivo

Foro referente al sistema operativo Windows Vista (Longhorn)
petre9467
Usuario linuxero
Usuario linuxero
Mensajes: 13
Registrado: 19 Ago 2012, 17:01
Agradecido : 2 veces
Contactar:

problema con un archivo

Mensajepor petre9467 » 19 Ago 2012, 17:23

saludos.mi problema es que me sale esto al iniciar mi pc. no se puede cargar ni ejecutar"c:\user\nora\local1\temp\70dbfffe.com" especificado en el registro.asegurese de que el archivo existe en el equipo o quite toda referencia del mismo. por favor que hago o donde busco ese archivo y si tengo que borrarlo,no me deja iniciar algunos programa por ejem.nexus.gracias

Avatar de Usuario
helheim
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 5001
Registrado: 20 Abr 2008, 11:38
Agradecido : 24 veces
Agradecimiento recibido: 169 veces
Contactar:

Re: problema con un archivo

Mensajepor helheim » 19 Ago 2012, 20:24

Hola, bienvenido al Foro.

Descarga, ejecuta HIJACKTHIS v 2.0.2 (sin tener ningún otro programa abierto) y, tras finalizar el proceso de escaneo, péganos aquí en el Foro el informe que te genere.

Un saludo.
La experiencia es una llama que alumbra quemando (Benito Pérez Galdós)

petre9467
Usuario linuxero
Usuario linuxero
Mensajes: 13
Registrado: 19 Ago 2012, 17:01
Agradecido : 2 veces
Contactar:

Re: problema con un archivo

Mensajepor petre9467 » 22 Ago 2012, 00:38

petre9467 escribió:saludos.mi problema es que me sale esto al iniciar mi pc. no se puede cargar ni ejecutar"c:\user\nora\local1\temp\70dbfffe.com" especificado en el registro.asegurese de que el archivo existe en el equipo o quite toda referencia del mismo. por favor que hago o donde busco ese archivo y si tengo que borrarlo,no me deja iniciar algunos programa por ejem.nexus.gracias



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:04:32 p.m., on 21/08/2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\Bywifi\bywifi.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Winstep\Nexus.exe
C:\Users\nora\AppData\Roaming\Microsoft\winsx.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=brn&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9000/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=C:\Users\nora\LOCALS~1\Temp\70dbfffe.com
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit,
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BywifiBHO - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - C:\Program Files\Bywifi\bywifiie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file)
O3 - Toolbar: (no name) - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - (no file)
O3 - Toolbar: DealBulldog Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [bywifi] C:\Program Files\Bywifi\bywifi.exe "-silent"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [bywifi] C:\Program Files\Bywifi\bywifi.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Nexus] C:\Program Files\Winstep\Nexus.exe autostart
O4 - HKCU\..\Run: [winsx] C:\Users\nora\AppData\Roaming\Microsoft\winsx.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-3962275611-1490051772-3322176261-1000\..\Run: [bywifi] C:\Program Files\Bywifi\bywifi.exe (User '?')
O4 - HKUS\S-1-5-21-3962275611-1490051772-3322176261-1000\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O8 - Extra context menu item: Descargar con Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SmartLinkService (SLService) - - C:\Windows\SYSTEM32\slmdmsr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O23 - Service: Winstep Xtreme Service - Unknown owner - C:\Program.exe (file missing)

--
End of file - 8400 bytes

Avatar de Usuario
helheim
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 5001
Registrado: 20 Abr 2008, 11:38
Agradecido : 24 veces
Agradecimiento recibido: 169 veces
Contactar:

Re: problema con un archivo

Mensajepor helheim » 22 Ago 2012, 12:25

Ejecuta de nuevo HijackThis (con todos los programas cerrados y como Administrador; para eso pulsa con el botón derecho del ratón sobre el programa y elige "Ejecutar como Administrador"), pulsa sobre "Do a system scan only", marca las siguientes entradas y pulsa "Fix Checked":

F3 - REG:win.ini: load=C:\Users\nora\LOCALS~1\Temp\70dbfffe.com

Tras eso, descarga la herramienta ADWCLEANER (para descargarla tienes que pulsar en la flecha verde)

La ejecutas y pulsas en "Delete". Esperas a que termine el proceso, momento en el que te aparecerá un informe: copia el contenido y pegaslo aquí para que podamos verlo.

Imagen

Este programa es posible que te cambie tu página de inicio. No tienes más que volver a cambiarla tú por la que quieras.

Adwcleaner te pedirá reiniciar.

Te comento que tienes instalado en el valor userinit del registro una aplicación llamada Soluto que presume de acelerar el arranque del sistema.

Un saludo.
La experiencia es una llama que alumbra quemando (Benito Pérez Galdós)

petre9467
Usuario linuxero
Usuario linuxero
Mensajes: 13
Registrado: 19 Ago 2012, 17:01
Agradecido : 2 veces
Contactar:

Re: problema con un archivo

Mensajepor petre9467 » 23 Ago 2012, 18:39

helheim escribió:Ejecuta de nuevo HijackThis (con todos los programas cerrados y como Administrador; para eso pulsa con el botón derecho del ratón sobre el programa y elige "Ejecutar como Administrador"), pulsa sobre "Do a system scan only", marca las siguientes entradas y pulsa "Fix Checked":

F3 - REG:win.ini: load=C:\Users\nora\LOCALS~1\Temp\70dbfffe.com

Tras eso, descarga la herramienta ADWCLEANER (para descargarla tienes que pulsar en la flecha verde)

La ejecutas y pulsas en "Delete". Esperas a que termine el proceso, momento en el que te aparecerá un informe: copia el contenido y pegaslo aquí para que podamos verlo.

Imagen

Este programa es posible que te cambie tu página de inicio. No tienes más que volver a cambiarla tú por la que quieras.

Adwcleaner te pedirá reiniciar.

Te comento que tienes instalado en el valor userinit del registro una aplicación llamada Soluto que presume de acelerar el arranque del sistema.

Un saludo.



saludos,y gracias por responder a mi problema te comento que hice lo que me dices y el programa adwcleaner reinicio mi pc y volvio aparecer C:\Users\nora\LOCALS~1\Temp\70dbfffe.com.ah otra cosa tengo que eliminar soluto porque lo busque en panel de control-programas y caracteristicas y no aparece como lo elimino. gracias por la ayuda.
aca te pongo el resultado de adwcleaner

# AdwCleaner v1.801 - Logfile created 08/23/2012 at 12:40:08
# Updated 14/08/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 1 (32 bits)
# User : nora - NORA1
# Boot Mode : Normal
# Running from : C:\Users\nora\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\nora\AppData\Local\Conduit
Folder Deleted : C:\Users\nora\AppData\Local\ConduitEngine
Folder Deleted : C:\Users\nora\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\nora\AppData\Local\TempDir
Folder Deleted : C:\Users\nora\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\nora\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\nora\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\nora\AppData\LocalLow\DownloadnSave
Folder Deleted : C:\Users\nora\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\nora\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\nora\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\nora\AppData\Roaming\AD ON Multimedia
Folder Deleted : C:\Users\nora\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\nora\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\nora\AppData\Roaming\Mozilla\Firefox\Profiles\tvwcp8ej.default\ConduitCommon
Folder Deleted : C:\Users\nora\AppData\Roaming\Mozilla\Firefox\Profiles\tvwcp8ej.default\extensions\avg@toolbar
Folder Deleted : C:\ProgramData\~0
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\ProgramData\Premium
File Deleted : C:\Users\nora\AppData\Roaming\Mozilla\Firefox\Profiles\tvwcp8ej.default\searchplugins\daemon-search.xml
File Deleted : C:\user.js

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
[*] Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
[*] Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\conduitEngine
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Spointer
Key Deleted : HKCU\Software\WideStream
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\bandoo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\Widestream6.Spointer
Key Deleted : HKLM\SOFTWARE\Classes\Widestream6.Spointer.4
Key Deleted : HKLM\SOFTWARE\Classes\Widestream6.SpointerAdProvider
Key Deleted : HKLM\SOFTWARE\Classes\Widestream6.SpointerAdProvider.4
Key Deleted : HKLM\SOFTWARE\Classes\Widestream6.SpointerBanner
Key Deleted : HKLM\SOFTWARE\Classes\Widestream6.SpointerBanner.4
Key Deleted : HKLM\SOFTWARE\Classes\Widestream6.SpointerCtrl
Key Deleted : HKLM\SOFTWARE\Classes\Widestream6.SpointerWebDisp
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\uTorrentBar_ES
Key Deleted : HKLM\SOFTWARE\widestream

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0B25FF79-796A-4C2E-B09B-7921065D8EF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1EB45B75-E889-42BE-B0C9-C8E0EE687052}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2735FAF8-D5DC-41F6-8BDA-B3F4A828C3DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54ADB4A4-6C88-4710-A227-820961B9981E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC146D1D-7588-4F3F-8F1E-9500F90618A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B690A281-F7D4-4E0F-BA02-A12ADD86277B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42A2432-287D-4161-8C94-99C06BEE7A81}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F44202AE-BE61-41C8-AFEA-5E494EC7595B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA22700A-C65C-471F-AD84-9BC822CE36AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8D1534B-852E-4503-A6D0-62BDB83049BF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65D050B5-9B4D-43BB-96DC-6834E8E16903}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{606D89E9-C72A-4E4D-8D3A-142B2A74FF1B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9B218861-1CAD-41E9-8105-1291A91CA488}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1A6DC111-B030-4C3E-BE65-299284128B91}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A6DC111-B030-4C3E-BE65-299284128B91}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6001.18000

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=brn&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (es-ES)

Profile name : default
File : C:\Users\nora\AppData\Roaming\Mozilla\Firefox\Profiles\tvwcp8ej.default\prefs.js

C:\Users\nora\AppData\Roaming\Mozilla\Firefox\Profiles\tvwcp8ej.default\user.js ... Deleted !

Deleted : user_pref("CT2851619..clientLogIsEnabled", false);
Deleted : user_pref("CT2851619..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2851619..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2851619.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2851619.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2851619.AppTrackingLastCheckTime", "Tue Feb 28 2012 09:24:24 GMT-0430");
Deleted : user_pref("CT2851619.CTID", "CT2851619");
Deleted : user_pref("CT2851619.CurrentServerDate", "1-3-2012");
Deleted : user_pref("CT2851619.DSInstall", false);
Deleted : user_pref("CT2851619.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2851619.DialogsGetterLastCheckTime", "Wed Feb 29 2012 21:27:27 GMT-0430");
Deleted : user_pref("CT2851619.DownloadReferralCookieData", "");
Deleted : user_pref("CT2851619.EMailNotifierPollDate", "Thu Mar 01 2012 12:20:31 GMT-0430");
Deleted : user_pref("CT2851619.FeedLastCount7385351973121203554", 501);
Deleted : user_pref("CT2851619.FeedPollDate2429156812186649977", "Thu Mar 01 2012 11:42:33 GMT-0430");
Deleted : user_pref("CT2851619.FeedPollDate2429156813040823546", "Thu Mar 01 2012 11:42:32 GMT-0430");
Deleted : user_pref("CT2851619.FeedPollDate2429156813130095866", "Thu Mar 01 2012 11:42:32 GMT-0430");
Deleted : user_pref("CT2851619.FeedPollDate2429156813224203613", "Thu Mar 01 2012 11:42:32 GMT-0430");
Deleted : user_pref("CT2851619.FeedPollDate2429156813230837251", "Thu Mar 01 2012 11:42:33 GMT-0430");
Deleted : user_pref("CT2851619.FeedPollDate2429156813454291735", "Thu Mar 01 2012 11:42:33 GMT-0430");
Deleted : user_pref("CT2851619.FeedPollDate2429156813729834876", "Thu Mar 01 2012 11:42:32 GMT-0430");
Deleted : user_pref("CT2851619.FeedPollDate2429156813860870021", "Thu Mar 01 2012 11:42:34 GMT-0430");
Deleted : user_pref("CT2851619.FeedPollDate2429156814264681793", "Thu Mar 01 2012 11:42:33 GMT-0430");
Deleted : user_pref("CT2851619.FeedPollDate2429156814863075366", "Thu Mar 01 2012 11:42:33 GMT-0430");
Deleted : user_pref("CT2851619.FeedPollDate2429156815257761081", "Thu Mar 01 2012 11:42:32 GMT-0430");
Deleted : user_pref("CT2851619.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2851619.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2851619.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2851619.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2851619.FirstServerDate", "16-2-2012");
Deleted : user_pref("CT2851619.FirstTime", true);
Deleted : user_pref("CT2851619.FirstTimeFF3", true);
Deleted : user_pref("CT2851619.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2851619.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2851619.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2851619.HPInstall", false);
Deleted : user_pref("CT2851619.HasUserGlobalKeys", true);
Deleted : user_pref("CT2851619.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2851619.HomepageBeforeUnload", "about:home");
Deleted : user_pref("CT2851619.Initialize", true);
Deleted : user_pref("CT2851619.InitializeCommonPrefs", true);
Deleted : user_pref("CT2851619.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2851619.InstallationId", "ConduitXPEIntegration");
Deleted : user_pref("CT2851619.InstallationType", "ConduitXPEIntegration");
Deleted : user_pref("CT2851619.InstalledDate", "Wed Feb 15 2012 21:30:47 GMT-0430");
Deleted : user_pref("CT2851619.IsAlertDBUpdated", true);
Deleted : user_pref("CT2851619.IsGrouping", false);
Deleted : user_pref("CT2851619.IsInitSetupIni", true);
Deleted : user_pref("CT2851619.IsMulticommunity", false);
Deleted : user_pref("CT2851619.IsOpenThankYouPage", true);
Deleted : user_pref("CT2851619.IsOpenUninstallPage", false);
Deleted : user_pref("CT2851619.LanguagePackLastCheckTime", "Wed Feb 29 2012 21:27:26 GMT-0430");
Deleted : user_pref("CT2851619.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2851619.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2851619.LastLogin_3.9.0.3", "Thu Mar 01 2012 11:42:32 GMT-0430");
Deleted : user_pref("CT2851619.LatestVersion", "3.9.0.3");
Deleted : user_pref("CT2851619.Locale", "es");
Deleted : user_pref("CT2851619.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2851619.MCDetectTooltipShow", false);
Deleted : user_pref("CT2851619.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2851619.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2851619.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2851619.OriginalFirstVersion", "3.9.0.3");
Deleted : user_pref("CT2851619.SearchCaption", "uTorrentBar_ES Customized Web Search");
Deleted : user_pref("CT2851619.SearchEngineBeforeUnload", "DAEMON Search");
Deleted : user_pref("CT2851619.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2851619.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Deleted : user_pref("CT2851619.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2851619.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2851619.SearchInNewTabLastCheckTime", "Wed Feb 29 2012 21:27:25 GMT-0430");
Deleted : user_pref("CT2851619.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2851619.SearchProtectorEnabled", false);
Deleted : user_pref("CT2851619.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2851619.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2851619.ServiceMapLastCheckTime", "Wed Feb 29 2012 21:27:26 GMT-0430");
Deleted : user_pref("CT2851619.SettingsLastCheckTime", "Thu Mar 01 2012 11:42:32 GMT-0430");
Deleted : user_pref("CT2851619.SettingsLastUpdate", "1325063235");
Deleted : user_pref("CT2851619.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851619&SearchSource=13");
Deleted : user_pref("CT2851619.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2851619.ThirdPartyComponentsLastCheck", "Wed Feb 15 2012 21:30:47 GMT-0430");
Deleted : user_pref("CT2851619.ThirdPartyComponentsLastUpdate", "1255519670");
Deleted : user_pref("CT2851619.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2851619.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851619");
Deleted : user_pref("CT2851619.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2851619.UserID", "UN67135834333288229");
Deleted : user_pref("CT2851619.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2851619.WeatherNetwork", "");
Deleted : user_pref("CT2851619.WeatherPollDate", "Thu Mar 01 2012 12:13:14 GMT-0430");
Deleted : user_pref("CT2851619.WeatherUnit", "C");
Deleted : user_pref("CT2851619.alertChannelId", "1243654");
Deleted : user_pref("CT2851619.approveUntrustedApps", false);
Deleted : user_pref("CT2851619.autoDisableScopes", "-1");
Deleted : user_pref("CT2851619.backendstorage.cbfirsttime", "5765642046656220313520323031322032313A33303A35352[...]
Deleted : user_pref("CT2851619.backendstorage.pairingkey", "43384341393142374631324535463937443639323738354646[...]
Deleted : user_pref("CT2851619.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Deleted : user_pref("CT2851619.backendstorage.uttorrents", "7B226275696C64223A32363736332C226C6162656C223A5B5D[...]
Deleted : user_pref("CT2851619.components.1001", true);
Deleted : user_pref("CT2851619.components.1003", true);
Deleted : user_pref("CT2851619.components.1004", true);
Deleted : user_pref("CT2851619.components.1007", true);
Deleted : user_pref("CT2851619.components.1008", true);
Deleted : user_pref("CT2851619.components.1009", true);
Deleted : user_pref("CT2851619.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2851619.globalFirstTimeInfoLastCheckTime", "Wed Feb 29 2012 21:27:26 GMT-0430");
Deleted : user_pref("CT2851619.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2851619.initDone", true);
Deleted : user_pref("CT2851619.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2851619.myStuffEnabled", true);
Deleted : user_pref("CT2851619.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2851619.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2851619.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2851619.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2851619.oldAppsList", "129351507535587879,129351507535900380,1000234,129351507536056632[...]
Deleted : user_pref("CT2851619.revertSettingsEnabled", true);
Deleted : user_pref("CT2851619.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2851619.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2851619.testingCtid", "");
Deleted : user_pref("CT2851619.toolbarAppMetaDataLastCheckTime", "Wed Feb 29 2012 21:27:27 GMT-0430");
Deleted : user_pref("CT2851619.toolbarContextMenuLastCheckTime", "Wed Feb 29 2012 21:27:26 GMT-0430");
Deleted : user_pref("CT2851619.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2851619[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... 1239327/VE", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /870229/VE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2851619", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... tenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... erApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... redApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... lbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... kg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2851619",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=es", "\"441[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\nora\\AppData\\Roaming\\Mozilla\\Fi[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2851619");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2851619");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2851619");
Deleted : user_pref("CommunityToolbar.facebook.sessionKey", "2.AQD32IEQEsuwmkQg.86400.1329764400.0-10000064185[...]
Deleted : user_pref("CommunityToolbar.facebook.sessionSecret", "u9WjYMvh55L92AdJG3D6tg__");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Feb 29 2012 21:27:25 GMT-0430");
Deleted : user_pref("CommunityToolbar.facebook.userId", "100000641851935");
Deleted : user_pref("CommunityToolbar.globalUserId", "f6ecd595-d7ad-47fd-bc68-fe15e157c2d9");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851619");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Feb 29 2012 21:27:2[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Feb 29 2012 21:27:25 GMT-043[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Feb 29 2012 21:27:25 GMT-0430");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "33dca3a8-360b-4c57-ac0b-b40e51c3805c");
Deleted : user_pref("CommunityToolbar.originalHomepage", "about:home");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "DAEMON Search");
Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Deleted : user_pref("extensions.4fe6128fe6d1c.scode", "(function(){try{if('mystart.incredibar.com,premiumrepor[...]
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=101368");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 23);
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "es");
Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "dcea996100000000000000064f84e183");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15464");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 23);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1719:13:26");
Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "9.0");
Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 76344085);
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1719:13:26");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111366&tt=060612_6_");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "dcea996100000000000000064f84e183");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "dcea996100000000000000064f84e183");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15514");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=111366&tt=06061[...]
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:32:46");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Be1b36de3-5a5c-422b-9d01-b037c5b3e28a%[...]

-\\ Google Chrome v21.0.1180.83

File : C:\Users\nora\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [34542 octets] - [23/08/2012 12:40:08]

########## EOF - C:\AdwCleaner[S1].txt - [34671 octets] ##########

Avatar de Usuario
helheim
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 5001
Registrado: 20 Abr 2008, 11:38
Agradecido : 24 veces
Agradecimiento recibido: 169 veces
Contactar:

Re: problema con un archivo

Mensajepor helheim » 23 Ago 2012, 22:06

petre9467 escribió:te comento que hice lo que me dices y el programa adwcleaner reinicio mi pc y volvio aparecer C:\Users\nora\LOCALS~1\Temp\70dbfffe.com
Claro, porque para que no te vuelva a aparecer tienes que eliminar la entrada que te dije con Hijackthis.

helheim escribió:Ejecuta de nuevo HijackThis (con todos los programas cerrados y como Administrador; para eso pulsa con el botón derecho del ratón sobre el programa y elige "Ejecutar como Administrador"), pulsa sobre "Do a system scan only", marca las siguientes entradas y pulsa "Fix Checked":

F3 - REG:win.ini: load=C:\Users\nora\LOCALS~1\Temp\70dbfffe.com


Adwcleaner era para otra cosa.

Un saludo.
La experiencia es una llama que alumbra quemando (Benito Pérez Galdós)

petre9467
Usuario linuxero
Usuario linuxero
Mensajes: 13
Registrado: 19 Ago 2012, 17:01
Agradecido : 2 veces
Contactar:

Re: problema con un archivo

Mensajepor petre9467 » 24 Ago 2012, 01:50

helheim escribió:
petre9467 escribió:te comento que hice lo que me dices y el programa adwcleaner reinicio mi pc y volvio aparecer C:\Users\nora\LOCALS~1\Temp\70dbfffe.com
Claro, porque para que no te vuelva a aparecer tienes que eliminar la entrada que te dije con Hijackthis.

helheim escribió:Ejecuta de nuevo HijackThis (con todos los programas cerrados y como Administrador; para eso pulsa con el botón derecho del ratón sobre el programa y elige "Ejecutar como Administrador"), pulsa sobre "Do a system scan only", marca las siguientes entradas y pulsa "Fix Checked":

F3 - REG:win.ini: load=C:\Users\nora\LOCALS~1\Temp\70dbfffe.com


Adwcleaner era para otra cosa.

Un saludo.
[list]
saludo
hice todo lo que dices y sigue apareciendo igual

Avatar de Usuario
helheim
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 5001
Registrado: 20 Abr 2008, 11:38
Agradecido : 24 veces
Agradecimiento recibido: 169 veces
Contactar:

Re: problema con un archivo

Mensajepor helheim » 24 Ago 2012, 12:55

Inicia en MODO SEGURO CON FUNCIONES DE RED

Una vez en el Escritorio, vuelve a pasar Hijackthis (ejecútalo como Administrador y sin ningún otro programa abierto más que Hijackthis). Por último, aplica "Fix Checked" a la entrada nuevamente.

Un saludo.
La experiencia es una llama que alumbra quemando (Benito Pérez Galdós)

petre9467
Usuario linuxero
Usuario linuxero
Mensajes: 13
Registrado: 19 Ago 2012, 17:01
Agradecido : 2 veces
Contactar:

Re: problema con un archivo

Mensajepor petre9467 » 26 Ago 2012, 15:38

helheim escribió:Inicia en MODO SEGURO CON FUNCIONES DE RED

Una vez en el Escritorio, vuelve a pasar Hijackthis (ejecútalo como Administrador y sin ningún otro programa abierto más que Hijackthis). Por último, aplica "Fix Checked" a la entrada nuevamente.

Un saludo.


saludos.helheim lamento decirte que todavia sigue igual mi pc,te explicare paso a paso lo que hice por si hay un error. ah mi pc es window vista 32 bits,
1-inicio
2-todos los programas- hijackthis
3-click derecho sobre hijackthis,en la ventana que aparece -ejecutar como administrador
4-aparece otra ventana de control de usuario le doy click permitir
5-aparece el programa hijackthis le doy click en do a system scan only
6-aparece una ventana marco en la casilla que dice f3 reg:win.ini:load= C:\Users\nora\LOCALS~1\Temp\70dbfffe.com
7-le doy click donde dice fix checked
8-aparece otra ventana y dice fix 1 selected items this will permanently delete and /or repair what you selected si o no
le di click en si
9-despues aparece la misma ventana anterior pero en blanco con el boton scan en negro y el fix checked transparente
10- que hago aca hay que esperar algun resultado o hacer algo.
11- esto lo hice de modo normal y de modo seguro con funciones de red. todo igual como te lo explico aca

gracias por tu amabilidad de preocuparte por mi problema,mil bendiciones para ti y los tuyos

Avatar de Usuario
helheim
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 5001
Registrado: 20 Abr 2008, 11:38
Agradecido : 24 veces
Agradecimiento recibido: 169 veces
Contactar:

Re: problema con un archivo

Mensajepor helheim » 26 Ago 2012, 16:29

Vamos a mirar una cosa:

Pulsa las teclas Windows + r y escribe cmd

En la ventana que te aparece escribe lo siguiente:

reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini" /s > mensaje.txt (pulsa intro)

notepad mensaje.txt (pulsa intro)


Te aparecerá por pantalla un archivo de texto. Copia el contenido y pégalo aquí.

Un saludo.
La experiencia es una llama que alumbra quemando (Benito Pérez Galdós)


Volver a “Windows Vista”

¿Quién está conectado?

Usuarios navegando por este Foro: No hay usuarios registrados visitando el Foro y 1 invitado