• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 12

    Eliminar Nation Zoom (Solucionado)

    Resumen del tema: Eliminar Nation Zoom (Solucionado) - Ya llevé a cabo el procedimiento que sugieren para eliminarlo y esto es lo que generó el DDS . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT ...

      
    1. #1
      Usuario Avatar de León2013
      Registrado
      dic 2013
      Ubicación
      México
      Mensajes
      6

      Eliminar Nation Zoom (Solucionado)

      Ya llevé a cabo el procedimiento que sugieren para eliminarlo y esto es lo que generó el DDS

      .
      UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
      IF REQUESTED, ZIP IT UP & ATTACH IT
      .
      DDS (Ver_2012-11-20.01)
      .
      Microsoft Windows 7 Home Premium
      Boot Device: \Device\HarddiskVolume2
      Install Date: 13/12/2011 11:24:07 a.m.
      System Uptime: 04/12/2013 02:33:41 p.m. (0 hours ago)
      .
      Motherboard: Dell Inc. | | 0G848F
      Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz | Microprocessor | 1188/200mhz
      .
      ==== Disk Partitions =========================
      .
      C: is FIXED (NTFS) - 218 GiB total, 167.869 GiB free.
      D: is CDROM ()
      .
      ==== Disabled Device Manager Items =============
      .
      ==== System Restore Points ===================
      .
      RP97: 24/08/2013 02:49:43 p.m. - Punto de control programado
      RP98: 20/11/2013 02:56:29 p.m. - Installed iCloud
      RP99: 28/11/2013 06:22:45 p.m. - Punto de control programado
      RP100: 29/11/2013 06:29:24 a.m. - Installed Java 7 Update 45
      RP101: 01/12/2013 01:24:36 p.m. - Installed AVG 2014
      RP102: 01/12/2013 01:25:41 p.m. - Installed AVG 2014
      RP103: 02/12/2013 03:26:37 p.m. - Installed BlackBerry Desktop Software.
      RP104: 04/12/2013 12:48:30 p.m. - Uniblue DriverScanner installation
      .
      ==== Installed Programs ======================
      .
      64 Bit HP CIO Components Installer
      Adobe Flash Player 11 ActiveX
      Adobe Flash Player 11 Plugin
      Adobe Reader XI - Español
      Apple Mobile Device Support
      Apple Software Update
      Ask Toolbar
      Ask Toolbar Updater
      µTorrent
      AVG 2014
      BlackBerry Desktop Software 7.1
      Bonjour
      CCleaner
      Cisco EAP-FAST Module
      Cisco LEAP Module
      Cisco PEAP Module
      Compatibilidad con Aplicaciones de Apple
      Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007
      D3DX10
      Dell Touchpad
      Dell Wireless WLAN Card Utility
      doPDF 7.2 printer
      Dropbox
      Facebook Video Calling 1.2.0.287
      Google Chrome
      Google Update Helper
      iCloud
      IDT Audio
      Intel(R) Graphics Media Accelerator Driver
      Intel(R) Rapid Storage Technology
      iTunes
      Java 7 Update 45
      Java Auto Updater
      Junk Mail filter update
      Malwarebytes Anti-Malware versión 1.75.0.1300
      McAfee Security Scan Plus
      Microsoft .NET Framework 4 Client Profile
      Microsoft .NET Framework 4 Client Profile ESN Language Pack
      Microsoft Application Error Reporting
      Microsoft IntelliPoint 8.2
      Microsoft Office Access MUI (Spanish) 2010
      Microsoft Office Excel MUI (Spanish) 2010
      Microsoft Office Groove MUI (Spanish) 2010
      Microsoft Office InfoPath MUI (Spanish) 2010
      Microsoft Office Office 32-bit Components 2010
      Microsoft Office OneNote MUI (Spanish) 2010
      Microsoft Office Outlook MUI (Spanish) 2010
      Microsoft Office PowerPoint MUI (Spanish) 2010
      Microsoft Office Professional Plus 2010
      Microsoft Office Project MUI (Spanish) 2010
      Microsoft Office Project Professional 2010
      Microsoft Office Proof (Basque) 2010
      Microsoft Office Proof (Catalan) 2010
      Microsoft Office Proof (English) 2010
      Microsoft Office Proof (French) 2010
      Microsoft Office Proof (Galician) 2010
      Microsoft Office Proof (Portuguese (Brazil)) 2010
      Microsoft Office Proof (Spanish) 2010
      Microsoft Office Proofing (Spanish) 2010
      Microsoft Office Publisher MUI (Spanish) 2010
      Microsoft Office Shared 32-bit MUI (Spanish) 2010
      Microsoft Office Shared MUI (Spanish) 2010
      Microsoft Office Visio 2010
      Microsoft Office Visio MUI (Spanish) 2010
      Microsoft Office Word MUI (Spanish) 2010
      Microsoft Project Professional 2010
      Microsoft Silverlight
      Microsoft Sync Framework 2.0 Core Components (x64) ENU
      Microsoft Sync Framework 2.0 Provider Services (x64) ENU
      Microsoft Visio Premium 2010
      Microsoft Visual C++ 2005 Redistributable (x64)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
      MSVCRT
      MSVCRT_amd64
      MyFunCards Toolbar
      Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
      PowerDVD DX
      Quickset64
      Realtek USB 2.0 Card Reader
      Skype™ 6.6
      SyncToy 2.1 (x64)
      TETRISK version 1.0
      Visual Studio 2008 x64 Redistributables
      Visual Studio 2010 x64 Redistributables
      Visual Studio 2012 x64 Redistributables
      Visual Studio 2012 x86 Redistributables
      WIDCOMM Bluetooth Software
      Windows Live Communications Platform
      Windows Live Essentials
      Windows Live ID Sign-in Assistant
      Windows Live Installer
      Windows Live Language Selector
      Windows Live Mail
      Windows Live Messenger
      Windows Live MIME IFilter
      Windows Live Photo Common
      Windows Live PIMT Platform
      Windows Live SOXE
      Windows Live SOXE Definitions
      Windows Live UX Platform
      Windows Live UX Platform Language Pack
      Windows Live Writer
      Windows Live Writer Resources
      .
      ==== Event Viewer Messages From Past Week ========
      .
      30/11/2013 10:02:25 p.m., Error: BTHUSB [17] - A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.
      30/11/2013 08:53:08 a.m., Error: BTHUSB [17] - A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.
      29/11/2013 11:25:54 a.m., Error: BTHUSB [17] - A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.
      29/11/2013 07:18:56 p.m., Error: Ntfs [137] - El administrador de recursos de transacción en el volumen E: detectó un error irreproducible y no se pudo iniciar. Los datos contienen el código de error.
      29/11/2013 07:18:33 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
      29/11/2013 07:11:26 p.m., Error: BTHUSB [17] - A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.
      29/11/2013 04:43:32 p.m., Error: BTHUSB [17] - A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.
      28/11/2013 1109 p.m., Error: BTHUSB [17] - A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.
      04/12/2013 11:32:18 a.m., Error: Service Control Manager [7034] - El servicio Blackberry Device Manager se terminó de manera inesperada. Esto ha sucedido 1 veces.
      04/12/2013 11:29:15 a.m., Error: Service Control Manager [7034] - El servicio Blackberry Device Manager se terminó de manera inesperada. Esto ha sucedido 1 veces.
      04/12/2013 05:24:57 a.m., Error: BTHUSB [17] - A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.
      02/12/2013 05:21:51 p.m., Error: BTHUSB [17] - A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.
      02/12/2013 03:38:52 p.m., Error: Service Control Manager [7030] - El servicio SProtection ha sido marcado como servicio interactivo. Sin embargo, el sistema está configurado para no permitir servicios interactivos. Este servicio puede tener un funcionamiento incorrecto.
      02/12/2013 02:03:38 p.m., Error: Ntfs [137] - El administrador de recursos de transacción en el volumen E: detectó un error irreproducible y no se pudo iniciar. Los datos contienen el código de error.
      02/12/2013 02:03:31 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
      01/12/2013 08:49:28 a.m., Error: Service Control Manager [7006] - Error en la llamada ScRegSetValueExW para FailureActions con el error siguiente: Acceso denegado.
      01/12/2013 01:36:53 p.m., Error: Service Control Manager [7023] - El servicio Windows Update se cerró con el siguiente error: %%-2147467243
      01/12/2013 01:29:09 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:59 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:58 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:57 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:56 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:46 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:45 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:44 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:43 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:42 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:41 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:40 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:39 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:29 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:28 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:27 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:26 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:25 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:23 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:22 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:21 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:21 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:10 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:09 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:08 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:07 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:06 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:05 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:04 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:03 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:02 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:01 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:28:00 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:27:59 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:27:58 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:27:57 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:27:56 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:27:55 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      01/12/2013 01:27:45 p.m., Error: Service Control Manager [7024] - El servicio AVGIDSAgent se cerró con el error específico de servicio %%-536753635.
      .
      ==== End Of File ===========================
      Ahora... ¿qué más debo hacer? El nation zoom sigue apareciendo como primera opción de motor para búsqueda aunque eliminé el programa en el panel de control. El Malware eliminó entre 20 y 30 "objetivos". Gracias y espero su respuesta.

    2. #2
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.874

      Re: Eliminar Nation Zoom

      Hola


      Descargá a Tu escritorio la Herramienta Adwcleaner

      • Cerrá Todos los programas que tengas abiertos.
      • Clic derecho sobre su ícono y elegis Ejecutar Como Administrador.
      • Pulsas el Boton Escanear y luego que termine, pulsas el Boton Limpiar.
      • Seguí las Instrucciones. La Herramienta va a pedir Reiniciar el sistema, lo cual debes aceptar.
      • Guardas el reporte generado en el Escritorio, para pegarlo en Tu próxima respuesta.




      Nos comentas como va Tu ordenador ahora.



      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de León2013
      Registrado
      dic 2013
      Ubicación
      México
      Mensajes
      6

      Re: Eliminar Nation Zoom

      Leosolari:

      Aquí el reporte donde indica que se llevó a cabo la limpieza pero sigue abriendo el buscador de Nation Zoom. Saludos.

      # AdwCleaner v3.014 - Reporte Creado 05/12/2013 en 09:21:17
      # Actualizado 01/12/2013 por Xplode
      # Sistema Operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
      # Nombre de usuario : L Ledesma - LLEDESMA-PC
      # Ejecutado desde : C:\Users\L Ledesma\Downloads\adwcleaner (1).exe
      # Opción : Limpiar

      ***** [ Servicios ] *****


      ***** [ Archivos / Carpetas ] *****


      ***** [ Accesos directos ] *****


      ***** [ Registro ] *****


      ***** [ Navegadores ] *****

      -\\ Internet Explorer v9.0.8112.16455


      -\\ Mozilla Firefox v

      [ Archivo : C:\Users\L Ledesma\AppData\Roaming\Mozilla\Firefox\Profiles\f2pwpk7f.default\prefs.js ]


      -\\ Google Chrome v31.0.1650.63

      [ Archivo : C:\Users\L Ledesma\AppData\Local\Google\Chrome\User Data\Default\preferences ]


      *************************

      AdwCleaner[R0].txt - [9957 octets] - [04/12/2013 19:47:41]
      AdwCleaner[R1].txt - [1198 octets] - [04/12/2013 19:59:03]
      AdwCleaner[R2].txt - [1191 octets] - [05/12/2013 09:19:35]
      AdwCleaner[S0].txt - [9318 octets] - [04/12/2013 19:49:51]
      AdwCleaner[S1].txt - [1254 octets] - [04/12/2013 20:14:42]
      AdwCleaner[S2].txt - [1111 octets] - [05/12/2013 09:21:17]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1171 octets] ##########

    4. #4
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.874

      Re: Eliminar Nation Zoom

      Hola




      Descargá OTL By OldTimer





      >>> Ejecutá OTL
      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo asta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Pegá el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:

        NOTA: No copiar la palabra Cita.
        msconfig
        netsvcs
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.




      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de León2013
      Registrado
      dic 2013
      Ubicación
      México
      Mensajes
      6

      Re: Eliminar Nation Zoom

      Aquí el reporte. Te comento que como cerré el motor de búsqueda (Explorer) tuve que abrirlo y al hacerlo me llevó a Notion Zoom.

      Saludos y gracias.

      OTL logfile created on: 05/12/2013 11:33:17 a.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\L Ledesma\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy

      1.96 Gb Total Physical Memory | 0.67 Gb Available Physical Memory | 34.33% Memory free
      5.87 Gb Paging File | 3.92 Gb Available in Paging File | 66.88% Paging File free
      Paging file location(s): c:\pagefile.sys 4000 8000 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 218.20 Gb Total Space | 168.46 Gb Free Space | 77.20% Space Free | Partition Type: NTFS

      Computer Name: LLEDESMA-PC | User Name: L Ledesma | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\L Ledesma\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Users\L Ledesma\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
      PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)


      ========== Modules (No Company Name) ==========

      MOD - C:\Users\L Ledesma\AppData\Roaming\Dropbox\bin\libcef.dll ()
      MOD - C:\Users\L Ledesma\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE ()
      SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe (IDT, Inc.)
      SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe (Andrea Electronics Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
      SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.)
      SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      SRV - (McComponentHostService) -- C:\Archivos de programa\McAfee Security Scan\3.8.130\McCHSvc.exe (McAfee, Inc.)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (Blackberry Device Manager) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
      SRV - (KMService) -- C:\Windows\SysWOW64\srvany.exe ()
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (ose64) -- C:\Archivos de programa\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (btwdins) -- C:\Archivos de programa\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
      SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe (IDT, Inc.)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe (Andrea Electronics Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
      DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
      DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
      DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
      DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
      DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
      DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
      DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
      DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
      DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1386182875&from=tugs&uid=WDCXWD2500BEVT-75ZCT2_WD-WXE1A205060350603&q={searchTerms}
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1386182875&from=tugs&uid=WDCXWD2500BEVT-75ZCT2_WD-WXE1A205060350603&q={searchTerms}
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1386182875&from=tugs&uid=WDCXWD2500BEVT-75ZCT2_WD-WXE1A205060350603&q={searchTerms}
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZU^xdm494^YY^mx&si=CNGTyZPC6bUCFcyiPAodAFUAKQ&ptb=1511BC07-7643-4D80-80A3-8E94240DFBE8&ind=2013030621&n=77fc68dd&psa=&st=sb&searchfor={searchTerms}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Google [binary data]
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.selectedEngine: "StartWeb"
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@MyFunCards_5m.com/Plugin: C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll File not found
      FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\L Ledesma\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\5mffxtbr@MyFunCards_5m.com: C:\Program Files (x86)\MyFunCards_5m\bar\1.bin

      [2011/12/13 16:35:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\L Ledesma\AppData\Roaming\mozilla\Extensions
      [2013/12/04 13:21:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\L Ledesma\AppData\Roaming\mozilla\Firefox\Profiles\f2pwpk7f.default\extensions
      [2013/03/06 20:06:19 | 000,000,000 | ---D | M] (MyFunCards) -- C:\Users\L Ledesma\AppData\Roaming\mozilla\Firefox\Profiles\f2pwpk7f.default\extensions\5mffxtbr@MyFunCards_5m.com
      [2013/01/30 16:55:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

      O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Archivos de programa\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (MyFunCards) - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll File not found
      O3 - HKCU\..\Toolbar\WebBrowser: (MyFunCards) - {210F1B36-3B7F-41A4-B5DA-3EB87F5A56C2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll File not found
      O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Archivos de programa\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
      O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
      O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      O4 - HKCU..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\L Ledesma\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid e4ff438e1bd547d18fa075f39d57d7f6-abc9b9d5fa8daa16b0557036ad8aa48bb910eb64 --CMPID 0913b File not found
      O4 - HKCU..\Run: [Facebook Update] C:\Users\L Ledesma\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
      O4 - HKCU..\RunOnce: [Application Restart #2] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end --restore-last-session -- https://www.icloud.com/icloudcontrol...ewlocale=es_ES File not found
      O4 - Startup: C:\Users\L Ledesma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\L Ledesma\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra Button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra 'Tools' menuitem : Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE5259E0-E352-45F0-9FC5-F9655587ECF4}: DhcpNameServer = 192.168.1.254
      O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
      O18 - Protocol\Handler\ms-help - No CLSID value found
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O33 - MountPoints2\{29e73bdf-4db0-11e1-9969-a4badbb33e05}\Shell - "" = AutoRun
      O33 - MountPoints2\{29e73bdf-4db0-11e1-9969-a4badbb33e05}\Shell\AutoRun\command - "" = E:\PC_ImageViewer4.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Archivos de programa\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
      MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      MsConfig:64bit - StartUpReg: Apoint - hkey= - key= - C:\Archivos de programa\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
      MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      MsConfig:64bit - StartUpReg: dellsupportcenter - hkey= - key= - File not found
      MsConfig:64bit - StartUpReg: IntelliPoint - hkey= - key= - c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
      MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
      MsConfig:64bit - StartUpReg: Logitech Download Assistant - hkey= - key= - C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
      MsConfig:64bit - StartUpReg: PDVDDXSrv - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
      MsConfig:64bit - StartUpReg: QuickSet - hkey= - key= - C:\Archivos de programa\Dell\QuickSet\quickset.exe (Dell Inc.)
      MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
      MsConfig:64bit - StartUpReg: SysTrayApp - hkey= - key= - C:\Archivos de programa\IDT\WDM\sttray64.exe (IDT, Inc.)
      MsConfig:64bit - State: "startup" - Reg Error: Key error.


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/12/04 19:47:10 | 000,000,000 | ---D | C] -- C:\AdwCleaner
      [2013/12/04 14:19:52 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\AppData\Roaming\Malwarebytes
      [2013/12/04 14:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/12/04 14:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/12/04 14:19:42 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2013/12/04 14:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2013/12/04 14:18:57 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\AppData\Local\Programs
      [2013/12/04 12:48:52 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\AppData\Roaming\uTorrent
      [2013/12/04 12:48:23 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
      [2013/12/02 15:40:59 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\.android
      [2013/12/02 15:37:23 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\AppData\Local\cache
      [2013/12/02 15:37:15 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\Documents\Mobogenie
      [2013/12/02 15:37:15 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\AppData\Local\Mobogenie
      [2013/12/02 15:36:04 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\AppData\Local\Research In Motion
      [2013/12/02 15:36:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
      [2013/12/02 15:35:57 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\AppData\Roaming\Research In Motion
      [2013/12/02 15:29:12 | 000,044,544 | ---- | C] (Research in Motion Ltd) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys
      [2013/12/02 15:28:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
      [2013/12/02 15:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
      [2013/12/02 15:28:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\XCPCSync.OEM
      [2013/12/02 15:28:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Research In Motion
      [2013/12/02 15:28:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Research In Motion
      [2013/12/01 13:30:14 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\AppData\Roaming\AVG2014
      [2013/12/01 13:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
      [2013/12/01 13:13:45 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\AppData\Local\Avg2014
      [2013/11/29 06:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      [2013/11/20 14:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
      [2013/11/20 14:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
      [2013/11/20 14:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
      [2013/11/20 14:39:44 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
      [2013/11/20 14:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
      [2013/11/20 14:39:44 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
      [2013/11/20 11:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
      [2013/11/06 21:20:37 | 000,000,000 | ---D | C] -- C:\Users\L Ledesma\AppData\Local\PowerDVD DX
      [2013/11/05 21:55:48 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys

      ========== Files - Modified Within 30 Days ==========

      [2013/12/05 11:33:45 | 004,718,592 | -HS- | M] () -- C:\Users\L Ledesma\ntuser.dat
      [2013/12/05 11:25:02 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/12/05 10:59:29 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/12/05 10:59:29 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/12/05 10:31:10 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\bench-Updater removing.job
      [2013/12/05 09:56:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
      [2013/12/05 09:56:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/12/05 09:56:26 | 1579,438,080 | -HS- | M] () -- C:\hiberfil.sys
      [2013/12/05 09:39:01 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3993296025-2798514767-1759239205-1000UA.job
      [2013/12/05 09:30:24 | 001,715,313 | -H-- | M] () -- C:\Users\L Ledesma\AppData\Local\IconCache.db
      [2013/12/04 21:39:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3993296025-2798514767-1759239205-1000Core.job
      [2013/12/04 21:31:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\bench-sys.job
      [2013/12/04 14:19:46 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/12/02 15:57:20 | 001,555,646 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2013/12/02 15:57:20 | 000,703,840 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2013/12/02 15:57:20 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2013/12/02 15:57:20 | 000,137,806 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2013/12/02 15:57:20 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2013/12/02 15:49:53 | 000,000,279 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
      [2013/12/02 15:29:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
      [2013/12/02 15:28:33 | 000,002,233 | ---- | M] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
      [2013/12/02 15:24:56 | 119,528,976 | ---- | M] () -- C:\Users\L Ledesma\Desktop\710_b042_multilanguage.exe
      [2013/12/01 13:27:40 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
      [2013/11/20 14:40:38 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
      [2013/11/20 14:32:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      [2013/11/20 11:13:28 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
      [2013/11/20 11:13:28 | 000,001,931 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
      [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys

      ========== Files Created - No Company Name ==========

      [2013/12/05 09:30:24 | 001,715,313 | -H-- | C] () -- C:\Users\L Ledesma\AppData\Local\IconCache.db
      [2013/12/05 09:28:57 | 000,001,246 | ---- | C] () -- C:\Users\L Ledesma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      [2013/12/04 14:19:46 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/12/04 13:31:18 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\bench-Updater removing.job
      [2013/12/04 12:50:16 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\bench-sys.job
      [2013/12/02 15:49:53 | 000,000,279 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
      [2013/12/02 15:29:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
      [2013/12/02 15:28:33 | 000,002,233 | ---- | C] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
      [2013/12/02 15:21:44 | 119,528,976 | ---- | C] () -- C:\Users\L Ledesma\Desktop\710_b042_multilanguage.exe
      [2013/12/01 13:27:40 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
      [2013/11/20 14:40:38 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
      [2013/11/20 14:32:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      [2013/01/09 15:19:58 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
      [2012/12/14 09:17:34 | 000,000,039 | ---- | C] () -- C:\Windows\vbaddin.ini
      [2012/10/04 10:11:03 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
      [2012/10/04 1038 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\hpcc3130.dll
      [2012/10/01 1608 | 000,003,584 | ---- | C] () -- C:\Users\L Ledesma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/07/17 09:32:24 | 000,524,288 | -HS- | C] () -- C:\Users\L Ledesma\ntuser.dat{ddb525cb-d021-11e1-ae15-a4badbb33e05}.TMContainer00000000000000000002.regtrans-ms
      [2012/07/17 09:32:24 | 000,524,288 | -HS- | C] () -- C:\Users\L Ledesma\ntuser.dat{ddb525cb-d021-11e1-ae15-a4badbb33e05}.TMContainer00000000000000000001.regtrans-ms
      [2012/07/17 09:32:24 | 000,065,536 | -HS- | C] () -- C:\Users\L Ledesma\ntuser.dat{ddb525cb-d021-11e1-ae15-a4badbb33e05}.TM.blf
      [2012/07/12 11:56:20 | 000,524,288 | -HS- | C] () -- C:\Users\L Ledesma\ntuser.dat{ac16b33b-cc45-11e1-914b-a4badbb33e05}.TMContainer00000000000000000002.regtrans-ms
      [2012/07/12 11:56:20 | 000,524,288 | -HS- | C] () -- C:\Users\L Ledesma\ntuser.dat{ac16b33b-cc45-11e1-914b-a4badbb33e05}.TMContainer00000000000000000001.regtrans-ms
      [2012/07/12 11:56:20 | 000,065,536 | -HS- | C] () -- C:\Users\L Ledesma\ntuser.dat{ac16b33b-cc45-11e1-914b-a4badbb33e05}.TM.blf
      [2012/06/22 10:06:28 | 000,140,492 | ---- | C] () -- C:\Users\L Ledesma\AppData\Local\census.cache
      [2012/06/22 10:06:21 | 000,066,991 | ---- | C] () -- C:\Users\L Ledesma\AppData\Local\ars.cache
      [2012/06/22 09:55:30 | 000,000,036 | ---- | C] () -- C:\Users\L Ledesma\AppData\Local\housecall.guid.cache
      [2012/03/09 13:28:00 | 000,004,096 | -H-- | C] () -- C:\Users\L Ledesma\AppData\Local\keyfile3.drm
      [2011/12/13 16:29:19 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
      [2011/12/13 15:55:24 | 000,109,672 | ---- | C] () -- C:\Users\L Ledesma\AppData\Local\GDIPFONTCACHEV1.DAT
      [2011/12/13 13:14:57 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
      [2011/12/13 13:13:01 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
      [2011/12/13 13:13:00 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
      [2011/12/13 13:09:55 | 000,433,024 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
      [2011/12/13 11:24:47 | 000,000,020 | -HS- | C] () -- C:\Users\L Ledesma\ntuser.ini
      [2011/12/13 11:24:21 | 004,718,592 | -HS- | C] () -- C:\Users\L Ledesma\ntuser.dat
      [2011/12/13 11:24:21 | 000,524,288 | -HS- | C] () -- C:\Users\L Ledesma\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
      [2011/12/13 11:24:21 | 000,524,288 | -HS- | C] () -- C:\Users\L Ledesma\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
      [2011/12/13 11:24:21 | 000,065,536 | -HS- | C] () -- C:\Users\L Ledesma\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf

      ========== ZeroAccess Check ==========

      [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2012/11/23 23:52:49 | 000,000,000 | ---D | M] -- C:\Users\L Ledesma\AppData\Roaming\Auslogics
      [2013/12/01 13:30:14 | 000,000,000 | ---D | M] -- C:\Users\L Ledesma\AppData\Roaming\AVG2014
      [2013/12/05 09:57:39 | 000,000,000 | ---D | M] -- C:\Users\L Ledesma\AppData\Roaming\Dropbox
      [2012/03/04 19:58:22 | 000,000,000 | ---D | M] -- C:\Users\L Ledesma\AppData\Roaming\Foxit Software
      [2013/12/02 15:38:32 | 000,000,000 | ---D | M] -- C:\Users\L Ledesma\AppData\Roaming\Research In Motion
      [2011/12/13 15:07:36 | 000,000,000 | ---D | M] -- C:\Users\L Ledesma\AppData\Roaming\Softland
      [2013/01/20 16:55:23 | 000,000,000 | ---D | M] -- C:\Users\L Ledesma\AppData\Roaming\TuneUp Software
      [2013/12/04 20:13:42 | 000,000,000 | ---D | M] -- C:\Users\L Ledesma\AppData\Roaming\uTorrent

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2010/04/16 13:17:11 | 000,003,535 | RH-- | M] () -- C:\dell.sdr
      [2013/12/05 09:56:26 | 1579,438,080 | -HS- | M] () -- C:\hiberfil.sys
      [2006/12/01 22:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
      [2012/07/27 09:59:14 | 000,016,351 | ---- | M] () -- C:\P2014.log
      [2013/12/05 09:56:26 | 4194,304,000 | -HS- | M] () -- C:\pagefile.sys

      < End of report >

    6. #6
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.874

      Re: Eliminar Nation Zoom

      Hola de Nuevo




      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación



      :OTL
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1386182875&from=tugs&uid=WDCXWD2500BEVT-75ZCT2_WD-WXE1A205060350603&q={searchTerms}
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1386182875&from=tugs&uid=WDCXWD2500BEVT-75ZCT2_WD-WXE1A205060350603&q={searchTerms}
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1386182875&from=tugs&uid=WDCXWD2500BEVT-75ZCT2_WD-WXE1A205060350603&q={searchTerms}
      IE - HKLM\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZU^xdm494^YY^mx&si=CNGTyZPC6bUCFcyiPAodAFUAKQ&ptb=1511BC07-7643-4D80-80A3-8E94240DFBE8&ind=2013030621&n=77fc68dd&psa=&st=sb&searchfor={searchTerms}
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      FF - prefs.js..browser.search.selectedEngine: "StartWeb"
      FF - user.js - File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@MyFunCards_5m.com/Plugin: C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll File not found
      FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\5mffxtbr@MyFunCards_5m.com: C:\Program Files (x86)\MyFunCards_5m\bar\1.bin
      [2013/12/04 13:21:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\L Ledesma\AppData\Roaming\mozilla\Firefox\Profiles\f2pwpk7f.default\extensions
      [2013/03/06 20:06:19 | 000,000,000 | ---D | M] (MyFunCards) -- C:\Users\L Ledesma\AppData\Roaming\mozilla\Firefox\Profiles\f2pwpk7f.default\extensions\5mffxtbr@MyFunCards_5m.com
      [2013/01/30 16:55:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      O3 - HKLM\..\Toolbar: (MyFunCards) - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll File not found
      O3 - HKCU\..\Toolbar\WebBrowser: (MyFunCards) - {210F1B36-3B7F-41A4-B5DA-3EB87F5A56C2} - C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll File not found
      O33 - MountPoints2\{29e73bdf-4db0-11e1-9969-a4badbb33e05}\Shell - "" = AutoRun
      O33 - MountPoints2\{29e73bdf-4db0-11e1-9969-a4badbb33e05}\Shell\AutoRun\command - "" = E:\PC_ImageViewer4.exe
      :Files
      ipconfig /flushdns /c
      ipconfig /renew /c
      :Commands
      [PURITY]
      [EMPTYTEMP]
      [EMPTYFLASH]
      [RESETHOSTS]

      Presioná el Boton Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.





      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de León2013
      Registrado
      dic 2013
      Ubicación
      México
      Mensajes
      6

      Re: Eliminar Nation Zoom

      Así lo hice. Después de reiniciarse y para poder acceder a forospyware, abrí Explorer y me mandó a Nation Zoom. Adjunto el reporte.

      Saludos.

      All processes killed
      ========== OTL ==========
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{acbd5593-e5ee-4c15-b48f-1823ce819dec}\ not found.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      Prefs.js: "StartWeb" removed from browser.search.selectedEngine
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@MyFunCards_5m.com/Plugin\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0\ deleted successfully.
      C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll moved successfully.
      Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\5mffxtbr@MyFunCards_5m.com deleted successfully.
      File C:\Program Files (x86)\MyFunCards_5m\bar\1.bin not found.
      C:\Users\L Ledesma\AppData\Roaming\mozilla\Firefox\Profiles\f2pwpk7f.default\extensions\5mffxtbr@MyFunCards_5m.com\chrome folder moved successfully.
      C:\Users\L Ledesma\AppData\Roaming\mozilla\Firefox\Profiles\f2pwpk7f.default\extensions\5mffxtbr@MyFunCards_5m.com folder moved successfully.
      C:\Users\L Ledesma\AppData\Roaming\mozilla\Firefox\Profiles\f2pwpk7f.default\extensions folder moved successfully.
      Folder C:\Users\L Ledesma\AppData\Roaming\mozilla\Firefox\Profiles\f2pwpk7f.default\extensions\5mffxtbr@MyFunCards_5m.com\ not found.
      C:\Program Files (x86)\mozilla firefox\extensions folder moved successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{210f1b36-3b7f-41a4-b5da-3eb87f5a56c2}\ deleted successfully.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{210F1B36-3B7F-41A4-B5DA-3EB87F5A56C2} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{210F1B36-3B7F-41A4-B5DA-3EB87F5A56C2}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29e73bdf-4db0-11e1-9969-a4badbb33e05}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{29e73bdf-4db0-11e1-9969-a4badbb33e05}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29e73bdf-4db0-11e1-9969-a4badbb33e05}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{29e73bdf-4db0-11e1-9969-a4badbb33e05}\ not found.
      File E:\PC_ImageViewer4.exe not found.
      File RITY] not found.
      File PTYTEMP] not found.
      File PTYFLASH] not found.
      File SETHOSTS] not found.

      OTL by OldTimer - Version 3.2.69.0 log created on 12052013_125205

      Files\Folders moved on Reboot...

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    8. #8
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.874

      Re: Eliminar Nation Zoom

      Hola de Nuevo


      Ejecutá nuevamente OTL.exe y presionas el Boton Limpiar.


      Esto Eliminará de Tu sistema a OTL.exe y sus archivos creados y eliminados.


      Te pedirá reiniciar el ordenador. Presionas SI, y después de reiniciar, comprobas en Funcionamiento y nos comentas como sigue.




      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de León2013
      Registrado
      dic 2013
      Ubicación
      México
      Mensajes
      6

      Re: Eliminar Nation Zoom

      Ya desapareció OTL pero me direcciona a Nation Zoom cuando abro Explorer.

      Cuando dices que compruebe en Funcionamiento, ¿a qué te refieres?

      Gracias y saludos.

    10. #10
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      54.874

      Re: Eliminar Nation Zoom

      Hola


      Pasá por este Link: Guía de cómo eliminar Qvo6 y Delta y hacé exactamente lo que ahi se te indica para cambiar manualmente los parametros de Tu navegador.


      Nos comentas.

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo