Blog Registrarse Temas de Hoy AntiSpywares AntiVirus Glosario

Regresar   Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Foro de Virus y Spywares
Actualizar Aparicion de paginas de spyware cada vez que abro una pagina de internet explorer
         
Para evitar Virus, Spyware y ventanas emergentes, en InfoSpyware recomendamos navegar con: FIREFOX

Foro de Virus y Spywares Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector.
No ponga su log de HijackThis aquí !!

Respuesta
 
Herramientas
  post #1 (permalink)  
Antiguo 17/06/08, 19:03:42
Usuario
  
Registrado: nov 2005
Ubicación: España
Mensajes: 23
Aparicion de paginas de spyware cada vez que abro una pagina de internet explorer
Hola,

Alguien me puedo ayudary decirme si se puede evitar la molesta aparición de las páginas de spywares que aparecen cuando abro una página de internet.

NO poner Logs de HijackThis y/o ComboFIX en este sector del foro o seran eliminados.

Un saludo.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #2 (permalink)  
Antiguo 17/06/08, 20:36:27
Avatar de Salba
Moderador Gral
  
Registrado: ene 2005
Ubicación: Córdoba - Argentina-> Madrid
Mensajes: 6.664
Re: Aparicion de paginas de spyware cada vez que abro una pagina de internet explorer
Haz lo siguiente:
  1. Desactiva Restaurar Sistema
  2. Reinicia en Modo Seguro
  3. Haz una Limpieza con CCleaner, usa la opción Limpiador para borrar cookies y temporales, y la opción Registro para efectuar una limpieza del registro de Windows.
  4. Ejecuta DelPSguard (Pega aquí el reporte que genere)
  5. Ejecuta Malwarebytes' Anti-Malware y limpia lo que encuentre. (Es importante que selecciones "Realizar examen Completo")
  6. Reinicia en Modo Normal y pasa Kaspersky on line, pegando aquí el reporte que genere.
    (Selecciona MiPC, para que el escaneo sea completo)

*Una vez terminados los pasos, vuelve a activar Restaurar Sistema*


Saludos

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #3 (permalink)  
Antiguo 27/06/08, 15:08:17
Usuario
  
Registrado: nov 2005
Ubicación: España
Mensajes: 23
Re: Aparicion de paginas de spyware cada vez que abro una pagina de internet explorer
Hola Salba,

Aqui te pego e report del DelPSGuard:


DelPSGuard v 4.9.7
by www.ForoSpyware.com
Reporte Creado: 18:30:29,37, 27/06/2008
SO: Microsoft Windows [Versi¢n 6.0.6001]
Modo de Inicio: Seguro
_________________________________________


»»»»»»»»»»»» Carpetas y Archivos infectados »»»»»»»»»»»»


»»»»»»»»»»»»»»»»»»» Programas Malwares »»»»»»»»»»»»»»»»»



»»»»»»»»»»»»»»»»»»» FIN »»»»»»»»»»»»»»»»»»»

Y del Malwarebytes' Anti-Malware:

Malwarebytes' Anti-Malware 1.18
Versión de la Base de Datos: 895

19:08:57 27/06/2008
mbam-log-6-27-2008 (19-08-56).txt

Tipo de examen : Examen Completo (C:\|D:\|E:\|F:\|G:\|)
Objetos examinados: 128451
Tiempo transcurrido: 34 minute(s), 10 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
(No se han detectado elementos maliciosos)

No he podido lanzar el kaspersky antivirus pq me dice este error "Some components are damaged or not present . Please reinstall the application", pero me sigue dando siempre ese error.

Me siguen apareciendo las paginas de spywares, parece que no ha funcionado.

Un saludo.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #4 (permalink)  
Antiguo 27/06/08, 17:35:54
Avatar de Salba
Moderador Gral
  
Registrado: ene 2005
Ubicación: Córdoba - Argentina-> Madrid
Mensajes: 6.664
Re: Aparicion de paginas de spyware cada vez que abro una pagina de internet explorer
Sigue estos pasos: Eliminar Adware Navipromo. y me dejas el reporte de Navilog1


Luego:
- Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
  • Desactiva temporalmente el Antivirus y/o Antispyware.
  • Cierra todas las ventanas abiertas.
  • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
  • Cuando termine, generara un registro en C:\ComboFix.txt.
    • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
    • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
Cita:
Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
  • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #5 (permalink)  
Antiguo 28/06/08, 09:17:15
Usuario
  
Registrado: nov 2005
Ubicación: España
Mensajes: 23
Re: Aparicion de paginas de spyware cada vez que abro una pagina de internet explorer
Hola Salba,

Aqui tienes el log del Navilog1:

Search Navipromo version 3.6.0 began on 28/06/2008 at 11:28:04,63

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from C:\Program Files\navilog1
Actual User Account : "raul"

Updated on 27.06.2008 at 23h00 by IL-MAFIOSO

Microsoft Windows Vista 6.0.6001
Version Internet Explorer : 7.0.6001.18000
Filesystem type : NTFS

Search done in safe mode

*** Searching for installed Software ***


*** Search folders in "C:\Windows" ***


*** Search folders in "C:\Program Files" ***


*** Search folders in "C:\ProgramData" ***


*** Search folders in "c:\progra~2\micros~1\windows\startm~1\program s" ***


*** Search folders in "c:\users\raul\appdata\roaming\micros~1\windows\st artm~1\programs" ***


*** Search folders in "C:\Users\raul\AppData\Local\virtualstore\Prog ram Files" ***


*** Search folders in "C:\Users\raul\AppData\Roaming" ***

*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net

No file found


*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\Windows\system32" *

* Scan in "C:\Users\raul\AppData\Local\Microsoft" *

Files found :

cbufawc.exe found !

Suspicious Files :

uyioe.exe found !
uyioe.dat found !
uyioe_nav.dat found !
uyioe_navps.dat found !

* Scan in "C:\Users\raul\AppData\Local\virtualstore\windows\ system32" *

* Scan in "C:\Users\raul\AppData\Local" *



*** Search files ***


C:\Windows\pack.epk found !

*** Search specific Registry keys ***

HKEY_CURRENT_USER\Software\Lanconfig found !

*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :


2)Heuristic Search :

* In "C:\Windows\system32" :


* In "C:\Users\raul\AppData\Local\Microsoft" :

ftgptdmbqt_nav.dat found !
kpnvcb.dat found !
kpnvcb_nav.dat found !
kpnvcb_navps.dat found !
qeccmm_navup.dat found !
svfmbrok_navfx.dat found !
uyioe.dat found !
uyioe_nav.dat found !
uyioe_navps.dat found !

* In "C:\Users\raul\AppData\Local\virtualstore\windows\ system32" :


* In "C:\Users\raul\AppData\Local" :


3)Certificates Search :

Egroup certificate found !
Electronic-Group certificate found !
OOO-Favorit certificate found !
Sunny-Day-Design-Ltd certificate not found !

4)Search known files :



*** Search completed on 28/06/2008 at 11:41:29,85 ***



Y también el del ComboFix:

ComboFix 08-06-20.4 - raul 2008-06-28 14:46:36.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.3082.18.257 [GMT 2:00]
Se ejecuta desde: C:\Users\raul\Desktop\ComboFix.exe
* Creado un nuevo punto de restauración
.

(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\pack.epk
C:\Windows\System32\Desktop_.ini

.
(((((((((((((((((( Archivos creados desde 2008-05-28 - 2008-06-28 )))))))))))))))))))))))))))))))))
.

2008-06-28 12:26 . 2008-06-28 12:27 <DIR> d-------- C:\Program Files\Panda Security
2008-06-28 00:20 . 2008-06-28 14:41 <DIR> d-------- C:\Program Files\Navilog1
2008-06-28 00:03 . 2008-06-28 00:03 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-06-28 00:03 . 2008-06-28 00:03 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com
2008-06-28 00:01 . 2008-06-28 00:01 <DIR> d-------- C:\Users\raul\AppData\Roaming\SUPERAntiSpyware.com
2008-06-28 00:00 . 2008-06-28 00:00 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-22 21:38 . 2008-06-22 23:45 <DIR> d-------- C:\Windows\System32\Adobe
2008-06-19 01:44 . 2008-06-19 01:44 <DIR> d-------- C:\Windows\System32\Kaspersky Lab
2008-06-19 00:32 . 2008-06-19 00:32 <DIR> d-------- C:\Program Files\CCleaner
2008-06-18 20:28 . 2008-06-27 18:30 <DIR> d-------- C:\Program Files\DelPSGuard
2008-06-18 20:17 . 2008-06-18 20:17 <DIR> d-------- C:\Users\raul\AppData\Roaming\Malwarebytes
2008-06-18 20:17 . 2008-06-18 20:17 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-06-18 20:17 . 2008-06-18 20:17 <DIR> d-------- C:\ProgramData\Malwarebytes
2008-06-18 20:17 . 2008-06-27 18:16 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-18 20:17 . 2008-06-19 17:48 34,296 --a------ C:\Windows\System32\drivers\mbamcatchme.sys
2008-06-18 20:17 . 2008-06-19 17:47 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-06-18 00:28 . 2008-06-18 00:28 <DIR> d-------- C:\Users\All Users\WindowsSearch
2008-06-18 00:28 . 2008-06-18 00:28 <DIR> d-------- C:\ProgramData\WindowsSearch
2008-06-16 00:58 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-06-16 00:58 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-06-16 00:58 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-06-16 00:58 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-06-13 19:17 . 2008-06-13 19:19 <DIR> d-------- C:\Users\All Users\Lavasoft
2008-06-13 19:17 . 2008-06-13 19:19 <DIR> d-------- C:\ProgramData\Lavasoft
2008-06-07 16:06 . 2008-06-07 16:06 <DIR> d-------- C:\Users\raul\Tracing
2008-06-07 16:02 . 2008-06-07 16:02 <DIR> d-------- C:\Program Files\Microsoft Office Communicator
2008-06-07 16:02 . 1998-10-27 15:33 59,664 --a------ C:\Windows\System32\certmgr.exe
2008-06-07 16:02 . 2008-04-26 05:30 829 --a------ C:\Windows\System32\Accenture Application Server CA.cer
2008-06-07 16:02 . 2008-04-26 05:30 777 --a------ C:\Windows\System32\RSA Public Root CA v1.cer
2008-06-07 16:00 . 2008-06-07 16:00 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_ 00.Wdf
2008-05-31 01:23 . 2008-05-31 01:23 8,397 --a------ C:\Windows\System32\dpues.qm

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-06-28 10:18 --------- d-----w C:\ProgramData\Google Updater
2008-06-28 07:41 --------- d-----w C:\Users\raul\AppData\Roaming\uTorrent
2008-06-28 07:40 12,978 ----a-w C:\Users\raul\AppData\Roaming\nvModes.dat
2008-06-25 18:08 --------- d-----w C:\Program Files\Safari
2008-06-20 14:40 69,128 ----a-w C:\Windows\system32\drivers\avgwfpx.sys
2008-06-20 14:40 12,936 ----a-w C:\Windows\system32\drivers\avgrkx86.sys
2008-06-20 14:39 96,520 ----a-w C:\Windows\system32\drivers\avgldx86.sys
2008-06-20 14:39 10,520 ----a-w C:\Windows\System32\avgrsstx.dll
2008-06-17 18:00 55,591 ----a-w C:\Program Files\update.zip
2008-06-15 22:47 --------- d-----w C:\Users\raul\AppData\Roaming\Lavasoft
2008-06-15 22:47 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-06-11 06:13 --------- d-----w C:\Program Files\Windows Mail
2008-06-06 14:20 --------- d-----w C:\Program Files\DivX
2008-05-30 23:22 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-05-30 23:22 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\Windows\System32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\Windows\System32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-05-27 22:11 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-27 20:53 174 --sha-w C:\Program Files\desktop.ini
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Sidebar
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Journal
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Defender
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Collaboration
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Calendar
2008-05-27 20:16 691,545 ----a-w C:\Windows\unins000.exe
2008-05-27 18:57 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-05-27 18:57 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-05-26 22:31 --------- d-----w C:\ProgramData\Microsoft Help
2008-05-23 04:42 --------- d-----w C:\ProgramData\Office Genuine Advantage
2008-05-22 23:58 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-05-22 22:22 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-05-22 22:22 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-05-22 22:20 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-05-22 22:20 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-05-22 22:19 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-05-22 22:19 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-05-22 22:19 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-05-22 22:18 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-05-19 11:54 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-10 03:35 885,248 ----a-w C:\Windows\System32\RacEngn.dll
2008-05-10 01:33 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-05-05 19:27 --------- d-----w C:\Program Files\Microsoft Works
2008-05-05 19:25 --------- d-----w C:\Program Files\Microsoft.NET
2008-05-05 19:21 --------- d-----w C:\Program Files\MSBuild
2008-05-03 20:29 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-04-26 08:08 1,314,816 ----a-w C:\Windows\System32\quartz.dll
2008-04-25 04:35 826,880 ----a-w C:\Windows\System32\wininet.dll
2008-04-23 15:17 693,792 ----a-w C:\Windows\System32\OGACheckControl.dll
2008-04-23 15:17 504,864 ----a-w C:\Windows\System32\OGAVerify.exe
2008-04-23 15:17 504,352 ----a-w C:\Windows\System32\OGAAddin.dll
2007-02-09 17:34 420,816 ----a-w C:\Users\raul\AppData\Roaming\wunauclt.exe
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"????r"="" []
"?????????"="??????????????e" []
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 09:33 125952]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-07-16 11:49 68856]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 15:30 249856]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]
"SUPERAntiSpyware"="D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-06-04 06:05 1510640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 07:37 4186112 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 05:00 815104]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 19:58 464168]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-12-08 14:35 614400]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-07 16:52 1838592]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"PCSuiteTrayApplication"="D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 14:27 222208]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-20 16:40 1231128]
"QuickTime Task"="D:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2006-12-20 07:50 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2006-12-20 07:50 7766016]
"NvMediaCenter"="C:\Windows\system32\NvMcTray. dll" [2006-12-20 07:50 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"PcSync"="D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 18:15 1634304]

C:\Users\raul\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\
Recorte de pantalla e Inicio r*pido de OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-07-16 11:49:37 125624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= D:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
D:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 D:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{BC5E8A2F-D04B-4F56-991A-B8826FB75729}"= UDP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{19C73327-4B8D-4FA0-BE30-E61FF205195B}"= TCP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{2EF196CE-E544-452C-A4C7-31DA03E9EE6B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0A746D61-0D93-4A24-A4AA-D5CC6A4601A0}"= UDP:C:\Program Files\Grisoft\AVG7\avginet.exe:avginet.exe
"{7CD1EC40-26D9-4C3D-BC13-F04762895577}"= TCP:C:\Program Files\Grisoft\AVG7\avginet.exe:avginet.exe
"{828C9238-92C8-4034-9869-16C1A1B784B5}"= UDP:C:\Program Files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{14B10807-87D7-4797-8ADC-29003C23F19F}"= TCP:C:\Program Files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{B9EAF3AE-2D8D-401F-8E37-1487B11C9C8A}"= UDP:C:\Program Files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{29C66EB2-423F-450F-A6E6-A931B2B353F6}"= TCP:C:\Program Files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{9A070C68-FFBF-4F0A-A7CE-437B371AA1E8}"= TCP:32459:utorrent
"{6FFE7BCF-E771-473B-9491-970FD027EC32}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A5EBE34B-4A6C-433C-B68B-32AB2AB0EC71}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{1CF307E3-79B6-4BE7-846B-E5C015341BAA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3698D967-15F5-41EF-A17B-A42B7499F325}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6F1D3FA2-5257-4657-BAE9-BEB6228ABB04}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6901CC3F-2BAF-45C9-B823-AA3C94747D1B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{FDEA8F1B-539B-428A-A419-A6E04D15239A}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{3D2A4699-4B39-4EDD-ACE9-0AF746B5E7A3}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{25C45353-70E9-4A26-B0FD-E3CBBD66FCAA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5E07B6EC-229F-4B55-B178-B34CCF30054A}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe
"{79E5CC44-84C4-4FFF-951D-26D9037747CF}"= C:\Program Files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{310FA97B-ACE7-49E8-B08C-63CFBADBB6DA}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{78B96197-7218-4A01-8E1A-F5A2C6F7961A}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{70E931A5-2EFB-4F4C-8C8F-A628D2100780}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{2D6614E0-1B96-4003-9420-CE1366FFD7B5}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{EE81CC12-CF91-46AF-A4B1-457B6A3785BF}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{B32B5EAF-1709-4B82-827F-04529341F750}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{66BF2C3B-0BD0-4C60-B40B-BE7C693AA63E}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 AvgRkx86;avgrkx86.sys;C:\Windows\system32\Drivers\ avgrkx86.sys [2008-06-20 16:40]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-06-20 16:39]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-20 16:39]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R3 AvgWfpX;AVG8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-06-20 16:40]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 09:30]
S3 SMSCIRDA;SMSC Infrared Device Driver;C:\Windows\system32\DRIVERS\SMSCirda.sys [2006-10-18 16:44]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{9ec6d9f0-260f-11dc-9145-000fb0f30c98}]
\shell\AutoRun\command - F:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a7382edc-ef84-11db-9462-806e6f6e6963}]
\shell\AutoRun\command - E:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{af7413b8-73a7-11dc-98ad-000fb0f30c98}]
\shell\AutoRun\command - F:\Autorun.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenido de carpeta 'Tareas Programadas'
"2008-03-05 19:32:57 C:\Windows\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-06-28 01:30:00 C:\Windows\Tasks\RegClean Scheduled Scan.job"
- D:\Program Files\RegClean\RegClean.ex
- D:\Program Files\RegClean
.
************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-28 14:50:56
Windows 6.0.6001 Service Pack 1 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
Tiempo completado: 2008-06-28 14:52:25
ComboFix-quarantined-files.txt 2008-06-28 12:52:12

15 dirs 33,881,440,256 bytes libres
23 dirs 33,848,053,760 bytes libres

233 --- E O F --- 2008-06-26 17:54:42



Y tambien el del ActiveScan del Panda:

;************************************************* ************************************************** ************************************************** ******************************
ANALYSIS: 2008-06-28 14:20:23
PROTECTIONS: 2
MALWARE: 7
SUSPECTS: 0
;************************************************* ************************************************** ************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;================================================= ================================================== ================================================== ==============================
AVG Anti-Virus 8.0 Yes Yes
Norton Internet Security 2007 Yes Yes
;================================================= ================================================== ================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;================================================= ================================================== ================================================== ==============================
00139535 Application/Processor HackTools No 0 Yes No C:\Program Files\Navilog1\Process.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Program Files\Navilog1\reboot.exe
02884944 Spyware/Vundo Spyware No 0 Yes No C:\Users\raul\AppData\Roaming\wunauclt.exe
02906840 Trj/Downloader.SZG Virus/Trojan No 0 Yes No C:\Program Files\update.zip[update1.exe]
02931124 Spyware/Virtumonde Spyware No 1 Yes No C:\Program Files\update.zip[update2.exe]
02939010 Generic Trojan Virus/Trojan No 0 No No D:\Program Files\emule\Incoming\Alcohol.120.v1.9.6.4719.Retai l.Multilangages.Incl-Crack.rar[Crack\keymaker.exe]
03009106 W32/Xor-encoded.A Virus No 0 No No C:\Users\raul\AppData\Local\Microsoft\Windows\WER\ ReportArchive\Report0bd161af\Report.cab[ejjvnuuv.exe.xor]
03009106 W32/Xor-encoded.A Virus No 0 No No C:\Users\raul\AppData\Local\Microsoft\Windows\WER\ ReportArchive\Report05c3da09\Report.cab[glpnztd.exe.xor]
;================================================= ================================================== ================================================== ==============================
SUSPECTS
Sent Location ��2��6
3
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================
VULNERABILITIES
Id Severity Description ��2��6
3
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================


Un saludo.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #6 (permalink)  
Antiguo 28/06/08, 12:08:21
Avatar de Salba
Moderador Gral
  
Registrado: ene 2005
Ubicación: Córdoba - Argentina-> Madrid
Mensajes: 6.664
Re: Aparicion de paginas de spyware cada vez que abro una pagina de internet explorer
Antes que nada, por favor, no envuelvas los reportes con la etiqueta [code], ya que complica la lectura, solo pegalos normalmente.

Vuelve a ejecutar Navilog1 y lecciona la opción 2 para que limpie automáticamente lo que encuentra.

Luego:

1.-Abrir el Notepad (Bloc de Notas)
  • Ir a INICIO > EJECUTAR >
  • Y ahí pones notepad.exe y ACEPTAR
2.-Ahora copia y pega estos archivos dentro del Notepad

Código:
KillAll::

File::
C:\Program Files\update.zip
C:\Users\raul\AppData\Roaming\wunauclt.exe
D:\Program Files\emule\Incoming\Alcohol.120.v1.9.6.4719.Retail.Multilangages.Incl-Crack.rar
C:\Users\raul\AppData\Local\Microsoft\Windows\WER\ ReportArchive\Report0bd161af\Report.cab



Registry::
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"=-
"?????????"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ec6d9f0-260f-11dc-9145-000fb0f30c98}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7382edc-ef84-11db-9462-806e6f6e6963}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af7413b8-73a7-11dc-98ad-000fb0f30c98}]
3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

  • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente


Además, deja el reporte de Navilog1, con otro de PAnda.

Saludos

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #7 (permalink)  
Antiguo 29/06/08, 07:37:21
Usuario
  
Registrado: nov 2005
Ubicación: España
Mensajes: 23
Re: Aparicion de paginas de spyware cada vez que abro una pagina de internet explorer
Hola Salba,

Aqui tienes el log del Navilog1:

Navipromo Removal version 3.6.0 started on 29/06/2008 at 11:15:09,47

Fix running from C:\Program Files\navilog1
Actual User Account : "raul"

Updated on 27.06.2008 at 23h00 by IL-MAFIOSO

Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Filesystem type : NTFS

Automatic removal
without Catchme and GNS results


Cleanning stage done in safe mode


*** Deleting folders in "C:\Windows" ***


*** Deleting folders in "C:\Program Files" ***


*** Deleting folders in "C:\ProgramData" ***


*** Deleting folders in "c:\progra~2\micros~1\windows\startm~1\program s" ***


*** Deleting folders in c:\users\raul\appdata\roaming\micros~1\windows\sta rtm~1\programs ***


*** Deleting folders in "C:\Users\raul\AppData\Local\virtualstore\Prog ram Files" ***


*** Deleting folders in "C:\Users\raul\AppData\Roaming" ***



*** Deleting files ***


*** Deleting temporary files ***

Cleaning of C:\Windows\Temp done !
Cleaning of C:\Users\raul\AppData\Local\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :


* In "C:\Windows\system32" *


* In "C:\Users\raul\AppData\Local\Microsoft" *

kpnvcb.dat found !
Copy kpnvcb.dat done !
kpnvcb.dat deleted !

ftgptdmbqt_nav.dat found !
Copy ftgptdmbqt_nav.dat done !
ftgptdmbqt_nav.dat deleted !

kpnvcb_nav.dat found !
Copy kpnvcb_nav.dat done !
kpnvcb_nav.dat deleted !

kpnvcb_navps.dat found !
Copy kpnvcb_navps.dat done !
kpnvcb_navps.dat deleted !

qeccmm_navup.dat found !
Copy qeccmm_navup.dat done !
qeccmm_navup.dat deleted !

svfmbrok_navfx.dat found !
Copy svfmbrok_navfx.dat done !
svfmbrok_navfx.dat deleted !


* In "C:\Users\raul\AppData\Local\virtualstore\windows\ system32" *


* In "C:\Users\raul\AppData\Local" *


*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned


*** Certificates ***

Egroup Certificate not found !
Electronic-Group Certificate deleted !
OOO-Favorit Certificate deleted !
Sunny-Day-Design-Ltd Certificate not found !

*** Cleaning stage complete on 29/06/2008 at 11:18:07,53 ***

Aqui esta el log del ComboFix:


ComboFix 08-06-20.4 - raul 2008-06-29 11:22:43.2 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.3082.18.592 [GMT 2:00]
Se ejecuta desde: C:\Users\raul\Desktop\ComboFix.exe
Command switches used :: C:\Users\raul\Desktop\CFScript.txt
.

(((((((((((((((((( Archivos creados desde 2008-05-28 - 2008-06-29 )))))))))))))))))))))))))))))))))
.

Ningún archivo ha sido creado durante este intervalo de tiempo

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-06-29 09:18 --------- d-----w C:\Program Files\Navilog1
2008-06-29 08:58 --------- d-----w C:\Users\raul\AppData\Roaming\uTorrent
2008-06-28 14:54 12,978 ----a-w C:\Users\raul\AppData\Roaming\nvModes.dat
2008-06-28 10:27 --------- d-----w C:\Program Files\Panda Security
2008-06-28 10:18 --------- d-----w C:\ProgramData\Google Updater
2008-06-27 22:03 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com
2008-06-27 16:30 --------- d-----w C:\Program Files\DelPSGuard
2008-06-27 16:16 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-06-25 18:08 --------- d-----w C:\Program Files\Safari
2008-06-20 14:40 69,128 ----a-w C:\Windows\system32\drivers\avgwfpx.sys
2008-06-20 14:40 12,936 ----a-w C:\Windows\system32\drivers\avgrkx86.sys
2008-06-20 14:39 96,520 ----a-w C:\Windows\system32\drivers\avgldx86.sys
2008-06-20 14:39 10,520 ----a-w C:\Windows\System32\avgrsstx.dll
2008-06-19 15:48 34,296 ----a-w C:\Windows\system32\drivers\mbamcatchme.sys
2008-06-19 15:47 17,144 ----a-w C:\Windows\system32\drivers\mbam.sys
2008-06-18 22:32 --------- d-----w C:\Program Files\CCleaner
2008-06-18 18:17 --------- d-----w C:\Users\raul\AppData\Roaming\Malwarebytes
2008-06-18 18:17 --------- d-----w C:\ProgramData\Malwarebytes
2008-06-17 22:28 --------- d-----w C:\ProgramData\WindowsSearch
2008-06-17 18:00 55,591 ----a-w C:\Program Files\update.zip
2008-06-15 22:47 --------- d-----w C:\Users\raul\AppData\Roaming\Lavasoft
2008-06-15 22:47 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-06-13 17:19 --------- d-----w C:\ProgramData\Lavasoft
2008-06-11 06:13 --------- d-----w C:\Program Files\Windows Mail
2008-06-07 14:02 --------- d-----w C:\Program Files\Microsoft Office Communicator
2008-06-07 14:00 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_ 00.Wdf
2008-06-06 14:20 --------- d-----w C:\Program Files\DivX
2008-05-30 23:22 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-05-30 23:22 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\Windows\System32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\Windows\System32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-05-27 22:11 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-27 20:53 174 --sha-w C:\Program Files\desktop.ini
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Sidebar
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Journal
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Defender
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Collaboration
2008-05-27 20:43 --------- d-----w C:\Program Files\Windows Calendar
2008-05-27 20:16 691,545 ----a-w C:\Windows\unins000.exe
2008-05-27 18:57 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-05-27 18:57 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-05-26 22:31 --------- d-----w C:\ProgramData\Microsoft Help
2008-05-23 04:42 --------- d-----w C:\ProgramData\Office Genuine Advantage
2008-05-22 23:58 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-05-22 22:22 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-05-22 22:22 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-05-22 22:20 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-05-22 22:20 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-05-22 22:19 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-05-22 22:19 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-05-22 22:19 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-05-22 22:18 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-05-19 11:54 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-10 03:35 885,248 ----a-w C:\Windows\System32\RacEngn.dll
2008-05-10 01:33 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-05-05 19:27 --------- d-----w C:\Program Files\Microsoft Works
2008-05-05 19:25 --------- d-----w C:\Program Files\Microsoft.NET
2008-05-05 19:21 --------- d-----w C:\Program Files\MSBuild
2008-05-03 20:29 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-04-26 08:08 1,314,816 ----a-w C:\Windows\System32\quartz.dll
2008-04-25 04:35 826,880 ----a-w C:\Windows\System32\wininet.dll
2008-04-23 15:17 693,792 ----a-w C:\Windows\System32\OGACheckControl.dll
2008-04-23 15:17 504,864 ----a-w C:\Windows\System32\OGAVerify.exe
2008-04-23 15:17 504,352 ----a-w C:\Windows\System32\OGAAddin.dll
2008-04-23 04:42 428,544 ----a-w C:\Windows\System32\EncDec.dll
2008-04-23 04:42 293,376 ----a-w C:\Windows\System32\psisdecd.dll
2007-02-09 17:34 420,816 ----a-w C:\Users\raul\AppData\Roaming\wunauclt.exe
.

((((((((((((((((((((((((((((( snapshot@2008-06-28_14.51.37,74 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-28 12:28:15 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-06-29 09:13:11 67,584 --s-a-w C:\Windows\bootstat.dat
- 2008-06-28 12:30:08 1,572,864 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-06-29 09:23:49 1,572,864 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
- 2008-06-28 12:30:01 1,572,864 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.d at
+ 2008-06-29 09:23:43 1,572,864 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.d at
- 2008-06-28 12:28:17 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2008-06-28 23:01:30 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
- 2008-06-28 12:28:17 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-06-28 23:01:30 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-06-28 12:28:17 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2008-06-28 23:01:30 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
- 2008-06-28 12:30:12 3,018 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3393299647-3327820406-1187897780-1000_UserData.bin
+ 2008-06-29 07:48:09 4,028 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3393299647-3327820406-1187897780-1000_UserData.bin
- 2008-06-28 12:30:12 113,514 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
+ 2008-06-29 07:48:08 113,972 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
- 2008-06-28 12:30:11 14,356 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2008-06-29 07:47:58 19,808 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
.
((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"????r"="" []
"?????????"="??????????????e" []
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 09:33 125952]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-07-16 11:49 68856]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 15:30 249856]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 07:37 4186112 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 05:00 815104]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 19:58 464168]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-12-08 14:35 614400]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-07 16:52 1838592]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"PCSuiteTrayApplication"="D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 14:27 222208]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-20 16:40 1231128]
"QuickTime Task"="D:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2006-12-20 07:50 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2006-12-20 07:50 7766016]
"NvMediaCenter"="C:\Windows\system32\NvMcTray. dll" [2006-12-20 07:50 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
"<NO NAME>"="" []
"GrpConv"="grpconv -o" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"PcSync"="D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 18:15 1634304]

C:\Users\raul\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\
Recorte de pantalla e Inicio r*pido de OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-07-16 11:49:37 125624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{BC5E8A2F-D04B-4F56-991A-B8826FB75729}"= UDP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{19C73327-4B8D-4FA0-BE30-E61FF205195B}"= TCP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{2EF196CE-E544-452C-A4C7-31DA03E9EE6B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0A746D61-0D93-4A24-A4AA-D5CC6A4601A0}"= UDP:C:\Program Files\Grisoft\AVG7\avginet.exe:avginet.exe
"{7CD1EC40-26D9-4C3D-BC13-F04762895577}"= TCP:C:\Program Files\Grisoft\AVG7\avginet.exe:avginet.exe
"{828C9238-92C8-4034-9869-16C1A1B784B5}"= UDP:C:\Program Files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{14B10807-87D7-4797-8ADC-29003C23F19F}"= TCP:C:\Program Files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{B9EAF3AE-2D8D-401F-8E37-1487B11C9C8A}"= UDP:C:\Program Files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{29C66EB2-423F-450F-A6E6-A931B2B353F6}"= TCP:C:\Program Files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{9A070C68-FFBF-4F0A-A7CE-437B371AA1E8}"= TCP:32459:utorrent
"{6FFE7BCF-E771-473B-9491-970FD027EC32}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A5EBE34B-4A6C-433C-B68B-32AB2AB0EC71}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{1CF307E3-79B6-4BE7-846B-E5C015341BAA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3698D967-15F5-41EF-A17B-A42B7499F325}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6F1D3FA2-5257-4657-BAE9-BEB6228ABB04}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6901CC3F-2BAF-45C9-B823-AA3C94747D1B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{FDEA8F1B-539B-428A-A419-A6E04D15239A}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{3D2A4699-4B39-4EDD-ACE9-0AF746B5E7A3}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{25C45353-70E9-4A26-B0FD-E3CBBD66FCAA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5E07B6EC-229F-4B55-B178-B34CCF30054A}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe
"{79E5CC44-84C4-4FFF-951D-26D9037747CF}"= C:\Program Files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{310FA97B-ACE7-49E8-B08C-63CFBADBB6DA}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{78B96197-7218-4A01-8E1A-F5A2C6F7961A}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{70E931A5-2EFB-4F4C-8C8F-A628D2100780}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{2D6614E0-1B96-4003-9420-CE1366FFD7B5}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{EE81CC12-CF91-46AF-A4B1-457B6A3785BF}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{B32B5EAF-1709-4B82-827F-04529341F750}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{66BF2C3B-0BD0-4C60-B40B-BE7C693AA63E}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 AvgRkx86;avgrkx86.sys;C:\Windows\system32\Drivers\ avgrkx86.sys [2008-06-20 16:40]
S1 AvgLdx86;AVG AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-06-20 16:39]
S2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-20 16:39]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
S3 AvgWfpX;AVG8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-06-20 16:40]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 09:30]
S3 SMSCIRDA;SMSC Infrared Device Driver;C:\Windows\system32\DRIVERS\SMSCirda.sys [2006-10-18 16:44]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{9ec6d9f0-260f-11dc-9145-000fb0f30c98}]
\shell\AutoRun\command - F:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a7382edc-ef84-11db-9462-806e6f6e6963}]
\shell\AutoRun\command - E:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{af7413b8-73a7-11dc-98ad-000fb0f30c98}]
\shell\AutoRun\command - F:\Autorun.exe

*Newly Created Service* - ECACHE

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenido de carpeta 'Tareas Programadas'
"2008-03-05 19:32:57 C:\Windows\Tasks\Comprobar actualizaciones de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-06-28 01:30:00 C:\Windows\Tasks\RegClean Scheduled Scan.job"
- D:\Program Files\RegClean\RegClean.ex
- D:\Program Files\RegClean
.
************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-29 11:28:17
Windows 6.0.6001 Service Pack 1 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
Tiempo completado: 2008-06-29 11:29:29
ComboFix-quarantined-files.txt 2008-06-29 09:29:16
ComboFix2.txt 2008-06-28 12:52:26

El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.
El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.

236 --- E O F --- 2008-06-26 17:54:42


Y aqui el panda active scan:

;************************************************* ************************************************** ************************************************** ******************************
ANALYSIS: 2008-06-29 13:30:45
PROTECTIONS: 2
MALWARE: 11
SUSPECTS: 0
;************************************************* ************************************************** ************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;================================================= ================================================== ================================================== ==============================
AVG Anti-Virus 8.0 Yes Yes
Norton Internet Security 2007 Yes Yes
;================================================= ================================================== ================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;================================================= ================================================== ================================================== ==============================
00139535 Application/Processor HackTools No 0 Yes No C:\Program Files\Navilog1\Process.exe
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\raul\AppData\Roaming\Microsoft\Windows\Co okies\Low\raul@ad.yieldmanager[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\raul\AppData\Roaming\Microsoft\Windows\Co okies\Low\raul@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\raul\AppData\Roaming\Microsoft\Windows\Co okies\Low\raul@bs.serving-sys[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Users\raul\AppData\Roaming\Microsoft\Windows\Co okies\Low\raul@weborama[1].txt
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Program Files\Navilog1\reboot.exe
02884944 Spyware/Vundo Spyware No 0 Yes No C:\Users\raul\AppData\Roaming\wunauclt.exe
02906840 Trj/Downloader.SZG Virus/Trojan No 0 Yes No C:\Program Files\update.zip[update1.exe]
02931124 Spyware/Virtumonde Spyware No 1 Yes No C:\Program Files\update.zip[update2.exe]
02939010 Generic Trojan Virus/Trojan No 0 No No D:\Program Files\emule\Incoming\Alcohol.120.v1.9.6.4719.Retai l.Multilangages.Incl-Crack.rar[Crack\keymaker.exe]
03009106 W32/Xor-encoded.A Virus No 0 No No C:\Users\raul\AppData\Local\Microsoft\Windows\WER\ ReportArchive\Report05c3da09\Report.cab[glpnztd.exe.xor]
03009106 W32/Xor-encoded.A Virus No 0 No No C:\Users\raul\AppData\Local\Microsoft\Windows\WER\ ReportArchive\Report0bd161af\Report.cab[ejjvnuuv.exe.xor]
;================================================= ================================================== ================================================== ==============================
SUSPECTS
Sent Location %����

3
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================
VULNERABILITIES
Id Severity Description %����

3
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================

Ahora parece que todo funciona correctamente.

Ya te digo si aparece algo raro.

Un saludo.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
  post #8 (permalink)  
Antiguo 29/06/08, 10:49:36
Avatar de Salba
Moderador Gral
  
Registrado: ene 2005
Ubicación: Córdoba - Argentina-> Madrid
Mensajes: 6.664
Re: Aparicion de paginas de spyware cada vez que abro una pagina de internet explorer
Solo te ha faltado hacer ese paso, para eliminar completamente todo reastro de infección, hazlo y me dejas el reporte.


Cita:
Originalmente publicado por Salba Ver Mensaje
Antes que nada, por favor, no envuelvas los reportes con la etiqueta [code], ya que complica la lectura, solo pegalos normalmente.

Vuelve a ejecutar Navilog1 y lecciona la opción 2 para que limpie automáticamente lo que encuentra.

Luego:

1.-Abrir el Notepad (Bloc de Notas)
  • Ir a INICIO > EJECUTAR >
  • Y ahí pones notepad.exe y ACEPTAR
2.-Ahora copia y pega estos archivos dentro del Notepad

Código:
KillAll::

File::
C:\Program Files\update.zip
C:\Users\raul\AppData\Roaming\wunauclt.exe
D:\Program Files\emule\Incoming\Alcohol.120.v1.9.6.4719.Retail.Multilangages.Incl-Crack.rar
C:\Users\raul\AppData\Local\Microsoft\Windows\WER\ ReportArchive\Report0bd161af\Report.cab



Registry::
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"=-
"?????????"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ec6d9f0-260f-11dc-9145-000fb0f30c98}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7382edc-ef84-11db-9462-806e6f6e6963}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af7413b8-73a7-11dc-98ad-000fb0f30c98}]
3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

  • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente


Además, deja el reporte de Navilog1, con otro de PAnda.

Saludos

Novedades del Foro | Antivirus Online | Eliminar Malwares | Políticas del Foro | Blog

* Ayúdanos haciendo una DONACIÓN para poder seguir Ayudando.
* Para evitar Virus y Spywares al navegar por internet, USE FIREFOX !!
* No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.
Add Post to del.icio.usBookmark Post in TechnoratiMeneame
Responder Con Cita
Respuesta

« Tema Anterior | Próximo Tema »
Herramientas

Reglas del foro
No puedes crear nuevos temas
No puedes responder temas
No puedes subir adjuntos
No puedes editar tus mensajes
BB code is activado
Las caritas están activado
Código [IMG] está activado
Código HTML está desactivado
Trackbacks are desactivado
Pingbacks are desactivado
Refbacks are desactivado
Ir a

Temas Similares
Tema Autor Foro Respuestas Último mensaje
Virus en la pagina de inicio