Problema con XDVAnnn.sys (Solucionado)

**Hellowen** · 22/09/11, 02:28:53

Hola, tengo un problema con un malware (XDVAnnn.sys) el cual me da el temido pantallaso azul ya analize con Kaspersky, Searsh & Destroy, Nod32 y nada

, lo ultimo fue que utilize el ComboFix y esto fue lo que me dio:

ComboFix 11-09-21.04 - nogales 21/09/2011 12:55:05.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.3082.18.3263.2216 [GMT -4,5:30]
Running from: c:\users\nogales\Downloads\Programs\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\driver
c:\driver\S-1-4-89-654352344-54323413-6452342-4545\Desktop.ini
c:\driver\S-1-4-89-654352344-54323413-6452342-4545\svchost.exe
c:\program files\KarosOnline_setup_sa_2011_0722.exe
c:\program files\MediaGet DB Toolbar\tbHElper.dll
c:\program files\TNod User & Password Finder\TNODUP.exe
c:\users\nogales\AppData\Roaming\105B.tmp
c:\windows\w5win.ini
.
.
((((((((((((((((((((((((( Files Created from 2011-08-21 to 2011-09-21 )))))))))))))))))))))))))))))))
.
.
2011-09-21 17:32 . 2011-09-21 17:32 -------- d-----w- c:\users\nogales\AppData\Local\temp
2011-09-21 17:32 . 2011-09-21 17:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-21 08:38 . 2011-09-21 10:26 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2011-09-20 10:53 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{14070364-4E8E-46AA-A2D8-1FA940FAC2AA}\mpengine.dll
2011-09-15 15:12 . 2011-07-06 15:14 89376 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2011-09-14 10:57 . 2011-09-14 10:57 -------- d-----w- c:\program files\hotkey
2011-09-14 10:56 . 2005-04-04 03:32 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-09-14 10:56 . 2005-04-04 03:31 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-09-14 10:56 . 2005-04-04 03:30 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-09-14 10:56 . 2005-04-04 03:29 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-09-14 10:56 . 2005-04-04 03:32 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-09-14 10:56 . 2011-09-14 10:56 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-09-14 10:56 . 2011-09-14 10:56 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-09-10 14:20 . 2011-09-10 14:20 -------- d-sh--we c:\windows\system32\config\systemprofile\Mis documentos
2011-09-10 14:20 . 2011-09-10 14:20 -------- d-sh--we c:\windows\system32\config\systemprofile\Datos de programa
2011-09-10 14:20 . 2011-09-10 14:20 -------- d-sh--we c:\windows\system32\config\systemprofile\Configuración local
2011-09-10 14:20 . 2011-09-10 14:20 -------- d-----w- c:\users\nogales\AppData\Local\Programs
2011-09-08 20:16 . 2011-09-08 20:16 -------- d-----w- c:\program files\Axeso5
2011-09-08 13:38 . 2011-09-21 15:28 -------- d-----w- c:\users\nogales\AppData\Local\PMB Files
2011-09-08 13:38 . 2011-09-08 19:14 -------- d-----w- c:\programdata\PMB Files
2011-09-08 13:36 . 2011-09-08 13:36 -------- d-----w- c:\program files\Pando Networks
2011-09-08 10:31 . 2011-09-15 10:41 -------- d-----w- c:\users\nogales\AppData\Roaming\IDM
2011-09-08 10:31 . 2011-09-21 17:32 -------- d-----w- c:\users\nogales\AppData\Roaming\DMCache
2011-09-08 10:31 . 2011-09-16 09:35 -------- d-----w- c:\program files\Internet Download Manager
2011-09-06 16:54 . 2011-09-06 16:54 -------- d-----w- c:\program files\CCleaner
2011-09-06 14:30 . 2009-10-15 17:14 809560 ----a-r- c:\windows\system32\tmp948D.tmp
2011-09-06 14:28 . 2009-10-15 17:14 809560 ----a-r- c:\windows\system32\tmp944E.tmp
2011-09-06 12:29 . 2011-09-06 12:29 -------- d-----w- C:\Game
2011-09-01 14:44 . 2011-09-01 14:44 -------- d-----w- c:\users\nogales\AppData\Local\Apple Computer
2011-08-26 16:22 . 2011-08-26 16:22 -------- d-----w- c:\program files\MSXML 4.0
2011-08-26 15:24 . 2011-07-09 04:29 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-06 14:30 . 2011-01-29 03:34 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-09-06 14:30 . 2011-01-29 03:34 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-15 09:53 . 2011-05-13 08:09 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-22 04:54 . 2011-08-15 07:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-16 04:27 . 2011-08-15 07:29 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:15 . 2011-08-15 07:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:17 . 2011-08-15 07:29 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17 . 2011-08-15 07:29 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 02:30 . 2011-08-15 07:40 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-24 04:27 . 2011-08-15 07:29 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-06-24 04:22 . 2011-08-15 07:29 271360 ----a-w- c:\windows\system32\conhost.exe
2011-09-07 12:44 . 2011-03-29 09:33 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}]
2011-07-21 10:10 141104 ----a-w- c:\program files\BrowserCompanion\updatebhoWin32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 21864 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2011-09-15 3425688]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-09-08 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-26 336384]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552]
"Browser companion helper"="c:\program files\BrowserCompanion\BCHelper.exe" [2011-07-21 177456]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-05-26 800768]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-02-14 4014224]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-26 1343400]
R3 XDva385;XDva385;c:\windows\system32\XDva385.sys [x]
R3 XDva389;XDva389;c:\windows\system32\XDva389.sys [x]
R3 XDva390;XDva390;c:\windows\system32\XDva390.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 176128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-07-06 89376]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = hxxp://www.bigseekpro.com/mediaget/{4A6D4177-2463-4505-8315-E4083A50FAC4}
IE: Descargar con IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Descargar con IDM todos los enlaces - c:\program files\Internet Download Manager\IEGetAll.htm
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 200.44.32.12 200.11.248.12
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
FF - ProfilePath - c:\users\nogales\AppData\Roaming\Mozilla\Firefox\Profiles\6ypi3ziq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:es-ES:official
FF - prefs.js: keyword.URL - hxxp://www.plusnetwork.com/?sp=addr&q=
FF - user.js: network.http.max-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-TNOD UP - c:\program files\TNod User & Password Finder\TNODUP.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2651987396-2597816726-2990243142-1000_Classes\CLSID\{27256dca-55f4-4939-a775-92ac7bdffb85}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000107
"Therad"=dword:0000000e
.
[HKEY_USERS\S-1-5-21-2651987396-2597816726-2990243142-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):e8,e2,a0,e9,03,63,4d,e1,5f,e9,e7,47,cd,4f,37,c0,0a,ab,df,52,e3,
08,e4,0c,17,a5,15,6f,f8,51,3e,2f,ee,35,39,a2,f9,39,4c,2d,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-09-21 13:04:33
ComboFix-quarantined-files.txt 2011-09-21 17:34
.
Pre-Run: 8.464.560.128 bytes libres
Post-Run: 13.715.214.336 bytes libres
.
- - End Of File - - 540FB19C12ACAA8688B68DBF5C827DCD

Lo de utilizar el ComboFix lo lei en un tema de alguien que tenia el mismo problema pero dice que nesecito a alguien experto para que me diga que hacer con la informacion que me dio,no se si elimino el malware o solo me esta dando la info de donde esta o algo, si alguien sabe como librarse de este problema se lo agradeceria(Y creo que tambien agarre ese malware por jugar MMO)

**Rollinguit** · 22/09/11, 02:57:19

Hola aguspolla.

Consejos para antes de publicar un nuevo mensaje
Políticas del Foro de InfoSpyware

Veo que haz utilizado la herramienta ComboFix por tu cuenta. Es un riesgo muy importante debido al poder que tiene y el mal uso puede generar inconvenientes severos en el correcto funcionamiento del Sistema.

Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.

Realiza lo siguiente:

Si utilizas Spybot Search & Destroy desactiva el Tea Timer.

A.-

Desinstala desde Inicio / Panel de Control / Programas - Programas y características:

Browser Companion

B.-

Haz ejecutado ComboFix desde una ubicación incorrecta, esto puede provocar problemas en el Sistema. Es necesario que hagas los pasos tal cual te solicito. Por lo cual continua con lo siguiente:

Ve a la siguiente ubicación, haces clic derecho sobre ComboFix y pulsas "Cortar".

c:\users\nogales\Downloads\Programs\ComboFix.exe

Por último lo pegas en el Escritorio como debería ser.

1.-Abre el Notepad (Bloc de notas)

Windows XP

Ve a Inicio >> Selecciona Ejecutar >> Escribe dentro Notepad

Windows Vista / Windows 7

Ve a Inicio >> Todos los programas >> Accesorios >> Selecciona Ejecutar >> Escribe dentro Notepad

2.-Ahora copie y pegue estos archivos dentro del Notepad.

Código:

KillAll::

File::
c:\windows\system32\tmp948D.tmp
c:\windows\system32\tmp944E.tmp
c:\windows\system32\GameMon.des

Folder::
c:\program files\BrowserCompanion

Driver::
npggsvc
XDva385
XDva389
XDva390

Registry::
[-HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]

DDS:: 
mStart Page = hxxp://www.bigseekpro.com/mediaget/{4A6D4177-2463-4505-8315-E4083A50FAC4}

Firefox::
FF - ProfilePath - c:\users\nogales\AppData\Roaming\Mozilla\Firefox\Profiles\6ypi3ziq.default\
FF - prefs.js: keyword.URL - hxxp://www.plusnetwork.com/?sp=addr&q=

3.- Guarde este archivo con el nombre CFScript.txt dentro del Escritorio.

4.- Arrastre y suelte el archivo CFScript.txt dentro del archivo ComboFix.exe como muestra la animación debajo. Esto activara ComboFix nuevamente.

Reinicie su PC y déjenos el nuevo reporte de ComboFix, comentándonos cómo esta funcionado todo actualmente.

Antes de usar el CFScript....

Desactive temporalmente el Antivirus y/o Antispyware.
Cierra todas las ventanas abiertas.
Si le pide actualizar acepte.

**Hellowen** · 22/09/11, 11:33:59

Hola gracias por tu respuesta tan rapida

ya hice lo que me dijiste esto fue lo que me dio:

ComboFix 11-09-21.04 - nogales 21/09/2011 22:38:49.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.3082.18.3263.2320 [GMT -4,5:30]
Running from: c:\users\nogales\Desktop\ComboFix.exe
Command switches used :: c:\users\nogales\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\system32\GameMon.des"
"c:\windows\system32\tmp944E.tmp"
"c:\windows\system32\tmp948D.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\BrowserCompanion
c:\program files\BrowserCompanion\BCHelper.exe
c:\program files\BrowserCompanion\logo.ico
c:\program files\BrowserCompanion\updatebhoWin32.dll
c:\windows\system32\GameMon.des
c:\windows\system32\tmp944E.tmp
c:\windows\system32\tmp948D.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_XDVA385
-------\Legacy_XDVA389
-------\Legacy_XDVA390
-------\Service_npggsvc
-------\Service_XDva385
-------\Service_XDva389
-------\Service_XDva390
.
.
((((((((((((((((((((((((( Files Created from 2011-08-22 to 2011-09-22 )))))))))))))))))))))))))))))))
.
.
2011-09-22 03:21 . 2011-09-22 03:21 -------- d-----w- c:\users\nogales\AppData\Local\{591B64CC-C7D7-43EE-ADC0-A1A1DDCFDB73}
2011-09-22 03:17 . 2011-09-22 03:21 -------- d-----w- c:\users\nogales\AppData\Local\temp
2011-09-22 03:17 . 2011-09-22 03:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-21 08:38 . 2011-09-21 10:26 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2011-09-15 15:12 . 2011-07-06 15:14 89376 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2011-09-14 10:57 . 2011-09-14 10:57 -------- d-----w- c:\program files\hotkey
2011-09-14 10:56 . 2005-04-04 03:32 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-09-14 10:56 . 2005-04-04 03:31 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-09-14 10:56 . 2005-04-04 03:30 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-09-14 10:56 . 2005-04-04 03:29 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-09-14 10:56 . 2005-04-04 03:32 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-09-14 10:56 . 2011-09-14 10:56 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-09-14 10:56 . 2011-09-14 10:56 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-09-10 14:20 . 2011-09-10 14:20 -------- d-sh--we c:\windows\system32\config\systemprofile\Mis documentos
2011-09-10 14:20 . 2011-09-10 14:20 -------- d-sh--we c:\windows\system32\config\systemprofile\Datos de programa
2011-09-10 14:20 . 2011-09-10 14:20 -------- d-sh--we c:\windows\system32\config\systemprofile\Configuración local
2011-09-10 14:20 . 2011-09-10 14:20 -------- d-----w- c:\users\nogales\AppData\Local\Programs
2011-09-08 20:16 . 2011-09-08 20:16 -------- d-----w- c:\program files\Axeso5
2011-09-08 13:38 . 2011-09-22 03:21 -------- d-----w- c:\users\nogales\AppData\Local\PMB Files
2011-09-08 13:38 . 2011-09-08 19:14 -------- d-----w- c:\programdata\PMB Files
2011-09-08 13:36 . 2011-09-08 13:36 -------- d-----w- c:\program files\Pando Networks
2011-09-08 10:31 . 2011-09-15 10:41 -------- d-----w- c:\users\nogales\AppData\Roaming\IDM
2011-09-08 10:31 . 2011-09-22 03:17 -------- d-----w- c:\users\nogales\AppData\Roaming\DMCache
2011-09-08 10:31 . 2011-09-16 09:35 -------- d-----w- c:\program files\Internet Download Manager
2011-09-06 16:54 . 2011-09-06 16:54 -------- d-----w- c:\program files\CCleaner
2011-09-06 12:29 . 2011-09-06 12:29 -------- d-----w- C:\Game
2011-09-01 14:44 . 2011-09-01 14:44 -------- d-----w- c:\users\nogales\AppData\Local\Apple Computer
2011-08-26 16:22 . 2011-08-26 16:22 -------- d-----w- c:\program files\MSXML 4.0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-06 14:30 . 2011-01-29 03:34 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-09-06 14:30 . 2011-01-29 03:34 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-15 09:53 . 2011-05-13 08:09 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-12 02:44 . 2011-09-20 10:53 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{14070364-4E8E-46AA-A2D8-1FA940FAC2AA}\mpengine.dll
2011-07-22 04:54 . 2011-08-15 07:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-16 04:27 . 2011-08-15 07:29 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:15 . 2011-08-15 07:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:15 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:17 . 2011-08-15 07:29 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17 . 2011-08-15 07:29 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17 . 2011-08-15 07:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17 . 2011-08-15 07:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 04:29 . 2011-08-26 15:24 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-09 02:30 . 2011-08-15 07:40 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-24 04:27 . 2011-08-15 07:29 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-06-24 04:22 . 2011-08-15 07:29 271360 ----a-w- c:\windows\system32\conhost.exe
2011-09-07 12:44 . 2011-03-29 09:33 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 21864 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2011-09-15 3425688]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-09-08 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-26 336384]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-05-26 800768]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-26 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 176128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-07-06 89376]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 6650368]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: Descargar con IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Descargar con IDM todos los enlaces - c:\program files\Internet Download Manager\IEGetAll.htm
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 200.44.32.12 200.11.248.12
FF - ProfilePath - c:\users\nogales\AppData\Roaming\Mozilla\Firefox\Profiles\6ypi3ziq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:es-ES:official
FF - user.js: network.http.max-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2651987396-2597816726-2990243142-1000_Classes\CLSID\{27256dca-55f4-4939-a775-92ac7bdffb85}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000108
"Therad"=dword:0000000f
.
[HKEY_USERS\S-1-5-21-2651987396-2597816726-2990243142-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):e8,e2,a0,e9,03,63,4d,e1,5f,e9,e7,47,cd,4f,37,c0,0a,ab,df,52,e3,
08,e4,0c,17,a5,15,6f,f8,51,3e,2f,ee,35,39,a2,f9,39,4c,2d,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1668)
c:\program files\Internet Download Manager\idmmkb.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\sppsvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2011-09-21 22:57:24 - machine was rebooted
ComboFix-quarantined-files.txt 2011-09-22 03:27
ComboFix2.txt 2011-09-21 17:34
.
Pre-Run: 13.918.003.200 bytes libres
Post-Run: 14.033.858.560 bytes libres
.
- - End Of File - - ACE3FEC7EA1A93906899A1900334F851

**Rollinguit** · 22/09/11, 12:06:42

¿Cómo funciona el Sistema? ¿El problema principal se ha solucionado?

**Hellowen** · 22/09/11, 17:24:17

Bueno e jugado unas horas y nada de pantalla azul asi que creo que se le kito

y todo el sistema hasta ahora bien, normal

Muchas gracias por tu ayuda

**Rollinguit** · 22/09/11, 17:26:02

Realiza lo siguiente:

Desinstala CF de la siguiente manera:

Ir a Inicio > Ejecutar
Escribir lo siguiente: ComboFix /Uninstall como observa en la imagen:

Esto activara el desinstalador de ComboFix abriendo su pantalla principal. Luego de unos segundos vera ComboFix is uninstalled.

Si este procedimiento falla, descargue OTC.exe en el Escritorio. Lo ejecuta y presiona Cleanup.

Recomendaciones:

Actualizar:
- El sistema cuando lo requiera.
- Mantener actualizada la base de datos y programa del antivirus

Ejecutar:
- Cada 3 días mínimo Ccleaner --> Manual en sus opciones de limpiador y de registro haciendo copia de seguridad.
- Malwarebytes (actualizado), una ves por semana al igual que tu antivirus.

Descargar e instalar:
- spywareblaster como indica su Manual (actualizando).
- Leer el siguiente enlace 10 consejos para navegar seguro por Internet

Por cualquier otro problema no dudes en consultarnos.

TEMA SOLUCIONADO

Si deseas reabrir este tema presiona

, Cómo reportar mensajes?... Saludos!!!

Como recomendación final, te invitamos a seguirnos en nuestros canales de difusión:

Blog,

Twitter,

Facebook,

vía E-Mail, para estar al tanto de los nuevos malwares y como prevenirlos.

Problema con XDVAnnn.sys (Solucionado)

Herramientas

Problema con XDVAnnn.sys (Solucionado)

Re: Problema con XDVAnnn.sys

Re: Problema con XDVAnnn.sys

Re: Problema con XDVAnnn.sys

Re: Problema con XDVAnnn.sys

Re: Problema con XDVAnnn.sys