• Registrarse
  • Iniciar sesión


  • Resultados 1 al 4 de 4

    Ayuda con virus que convierte las carpetas en accesos drectos .ink

    Estimados, estoy hace días buscando la solución a este problema pero no logro dar con ella, o más bien dicho, con un antivirus que detecte y elimine los archivos infectados, lo único que he encontrado, ...

    1. #1
      Usuario Avatar de Barevalov
      Registrado
      nov 2012
      Ubicación
      Concepcion, Chile
      Mensajes
      2

      Idea Ayuda con virus que convierte las carpetas en accesos drectos .ink

      Estimados, estoy hace días buscando la solución a este problema pero no logro dar con ella, o más bien dicho, con un antivirus que detecte y elimine los archivos infectados, lo único que he encontrado, y que me ha servido de igual forma, ha sido un comando de CMD donde puedo (al parecer) recuperar y desinfectar las USB que conecto al pc y quedan infectadas, logrando visualizar las carpetas. NOD32 los detecta pero dice que no puede hacer nada con ellos, estuve siguiendo el hilo de este usuario http://www.forospyware.com/t340189.html y hice lo que ahí aparecía, lo dejo a continuación:

      reporte panda scan 2.0

      Código:
      ;***********************************************************************************************************************************************************************************
      ANALYSIS: 2012-11-12 02:47:21
      PROTECTIONS: 1
      MALWARE: 6
      SUSPECTS: 0
      ;***********************************************************************************************************************************************************************************
      PROTECTIONS
      Description                                  Version                       Active    Updated
      ;===================================================================================================================================================================================
      ESET NOD32 Antivirus 4.0                                                   Yes       Yes
      ;===================================================================================================================================================================================
      MALWARE
      Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
      ;===================================================================================================================================================================================
      00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           c:\users\boris\appdata\roaming\microsoft\windows\cookies\low\hmno24d4.txt
      00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           c:\users\boris\appdata\roaming\microsoft\windows\cookies\low\iknb0ef4.txt
      03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\boris\desktop\m- a-m v1.65.1.1000 f.  (es)-by-casadore1\malwarebytes anti-malware v1.65.1.1000 final [multi] (español).incl.keygen.by_casadores1\keygen' s\malwarebytes.anti-malware.1.50.readnfo_keygen-fff.zip[w00t.exe]
      03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\boris\appdata\roaming\ec25.exe
      03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\boris\appdata\roaming\34c6.exe
      03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\boris\appdata\roaming\74b7.exe
      03074964  Trj/CI.A                           Virus/Trojan        No        0         Yes            No           c:\users\boris\appdata\roaming\d7a1.exe
      03074964  Trj/CI.A                           Virus/Trojan        No        0         No             No           c:\users\boris\downloads\m- a-m v1.65.1.1000 f.  (es)-by-casadores1.rar[m- a-m v1.65.1.1000 f.  (es)-by-casadore1\malwarebytes anti-malware v1.65.1.1000 final [multi] (español).incl.keygen.by_casadores1\keygen' s\malwarebytes.anti-malware.1.50.readnfo_keygen-fff.zip][w00t.exe]
      09059027  Exploit/Lotoor.B                   SecRisk             No        0         No             No           c:\users\boris\downloads\internet celular.rar[internet celular\1\clarooooo\exploits\psneuter]
      09059027  Exploit/Lotoor.B                   SecRisk             No        0         No             No           c:\users\boris\downloads\internet celular.rar[internet celular\2\rotear\exploits\psneuter]
      09059027  Exploit/Lotoor.B                   SecRisk             No        0         Yes            No           c:\users\boris\downloads\superoneclickv2.3.1-shortfuse.zip[exploits/psneuter]
      10364187  Generic Trojan                     Virus/Trojan        No        0         No             No           c:\users\boris\downloads\m- a-m v1.65.1.1000 f.  (es)-by-casadores1.rar[m- a-m v1.65.1.1000 f.  (es)-by-casadore1\malwarebytes anti-malware v1.65.1.1000 final [multi] (español).incl.keygen.by_casadores1\keygen' s\malwarebytes_.anti-malware.v1.46.keygenerator-inf.zip][inf-mbam146.exe]
      10364187  Generic Trojan                     Virus/Trojan        No        0         Yes            No           c:\users\boris\desktop\m- a-m v1.65.1.1000 f.  (es)-by-casadore1\malwarebytes anti-malware v1.65.1.1000 final [multi] (español).incl.keygen.by_casadores1\keygen' s\malwarebytes_.anti-malware.v1.46.keygenerator-inf.zip[inf-mbam146.exe]
      10742152  Generic Trojan                     Virus/Trojan        No        0         No             No           c:\users\boris\downloads\m- a-m v1.65.1.1000 f.  (es)-by-casadores1.rar[m- a-m v1.65.1.1000 f.  (es)-by-casadore1\malwarebytes anti-malware v1.65.1.1000 final [multi] (español).incl.keygen.by_casadores1\keygen' s\malwarebytes_.anti-malware.v1.46.keygenerator-inf.zip][inf.release.checker.exe]
      10742152  Generic Trojan                     Virus/Trojan        No        0         Yes            No           c:\users\boris\desktop\m- a-m v1.65.1.1000 f.  (es)-by-casadore1\malwarebytes anti-malware v1.65.1.1000 final [multi] (español).incl.keygen.by_casadores1\keygen' s\malwarebytes_.anti-malware.v1.46.keygenerator-inf.zip[inf.release.checker.exe]
      ;===================================================================================================================================================================================
      SUSPECTS
      Sent      Location
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================
      VULNERABILITIES
      Id        Severity       Description
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================

      Reporte Malwarebytes Anti malware.

      Código:
      Malwarebytes Anti-Malware (PRO) 1.65.1.1000
      www.malwarebytes.org
      
      Versión de la Base de Datos: v2012.11.12.01
      
      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Boris :: BORIS-PC [administrador]
      
      Protección: Habilitado
      
      11-11-2012 23:35:21
      mbam-log-2012-11-11 (23-35-21).txt
      
      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 328160
      Tiempo transcurrido: 35 minuto(s), 52 segundo(s)
      
      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)
      
      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)
      
      fin)

      Espero puedan ayudarme, y como dije, ya hice todo lo que aparecia en el post del otro usuario (ccleaner + panda + malwarebytes anti malware)

    2. #2
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Ayuda con virus que convierte las carpetas en accesos drectos .ink

      Hola Barevalov

      al Foro.

      Consejos para antes de publicar un nuevo mensaje

      Políticas del Foro de InfoSpyware

      Políticas Foro Oficial de HijackThis en español
      --------------------------------------------------


      Realiza lo siguiente:


      Paso 1.- Descargue UsbFix



      *Nota* Para ejecutar UsbFix.exe, siga estos pasos:

      • Inicie en Modo Seguro
      • Haga doble Click sobre USBFix
      • Seguido teclee la opción Supresión
      • Aparecerá una advertencia para que conecte sus Usb) (Dispositivos extraibles, Pendrive\Micro SD, etc.), pulse en Aceptar
      • Durante el análisis el escritorio puede desaparecer, esto es normal, si USBFix le pide reiniciar el sistema acepte y reinicie su equipo.
      • USBFix, genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt

      Nota: UsbFix creará una carpeta oculta llamada "$RECYCLE.BIN" "autorun.inf" en cada partición y cada unidad USB que se encuentre conectado al momento de ejecutar este. No elimine esta carpeta ... eso le ayudará a proteger sus dispositivos USB de futuras infecciones.

      Paso 2.- - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Si te pide actualizar "Aceptas".
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Nota Importante: Luego del primer reinicio que realiza el programa Combofix, realiza un reinicio mas.

      Esperamos los reportes.



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Barevalov
      Registrado
      nov 2012
      Ubicación
      Concepcion, Chile
      Mensajes
      2

      Re: Ayuda con virus que convierte las carpetas en accesos drectos .ink

      adjunto los reportes.

      ComboFix 12-11-12.03 - Boris 12-11-2012 22:37:06.1.4 - x64
      Microsoft Windows 7 Home Basic 6.1.7601.1.1252.56.3082.18.5815.4168 [GMT -3:00]
      Running from: c:\users\Boris\Downloads\ComboFix.exe
      AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
      SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\users\Boris\AppData\Roaming\34C6.exe
      c:\users\Boris\AppData\Roaming\74B7.exe
      c:\users\Boris\AppData\Roaming\D7A1.exe
      c:\users\Boris\AppData\Roaming\EC25.exe
      c:\windows\SysWow64\muzapp.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-10-13 to 2012-11-13 )))))))))))))))))))))))))))))))
      .
      .
      2012-11-13 01:42 . 2012-11-13 01:42 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-11-13 01:32 . 2012-11-13 01:32 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DDAF71F5-FE90-4497-868E-74D06CFF2F23}\offreg.dll
      2012-11-12 19:00 . 2012-11-12 19:04 -------- d-----w- C:\UsbFix
      2012-11-12 03:24 . 2009-06-30 13:37 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys
      2012-11-12 03:23 . 2012-11-12 03:23 -------- d-----w- c:\program files (x86)\Panda Security
      2012-11-12 03:23 . 2012-11-12 03:23 -------- d--h--w- c:\windows\AxInstSV
      2012-11-12 02:18 . 2012-11-12 02:18 -------- d-----w- c:\programdata\Panda Security
      2012-11-12 02:18 . 2012-11-12 02:18 -------- d-----w- c:\program files (x86)\Panda USB Vaccine
      2012-11-12 02:10 . 2012-11-12 02:10 -------- d-----w- c:\program files\CCleaner
      2012-11-09 20:11 . 2006-03-31 15:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
      2012-11-09 17:51 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DDAF71F5-FE90-4497-868E-74D06CFF2F23}\mpengine.dll
      2012-11-09 01:40 . 2012-11-09 01:40 -------- d-----w- c:\users\Boris\AppData\Roaming\Malwarebytes
      2012-11-09 01:37 . 2012-11-09 01:37 -------- d-----w- c:\programdata\Malwarebytes
      2012-11-09 01:37 . 2012-11-09 01:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2012-11-09 01:37 . 2012-09-29 22:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-11-09 01:17 . 2012-11-09 01:17 -------- d-----w- c:\users\Boris\AppData\Local\Evernote
      2012-11-08 19:14 . 2012-11-08 19:14 -------- d-----w- c:\users\Boris\AppData\Local\ESET
      2012-11-08 19:07 . 2012-11-08 19:07 -------- d-----w- c:\program files (x86)\Unlocker
      2012-11-07 23:49 . 2012-11-07 23:49 -------- d-----w- c:\program files (x86)\DsNET Corp
      2012-11-06 18:21 . 2012-11-09 21:10 -------- d-----w- c:\users\Boris\AppData\Roaming\Audacity
      2012-11-06 18:19 . 2012-11-06 18:20 -------- d-----w- c:\program files (x86)\Audacity
      2012-11-02 01:49 . 2012-11-02 01:49 -------- d-----w- c:\users\Boris\AppData\Local\MediaGet2
      2012-11-02 01:49 . 2012-11-02 01:49 -------- d-----w- c:\users\Boris\AppData\Local\Media Get LLC
      2012-10-29 02:28 . 2011-10-29 13:43 1002728 ----a-w- c:\windows\system32\WinUSBCoInstaller2.dll
      2012-10-26 19:05 . 2012-10-26 19:05 -------- d-----w- C:\Temp
      2012-10-25 06:03 . 2012-10-25 06:03 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
      2012-10-25 05:08 . 2012-10-26 06:11 -------- d-----w- c:\program files (x86)\StarCraft II
      2012-10-25 05:08 . 2012-10-25 05:08 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
      2012-10-25 05:08 . 2012-10-25 05:08 -------- d-----w- c:\programdata\Blizzard Entertainment
      2012-10-25 05:06 . 2012-10-25 05:07 -------- d-----w- c:\programdata\Battle.net
      2012-10-24 19:29 . 2012-10-24 19:28 8192 ----a-w- c:\windows\SysWow64\srvany.exe
      2012-10-24 19:22 . 2012-10-24 19:22 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
      2012-10-24 19:22 . 2012-10-24 19:22 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
      2012-10-24 19:20 . 2012-10-24 19:20 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
      2012-10-24 19:20 . 2012-10-24 19:20 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
      2012-10-24 19:20 . 2012-10-24 19:23 -------- d-----w- c:\windows\SHELLNEW
      2012-10-24 19:19 . 2012-10-30 18:52 -------- d-----w- c:\users\Boris\AppData\Local\Microsoft Help
      2012-10-24 19:19 . 2012-10-26 17:18 -------- d-----w- c:\programdata\Microsoft Help
      2012-10-17 16:22 . 2012-10-18 18:40 -------- d-----w- c:\users\Boris\AppData\Local\HiSuite
      2012-10-17 16:21 . 2012-02-08 09:07 281088 ----a-w- c:\windows\system32\drivers\hw_quusbnet.sys
      2012-10-17 16:21 . 2011-10-24 04:04 223232 ----a-w- c:\windows\system32\drivers\hw_quusbmdm.sys
      2012-10-17 16:21 . 2011-10-24 03:51 116864 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys
      2012-10-17 16:21 . 2010-02-18 23:00 708168 ----a-w- c:\windows\system32\drivers\WinUSBCoInstaller.dll
      2012-10-17 16:21 . 2010-02-18 23:00 1533512 ----a-w- c:\windows\system32\drivers\WUDFUpdate_01007.dll
      2012-10-16 05:31 . 2012-10-21 05:30 -------- d-----w- c:\users\Boris\AppData\Local\Vidalia
      2012-10-16 05:28 . 2012-10-16 05:28 -------- d-----w- c:\program files (x86)\Mobile Action
      2012-10-16 05:27 . 2011-11-09 15:31 159232 ----a-w- c:\windows\system32\drivers\qcusbnet.sys
      2012-10-16 05:27 . 2011-05-30 12:36 229888 ----a-w- c:\windows\system32\drivers\qcusbser.sys
      2012-10-16 05:27 . 2009-09-14 19:31 31744 ----a-w- c:\windows\system32\drivers\androidusb.sys
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-10-04 21:25 . 2012-10-04 21:25 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2012-10-04 21:25 . 2012-10-04 21:25 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2012-10-04 21:25 . 2012-10-04 21:25 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-09-26 23:57 . 2012-10-07 01:07 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
      2012-09-26 23:57 . 2012-09-26 23:57 90112 ----a-w- c:\windows\MAMCityDownload.ocx
      2012-09-26 23:57 . 2012-09-26 23:57 330240 ----a-w- c:\windows\MASetupCaller.dll
      2012-09-26 23:57 . 2012-09-26 23:57 30568 ----a-w- c:\windows\MusiccityDownload.exe
      2012-09-26 23:57 . 2012-09-26 23:57 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
      2012-09-26 23:57 . 2012-09-26 23:57 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
      2012-09-26 23:57 . 2012-09-26 23:57 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
      2012-09-26 23:57 . 2012-09-26 23:57 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
      2012-09-26 23:57 . 2012-09-26 23:57 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
      2012-09-26 23:57 . 2012-09-26 23:57 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
      2012-09-26 23:57 . 2012-09-26 23:57 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
      2012-09-26 23:57 . 2012-09-26 23:57 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
      2012-09-26 23:57 . 2012-09-26 23:57 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
      2012-09-26 23:57 . 2012-09-26 23:57 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
      2012-09-26 23:57 . 2012-09-26 23:57 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
      2012-09-26 23:57 . 2012-09-26 23:57 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
      2012-09-26 23:57 . 2012-09-26 23:57 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
      2012-09-26 23:57 . 2012-09-26 23:57 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
      2012-09-26 23:57 . 2012-09-26 23:57 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
      2012-09-26 23:57 . 2012-09-26 23:57 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
      2012-09-26 23:57 . 2012-09-26 23:57 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
      2012-09-26 23:57 . 2012-09-26 23:57 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
      2012-09-26 23:57 . 2012-09-26 23:57 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
      2012-09-26 23:57 . 2012-09-26 23:57 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
      2012-09-26 23:57 . 2012-09-26 23:57 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
      2012-09-26 23:57 . 2012-09-26 23:57 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
      2012-09-26 23:57 . 2012-09-26 23:57 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
      2012-09-26 23:57 . 2012-09-26 23:57 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
      2012-09-26 23:57 . 2012-09-26 23:57 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
      2012-09-26 23:57 . 2012-10-07 01:07 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
      2012-09-20 04:35 . 2012-10-07 01:08 203104 ----a-w- c:\windows\system32\drivers\ssudobex.sys
      2012-09-20 04:35 . 2012-10-07 01:08 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
      2012-09-20 04:35 . 2012-10-07 01:08 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
      2012-09-17 22:50 . 2011-03-29 01:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
      2012-09-14 19:19 . 2012-10-10 13:27 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-09-14 18:28 . 2012-10-10 13:27 2048 ----a-w- c:\windows\SysWow64\tzres.dll
      2012-08-31 18:19 . 2012-10-10 13:31 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
      2012-08-30 18:03 . 2012-10-10 13:30 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
      2012-08-30 17:12 . 2012-10-10 13:30 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
      2012-08-30 17:12 . 2012-10-10 13:30 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
      2012-08-24 18:05 . 2012-10-10 13:28 220160 ----a-w- c:\windows\system32\wintrust.dll
      2012-08-24 16:57 . 2012-10-10 13:28 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
      2012-08-24 11:15 . 2012-09-22 17:35 17810944 ----a-w- c:\windows\system32\mshtml.dll
      2012-08-24 10:39 . 2012-09-22 17:35 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2012-08-24 10:31 . 2012-09-22 17:35 2312704 ----a-w- c:\windows\system32\jscript9.dll
      2012-08-24 10:22 . 2012-09-22 17:35 1346048 ----a-w- c:\windows\system32\urlmon.dll
      2012-08-24 10:21 . 2012-09-22 17:35 1392128 ----a-w- c:\windows\system32\wininet.dll
      2012-08-24 10:20 . 2012-09-22 17:35 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-08-24 10:18 . 2012-09-22 17:35 237056 ----a-w- c:\windows\system32\url.dll
      2012-08-24 10:17 . 2012-09-22 17:35 85504 ----a-w- c:\windows\system32\jsproxy.dll
      2012-08-24 10:14 . 2012-09-22 17:35 173056 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-08-24 10:14 . 2012-09-22 17:35 816640 ----a-w- c:\windows\system32\jscript.dll
      2012-08-24 10:13 . 2012-09-22 17:35 599040 ----a-w- c:\windows\system32\vbscript.dll
      2012-08-24 10:12 . 2012-09-22 17:35 2144768 ----a-w- c:\windows\system32\iertutil.dll
      2012-08-24 10:11 . 2012-09-22 17:35 729088 ----a-w- c:\windows\system32\msfeeds.dll
      2012-08-24 10:10 . 2012-09-22 17:35 96768 ----a-w- c:\windows\system32\mshtmled.dll
      2012-08-24 10:09 . 2012-09-22 17:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-08-24 10:04 . 2012-09-22 17:35 248320 ----a-w- c:\windows\system32\ieui.dll
      2012-08-24 06:59 . 2012-09-22 17:35 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
      2012-08-24 06:51 . 2012-09-22 17:35 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-08-24 06:51 . 2012-09-22 17:35 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
      2012-08-24 06:47 . 2012-09-22 17:35 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
      2012-08-24 06:47 . 2012-09-22 17:35 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
      2012-08-24 06:43 . 2012-09-22 17:35 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
      2012-08-22 18:12 . 2012-09-18 19:52 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2012-08-22 18:12 . 2012-09-18 19:53 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
      2012-08-22 18:12 . 2012-09-18 19:52 376688 ----a-w- c:\windows\system32\drivers\netio.sys
      2012-08-22 18:12 . 2012-09-18 19:52 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2012-08-21 21:01 . 2012-09-26 18:31 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
      2012-08-20 18:48 . 2012-10-10 13:29 362496 ----a-w- c:\windows\system32\wow64win.dll
      2012-08-20 18:48 . 2012-10-10 13:29 243200 ----a-w- c:\windows\system32\wow64.dll
      2012-08-20 18:48 . 2012-10-10 13:29 13312 ----a-w- c:\windows\system32\wow64cpu.dll
      2012-08-20 18:48 . 2012-10-10 13:29 215040 ----a-w- c:\windows\system32\winsrv.dll
      2012-08-20 18:48 . 2012-10-10 13:29 16384 ----a-w- c:\windows\system32\ntvdm64.dll
      2012-08-20 18:48 . 2012-10-10 13:29 424448 ----a-w- c:\windows\system32\KernelBase.dll
      2012-08-20 18:48 . 2012-10-10 13:29 1162240 ----a-w- c:\windows\system32\kernel32.dll
      2012-08-20 18:46 . 2012-10-10 13:29 338432 ----a-w- c:\windows\system32\conhost.exe
      2012-08-20 18:38 . 2012-10-10 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2012-08-20 18:38 . 2012-10-10 13:29 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
      "Facebook Update"="c:\users\Boris\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-09-20 138096]
      "Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-10-05 1353080]
      "KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-10-11 966072]
      "KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-10-09 580096]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-10-04 2933184]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
      "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-02-11 1070160]
      "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
      "ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-26 177448]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
      "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
      "UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-03-09 15872]
      .
      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
      "IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
      @=""
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
      R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
      R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2011-01-14 74840]
      R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2012-03-02 19456]
      R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2012-03-02 27648]
      R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2012-03-02 27136]
      R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2012-03-02 34304]
      R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
      R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
      R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
      R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
      R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
      R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2012-06-27 157672]
      R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 16872]
      R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 177640]
      R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2012-06-27 146920]
      R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
      R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-09-20 203104]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
      S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [2009-06-30 33800]
      S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-09-20 834544]
      S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 132464]
      S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-04-13 22648]
      S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-04-13 20520]
      S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-04-13 62776]
      S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
      S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-02-11 346704]
      S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-02-06 727720]
      S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 120128]
      S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
      S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
      S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
      S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-06 255376]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
      S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
      S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
      S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
      S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400]
      S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
      S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
      S3 IntcDAud;Sonido Intel(R) para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
      S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-02-09 77424]
      S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
      S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
      S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
      S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
      S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - PAVBOOT
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1792312159-1643254493-636599366-1000Core.job
      - c:\users\Boris\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-20 06:04]
      .
      2012-11-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1792312159-1643254493-636599366-1000UA.job
      - c:\users\Boris\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-20 06:04]
      .
      2012-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1792312159-1643254493-636599366-1000Core.job
      - c:\users\Boris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17 22:51]
      .
      2012-11-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1792312159-1643254493-636599366-1000UA.job
      - c:\users\Boris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17 22:51]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-01-26 368728]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-09 168216]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-09 391960]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-09 419096]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-04 11780712]
      "Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
      "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2680696]
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.one-search.biz
      uLocal Page = c:\windows\system32\blank.htm
      mDefault_Page_URL = hxxp://acer.msn.com
      mStart Page = hxxp://acer.msn.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: &Enviar a OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.1.1
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      Wow6432Node-HKCU-Run-Hilalh - c:\users\Boris\AppData\Roaming\Hilalh.exe
      Toolbar-Locked - (no file)
      HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
      @Denied: (2) (LocalSystem)
      "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
      1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
      "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
      76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
      "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
      72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
      "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
      94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
      "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
      b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
      "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
      df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
      "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
      2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
      .
      [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
      @Denied: (2) (LocalSystem)
      "Timestamp"=hex:0f,6a,f1,4c,03,c1,cd,01
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.10"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
      "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
      @Denied: (A) (Everyone)
      "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
      @Denied: (A) (Everyone)
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
      "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
      "Key"="ActionsPane3"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-11-12 22:44:33
      ComboFix-quarantined-files.txt 2012-11-13 01:44
      .
      Pre-Run: 404.389.134.336 bytes libres
      Post-Run: 404.239.355.904 bytes libres
      .
      - - End Of File - - 198E31CD3914FDF2BEE1EFEB90C90B1F



      ############################## | UsbFix V 7.096 | [Buscar]

      Usuario: Boris (Administrador) # BORIS-PC
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 16:01:13 | 12/11/2012

      Sitio web: http://eldesaparecido.com
      Foro: SoSVirus • Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: Acer (Aspire 4739) (x64-based PC) # Notebook
      CPU: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz (2533)
      RAM -> [Total : 5815 | Free : 3742]
      BIOS: InsydeH2O Version V1.05
      BOOT: Normal boot

      OS: Microsoft Windows 7 Home Basic (6.1.7601 64-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: ESET NOD32 Antivirus 4.0 [Enabled | Updated]
      FW: Windows FireWall Service [Enabled]

      C:\ (%systemdrive%) -> Disco fijo # 453 Gb (379 Mb libre(s) - 84%) [Acer] # NTFS
      D:\ -> CD-ROM
      E:\ -> CD-ROM

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (508)
      C:\Windows\system32\wininit.exe (556)
      C:\Windows\system32\csrss.exe (580)
      C:\Windows\system32\services.exe (616)
      C:\Windows\system32\lsass.exe (640)
      C:\Windows\system32\lsm.exe (648)
      C:\Windows\system32\svchost.exe (756)
      C:\Windows\system32\winlogon.exe (792)
      C:\Windows\system32\svchost.exe (880)
      C:\Windows\System32\svchost.exe (956)
      C:\Windows\System32\svchost.exe (1004)
      C:\Windows\system32\svchost.exe (116)
      C:\Windows\system32\svchost.exe (584)
      C:\Windows\system32\svchost.exe (1084)
      C:\Windows\System32\spoolsv.exe (1324)
      C:\Windows\system32\svchost.exe (1356)
      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1436)
      C:\Program Files (x86)\Launch Manager\dsiwmis.exe (1472)
      C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (1512)
      C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1576)
      C:\Windows\system32\svchost.exe (1604)
      C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (1628)
      C:\Program Files\Acer\Acer Updater\UpdaterService.exe (1680)
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (1728)
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (1812)
      C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (1840)
      C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (1532)
      C:\Windows\system32\svchost.exe (1832)
      C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2076)
      C:\Windows\system32\Dwm.exe (2472)
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (2536)
      C:\Windows\system32\taskhost.exe (2588)
      C:\Windows\Explorer.EXE (2652)
      C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3036)
      C:\Windows\system32\SearchIndexer.exe (2544)
      C:\Windows\system32\svchost.exe (2768)
      C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (3308)
      C:\Windows\System32\igfxtray.exe (3356)
      C:\Windows\System32\hkcmd.exe (3404)
      C:\Windows\System32\igfxpers.exe (3452)
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3592)
      C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3692)
      C:\Windows\system32\igfxsrvc.exe (3964)
      C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (4056)
      C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (3580)
      C:\Windows\system32\igfxext.exe (3552)
      C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (3096)
      C:\Windows\system32\wbem\unsecapp.exe (1164)
      C:\Windows\system32\wbem\wmiprvse.exe (3100)
      C:\Program Files (x86)\Steam\Steam.exe (3912)
      C:\Program Files (x86)\Samsung\Kies\Kies.exe (1660)
      C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (3352)
      C:\Windows\system32\taskeng.exe (3332)
      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4320)
      C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (4348)
      C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (4628)
      C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe (4668)
      C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (4152)
      C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (4384)
      C:\Program Files (x86)\Launch Manager\LManager.exe (4544)
      C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (4732)
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4768)
      C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (4776)
      C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe (4888)
      C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (4940)
      C:\Program Files\Windows Media Player\wmpnetwk.exe (5008)
      C:\Program Files (x86)\Launch Manager\LMworker.exe (4996)
      C:\Program Files (x86)\Common Files\Steam\SteamService.exe (4224)
      C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (4112)
      C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe (4680)
      C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe (5264)
      C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe (5736)
      C:\Windows\SysWOW64\DllHost.exe (5980)
      C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe (2908)
      C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (5404)
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (5040)
      C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (2772)
      C:\Windows\System32\svchost.exe (3184)
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (1780)
      C:\Windows\system32\wuauclt.exe (4660)
      C:\Windows\system32\vssvc.exe (2508)
      C:\Windows\System32\svchost.exe (3852)
      C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe (5424)
      C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (4724)
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (1260)
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (3848)
      C:\Program Files\EgisTec IPS\PMMUpdate.exe (6088)
      C:\Program Files\EgisTec IPS\EgisUpdate.exe (4008)
      C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe (4244)
      C:\UsbFix\Go.exe (4972)
      C:\Windows\system32\wbem\wmiprvse.exe (6124)

      ################## | Archivos # Carpetas infectadas |

      Encontrado ! C:\Users\Boris\AppData\Roaming\34C6.exe
      Encontrado ! C:\Users\Boris\AppData\Roaming\74B7.exe
      Encontrado ! C:\Users\Boris\AppData\Roaming\D7A1.exe
      Encontrado ! C:\Users\Boris\AppData\Roaming\EC25.exe

      ################## | Registro |


      ################## | Mountpoints2 |



      ################## | Vaccin |

      (!) Este ordenador no está vacunado!

      ################## | E.O.F |


      según lo que entendí, se eliminaron los archivos maliciosos (los .exe que no podía eliminar con nod)
      Última edición por @SanMar fecha: 13/11/12 a las 01:27:08

    4. #4
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Ayuda con virus que convierte las carpetas en accesos drectos .ink

      Hola Barevalov:


      Tenemos dos problemas:


      Ejecuta nuevamente USBFIX como te indique anteriormente, pero debes usar su opción supresión para que elimine lo que detecte.


      Combofix debe ser descargado y ejecutado desde el escritorio <<< esto es muy importante.





      Botón Derecho sobre el ejecutable de ComboFix en c:\users\Boris\Downloads\ComboFix.exe>>> eliminar>>> vaciás la papelera.


      Vuelves a descargarlo y a correrlo de la siguiente manera:



      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Si te pide actualizar Aceptas.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.



      No olvides comentar como sigue el equipo.


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.