pantalla negra windows/instaler durante segundos (SOLUCIONADO)

[rafara]

hola soy nuevoen este foro y necesito ayuda lo que me pasa es que me salen pantallas negras durante unos segundos y luego desaparecen puedo ver que en la pantalla negra pone c/windows installer/msi y letras y numeros no se si es un posible virus me ha empezado a suceder despues de instalar betclicpoker lo he desinstalado y he pasado not32 , ad aware,ccleaner y malwarebytes sigue igual y va muy lento a la hora de abrir archivos e internet os dejo el aporte de malwarebytes





Malwarebytes' Anti-Malware 1.46

http://www.malwarebytes.org



Versión de la Base de Datos: 4294



Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702



09/07/2010 11:12:45

mbam-log-2010-07-09 (11-12-45).txt



Tipos de Análisis: Análisis Completo (C:\|D:\|E:\|F:\|Z:\|)

Objetos examinados: 251948

Tiempo transcurrido: 1 hora(s), 59 minuto(s), 25 segundo(s)



Procesos en Memoria Infectados: 0

Módulos de Memoria Infectados: 0

Claves del Registro Infectadas: 4

Valores del Registro Infectados: 0

Elementos de Datos del Registro Infectados: 0

Carpetas Infectadas: 4

Archivos Infectados: 17



Procesos en Memoria Infectados:

(No se han detectado elementos maliciosos)



Módulos de Memoria Infectados:

(No se han detectado elementos maliciosos)



Claves del Registro Infectadas:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\flv direct player (Adware.FLVPlayer) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\ErrorRepairPro (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnl ine (Adware.BHO.FL) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.



Valores del Registro Infectados:

(No se han detectado elementos maliciosos)



Elementos de Datos del Registro Infectados:

(No se han detectado elementos maliciosos)



Carpetas Infectadas:

C:\Program Files\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\Skin (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\Skin\DirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Start Menu\Programs\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.



Archivos Infectados:

C:\Program Files\FLV Direct Player\uninstall.exe (Adware.FLVPlayer) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{CB98A585-D694-4A5F-AD6B-3656BB324427}\RP1007\A0194415.exe (Worm.Koobface) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{CB98A585-D694-4A5F-AD6B-3656BB324427}\RP1007\A0194413.exe (Worm.Koobface) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{CB98A585-D694-4A5F-AD6B-3656BB324427}\RP1007\A0194414.exe (Worm.Koobface) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\player.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\Skin\DirectFLV\Button.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\Skin\DirectFLV\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\Skin\DirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysCloseButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMaxButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMinButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Program Files\FLV Direct Player\Skin\DirectFLV\Window.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Start Menu\Programs\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Start Menu\Programs\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.



muchas gracias de antemano

Editar/Borrar Mensaje

[msc hotline sat]

Efectivamente parece que tuviste un malware, y pueden haber quedado restos o efectos residuales...



Prueba el ELISTARA y nos posteas el informe resultante, y aparte dinos si luego, tras reiniciar, persisten la lentitud y demás.


[quote="para DESCARGAR el ELISTARA, msc"] http://www.zonavirus.com/descargas/elistara.asp



Tras probarlo, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso [/quote]



saludos



ms, 10-7-2010

[rafara]

parece que sige todo igual lo que mas lento me va es abrir internet y las pantallas negras sigen saliendo

este es el post de elistara



(10-7-2010 10:56:01 (GMT))

EliStartPage v21.34 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Julio del 2010)

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Eliminada Carpeta "%Archivos de Programa%\Search Settings"



(10-7-2010 11:16:22 (GMT))

EliStartPage v21.34 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Julio del 2010)

--------------------------------------------------

Lista de Acciones (por Exploración):

Explorando "C:\"



Nº Total de Directorios: 12626

Nº Total de Ficheros: 104159

Nº de Ficheros Analizados: 31715

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0



(10-7-2010 19:42:51 (GMT))

EliStartPage v21.34 (c)2010 S.G.H. / Satinfo S.L. (Actualizado el 9 de Julio del 2010)

--------------------------------------------------

Lista de Acciones (por Exploración):

Explorando "Z:\"

Z:\manuales\BackUp\Drivers\Realtek High Definition Audio\ALCMTR.EXE --> Eliminado, SpyRealtek



Nº Total de Directorios: 908

Nº Total de Ficheros: 10793

Nº de Ficheros Analizados: 1094

Nº de Ficheros Infectados: 1

Nº de Ficheros Limpiados: 1

[lucl]

Prueba sprocess y peganos el log resultado que te dejara en C sproclog.txt. Tan solo ejecutalo , luego le das a salir y vas a C a por el log y lo analizaremos. Saludos.





http://www.zonavirus.com/descargas/descargar-sproces.asp

[msc hotline sat]

Sí, muy acertada la solicitud de lucl, ya que con el ELISTARA no se ha detectado nada conocido, ni ha vuelto la normalidad tras restablecer las claves que pudieran haber quedado modificadas por los virus que tuvo y ya eliminó anteriormente, con el SPROCES veremos si hay algo no conocido en los BHO, ya que indica que es al abrir internet cuando sucede la anomalía...



A la vista del log que genere el SPROCES, lo analizaremos y propondremos la solución pertinente.



saludos



ms, 11-7-2010

[rafara]

este es el log de sproces



(11-7-2010 08:20:12 GMT)

SProces v4.7 (c)2010 S.G.H. / Satinfo S.L.

-------------------------------------------

Sistema Operativo: Microsoft Windows XP (v5.1.2600) Service Pack 3

Parche MS08-067 (Servicio Servidor) Instalado.

Internet Explorer: (v8.0.6001.18702) 0

Nombre Equipo: RAFA

Nombre Usuario: owner



Procesos Activos:

C:\WINDOWS\SYSTEM32\SMSS.EXE

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

C:\WINDOWS\SYSTEM32\SERVICES.EXE

C:\WINDOWS\SYSTEM32\LSASS.EXE

C:\PROGRAM FILES\USB SAFELY REMOVE\USBSRSERVICE.EXE

C:\WINDOWS\SYSTEM32\NVSVC32.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\LAVASOFT\AD-AWARE\AAWSERVICE.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE

C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE

C:\WINDOWS\EHOME\EHRECVR.EXE

C:\WINDOWS\EHOME\EHSCHED.EXE

C:\PROGRAM FILES\ESET\ESET SMART SECURITY\EKRN.EXE

C:\WINDOWS\SYSTEM32\FSUSBEXSERVICE.EXE

C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE

C:\PROGRAM FILES\AD MUNCHER\ADMUNCH.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\SYSTEM32\RUNDLL32.EXE

C:\PROGRAM FILES\CYBERLINK\POWERDVD10\PDVD10SERV.EXE

C:\PROGRAM FILES\CYBERLINK\SHARED FILES\BRS.EXE

C:\PROGRAM FILES\ESET\ESET SMART SECURITY\EGUI.EXE

C:\PROGRAM FILES\IOBIT\IOBIT SECURITY 360\IS360TRAY.EXE

C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE

C:\WINDOWS\SYSTEM32\CTFMON.EXE

C:\PROGRAM FILES\USB SAFELY REMOVE\USBSAFELYREMOVE.EXE

C:\PROGRAM FILES\TOMTOM HOME 2\TOMTOMHOMERUNNER.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\IOBIT\IOBIT SECURITY 360\IS360SRV.EXE

C:\PROGRAM FILES\JAVA\JRE6\BIN\JQS.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\PROGRAM FILES\CDBURNERXP\NMSACCESSU.EXE

C:\PROGRAM FILES\NORTON GHOST\AGENT\VPROSVC.EXE

C:\PROGRAM FILES\SONY ERICSSON\SONY ERICSSON PC SUITE\SUPSERV.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\PRINTCTRL.EXE

C:\WINDOWS\SYSTEM32\PSISERVICE.EXE

C:\PROGRAM FILES\CYBERLINK\SHARED FILES\RICHVIDEO.EXE

C:\PROGRAM FILES\ALCOHOL SOFT\ALCOHOL 120\STARWIND\STARWINDSERVICEAE.EXE

C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\SYMLCSVC.EXE

C:\PROGRAM FILES\TOMTOM HOME 2\TOMTOMHOMESERVICE.EXE

C:\WINDOWS\SYSTEM32\DLLHOST.EXE

C:\PROGRAM FILES\LAVASOFT\AD-AWARE\AAWTRAY.EXE

C:\PROGRAM FILES\IOBIT\IOBIT SECURITY 360\IS360.EXE

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\EXPLORER.EXE

C:\PROGRAM FILES\WINDOWS LIVE\MAIL\WLMAIL.EXE

C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE

C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\SPROCES.EXE



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.es/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local (0)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll

F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

...

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Download_Bho Class - {A986E409-30CC-4185-89BB-AB212C104524} - C:\Program Files\PPLiveVA\DownloaderManager.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll

O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - Startup: Actualizar la licencia de ESET.lnk = C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe

O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=2A25475L&id=menu_ie_frame

O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=2A25475L&id=menu_ie_image

O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=2A25475L&id=menu_ie_link

O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=2A25475L&id=menu_ie_exclude

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Guardar Formularios - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O8 - Extra context menu item: Personalizar Menú - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O8 - Extra context menu item: Rellenar Formularios - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=2A25475L&id=menu_ie_report

O8 - Extra context menu item: RF Barra de Herramientas - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: Se&nd to OneNote - res:///105

O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html (file missing)

O9 - Extra button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html (file missing)

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Portafolios de HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: Selección inteligente de HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: C:\WINDOWS\SYSTEM32\NWPROVAU.DLL

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_20) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Program Files\Common Files\BinarySense\hlAPP.dll"

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll

O20 - Winlogon Notify: !SASWINLOGON - C:\PROGRAM FILES\SUPERANTISPYWARE\SASWINLO.DLL

O20 - Winlogon Notify: DIMSNTFY - %SYSTEMROOT%\SYSTEM32\DIMSNTFY.DLL

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll



Información Adicional:

----------------------

ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL

ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - ShellExecuteHook contra el software malintencionado de Microsoft - C:\PROGRA~1\Windows Defender\MpShHook.dll

ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Groove GFS Stub Execution Hook - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

WinSys\Drivers\ati2mtag.sys (de 701440 bytes) () ATI Technologies Inc.

WinSys\Drivers\dmboot.sys (de 799744 bytes) () Microsoft Corp., Veritas Software

WinSys\Drivers\hsfcxts2.sys (de 685056 bytes) () Conexant Systems, Inc.

WinSys\Drivers\mrxsmb.sys (de 455680 bytes) () Microsoft Corporation

WinSys\Drivers\mtxparhm.sys (de 452736 bytes) () Matrox Graphics Inc.

WinSys\Drivers\ntfs.sys (de 574976 bytes) () Microsoft Corporation

WinSys\Drivers\slntamr.sys (de 404990 bytes) () Smart Link

WinSys\Drivers\sptd.sys (de 717296 bytes) ()

WinSys\Drivers\wdf01000.sys (de 503008 bytes) () Microsoft Corporation



Listado de Servicios (Carga Automatica):

----------------------------------------

O23 - Service: Bt878 TV Card - Video Capture (878TVCard) - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\drivers\Bt878.sys

O23 - Service: Bt878 TV Card - TV Tuner (878TVTuner) - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\drivers\BtTuner.sys

O23 - Service: Bt878 TV Card - Crossbar (878Xbar) - Conexant Systems, Inc. - C:\WINDOWS\SYSTEM32\drivers\BtXbar.sys

O23 - Service: AEGIS Protocol (IEEE 802.1x) v3.4.3.0 (AegisP) - Meetinghouse Data Communications - C:\WINDOWS\SYSTEM32\DRIVERS\AegisP.sys

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

**O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost -k DcomLaunch (file missing)

O23 - Service: eamon - ESET - C:\WINDOWS\SYSTEM32\DRIVERS\eamon.sys

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe

O23 - Service: epfw - ESET - C:\WINDOWS\SYSTEM32\DRIVERS\epfw.sys

O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe

O23 - Service: GDTdiInterceptor - G DATA Software AG - C:\WINDOWS\system32\drivers\GDTdiIcpt.sys

O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe

O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.con (file missing)

**O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\WINDOWS\system32\PrintCtrl.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

**O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost -k rpcss (file missing)

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe

O23 - Service: Symantec V2i Mount Driver (v2imount) - Symantec Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\v2imount.sys

O23 - Service: Power Control [2010/03/19 19:12:47] ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) - CyberLink Corp. - C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl



Listado de Servicios (Carga Manual):

------------------------------------

O23 - Service: rockusb Device (AdfuUd) - Fuzhou Rockchip Electronics Co,Ltd. - C:\WINDOWS\SYSTEM32\Drivers\rockusb.sys

O23 - Service: Ambfilt - Creative - C:\WINDOWS\SYSTEM32\drivers\Ambfilt.sys

O23 - Service: Bluetooth Audio Service (BlueletAudio) - IVT Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\blueletaudio.sys

O23 - Service: Bluetooth SCO Audio Service (BlueletSCOAudio) - IVT Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\BlueletSCOAudio.sys

O23 - Service: Bluetooth PAN Network Adapter (BT) - IVT Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\btnetdrv.sys

O23 - Service: SAMSUNG Video Capture (CamAv) - Samsung electronics, Inc - C:\WINDOWS\SYSTEM32\Drivers\CamAv.sys

O23 - Service: %CAMFLT.SvcDesc% (CAMFLT) - Samsung electronics, Inc - C:\WINDOWS\SYSTEM32\drivers\CAMFLT.sys

O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe

**O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corp., Veritas Software - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe

O23 - Service: ElbyDelay - Elaborate Bytes AG - C:\WINDOWS\SYSTEM32\Drivers\ElbyDelay.sys

O23 - Service: Eset Personal Firewall (Epfwndis) - ESET - C:\WINDOWS\SYSTEM32\DRIVERS\Epfwndis.sys

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: FsUsbExDisk - Unknown owner - C:\WINDOWS\system32\FsUsbExDisk.SYS

O23 - Service: GDMnIcpt - G DATA Software AG - C:\WINDOWS\system32\drivers\MiniIcpt.sys

O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - GEAR Software Inc. - C:\WINDOWS\SYSTEM32\drivers\GEARAspiWDM.sys

O23 - Service: Microsoft UAA Bus Driver for High Definition Audio (HDAudBus) - Windows (R) Server 2003 DDK provider - C:\WINDOWS\SYSTEM32\DRIVERS\HDAudBus.sys

O23 - Service: IEEE-1284.4 Driver HPZid412 (HPZid412) - HP - C:\WINDOWS\SYSTEM32\DRIVERS\HPZid412.sys

O23 - Service: Print Class Driver for IEEE-1284.4 HPZipr12 (HPZipr12) - HP - C:\WINDOWS\SYSTEM32\DRIVERS\HPZipr12.sys

O23 - Service: USB to IEEE-1284.4 Translation Driver HPZius12 (HPZius12) - HP - C:\WINDOWS\SYSTEM32\DRIVERS\HPZius12.sys

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\drivers\RtkHDAud.sys

O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Pinnacle Marvin Bus (MarvinBus) - Pinnacle Systems GmbH - C:\WINDOWS\SYSTEM32\DRIVERS\MarvinBus.sys

O23 - Service: Monfilt - Creative Technology Ltd. - C:\WINDOWS\SYSTEM32\drivers\Monfilt.sys

O23 - Service: Nokia USB Phone Parent (nmwcd) - Nokia - C:\WINDOWS\SYSTEM32\drivers\ccdcmb.sys

O23 - Service: Nokia USB Generic (nmwcdc) - Nokia - C:\WINDOWS\SYSTEM32\drivers\ccdcmbo.sys

O23 - Service: nv - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys

O23 - Service: PCCS Mode Change Filter Driver (pccsmcfd) - Nokia - C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys

O23 - Service: VSO Software pcouffin (pcouffin) - VSO Software - C:\WINDOWS\SYSTEM32\Drivers\pcouffin.sys

O23 - Service: PS2 (Ps2) - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\DRIVERS\PS2.sys

O23 - Service: Direct Parallel Link Driver (Ptilink) - Parallel Technologies, Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\ptilink.sys

O23 - Service: RTS5121.Sys Realtek USB Card Reader (RSUSBSTOR) - Realtek Semiconductor Corp. - C:\WINDOWS\SYSTEM32\Drivers\RTS5121.sys

O23 - Service: RT2500 USB Wireless LAN Card Driver (RT73) - Ralink Technology, Corp. - C:\WINDOWS\SYSTEM32\DRIVERS\rt73.sys

O23 - Service: Realtek 10/100/1000 PCI NIC Family NDIS XP Driver (RTL8023xp) - Realtek Semiconductor Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\Rtnicxp.sys

O23 - Service: Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver (rtl8139) - Realtek Semiconductor Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.SYS

O23 - Service: Sony Ericsson Device 0016 driver (WDM) (s0016bus) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s0016bus.sys

O23 - Service: Sony Ericsson Device 0016 USB WMC Modem Filter (s0016mdfl) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s0016mdfl.sys

O23 - Service: Sony Ericsson Device 0016 USB WMC Modem Driver (s0016mdm) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s0016mdm.sys

O23 - Service: Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) (s0016mgmt) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s0016mgmt.sys

O23 - Service: Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) (s0016nd5) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s0016nd5.sys

O23 - Service: Sony Ericsson Device 0016 USB WMC OBEX Interface (s0016obex) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s0016obex.sys

O23 - Service: Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) (s0016unic) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s0016unic.sys

O23 - Service: Sony Ericsson Device 116 driver (WDM) (s116bus) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s116bus.sys

O23 - Service: Sony Ericsson Device 116 USB WMC Modem Filter (s116mdfl) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s116mdfl.sys

O23 - Service: Sony Ericsson Device 116 USB WMC Modem Driver (s116mdm) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s116mdm.sys

O23 - Service: Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) (s116mgmt) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s116mgmt.sys

O23 - Service: Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) (s116nd5) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s116nd5.sys

O23 - Service: Sony Ericsson Device 116 USB WMC OBEX Interface (s116obex) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s116obex.sys

O23 - Service: Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) (s116unic) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s116unic.sys

O23 - Service: Sony Ericsson Device 916 driver (WDM) (s916bus) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s916bus.sys

O23 - Service: Sony Ericsson Device 916 USB WMC Modem Filter (s916mdfl) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s916mdfl.sys

O23 - Service: Sony Ericsson Device 916 USB WMC Modem Driver (s916mdm) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s916mdm.sys

O23 - Service: Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM) (s916mgmt) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s916mgmt.sys

O23 - Service: Sony Ericsson Device 916 USB WMC OBEX Interface (s916obex) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\s916obex.sys

O23 - Service: SASENUM - SUPERAdBlocker.com and SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASENUM.SYS

O23 - Service: Secdrv - Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys

O23 - Service: Sony Ericsson seehcri Device Driver (seehcri) - Sony Ericsson Mobile Communications - C:\WINDOWS\SYSTEM32\DRIVERS\seehcri.sys

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SAMSUNG USB Composite Device driver (WDM) (sscdbus) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sscdbus.sys

O23 - Service: SAMSUNG Mobile Modem Filter (sscdmdfl) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sscdmdfl.sys

O23 - Service: SAMSUNG Mobile Modem Drivers (sscdmdm) - MCCI Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\sscdmdm.sys

O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe

O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

O23 - Service: TAP-Win32 Adapter V9 (tap0901) - The OpenVPN Project - C:\WINDOWS\SYSTEM32\DRIVERS\tap0901.sys

*O23 - Service: Terminal Services (TermService) - Unknown owner - C:\WINDOWS\System32\svchost -k DComLaunch (file missing)

O23 - Service: TfNetMon - Unknown owner - C:\WINDOWS\system32\drivers\TfNetMon.sys (file missing)

O23 - Service: upperdev - Windows (R) Codename Longhorn DDK provider - C:\WINDOWS\SYSTEM32\DRIVERS\usbser_lowerflt.sys

O23 - Service: LGE Mobile Composite USB Device (usbbus) - LG Electronics Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\lgusbbus.sys

O23 - Service: LGE Mobile USB Serial Port (UsbDiag) - LG Electronics Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\lgusbdiag.sys

O23 - Service: LGE Mobile USB Modem (USBModem) - LG Electronics Inc. - C:\WINDOWS\SYSTEM32\DRIVERS\lgusbmodem.sys

O23 - Service: UsbserFilt - Windows (R) Codename Longhorn DDK provider - C:\WINDOWS\SYSTEM32\DRIVERS\usbser_lowerfltj.sys

O23 - Service: Virtual Serial port driver (VComm) - IVT Corporation. - C:\WINDOWS\SYSTEM32\DRIVERS\VComm.sys

O23 - Service: Bluetooth VComm Manager Service (VcommMgr) - IVT Corporation. - C:\WINDOWS\SYSTEM32\Drivers\VcommMgr.sys

O23 - Service: Symantec Event Monitor Driver (VProEventMonitor) - Symantec Corporation - C:\WINDOWS\SYSTEM32\DRIVERS\vproeventmonitor.sys



Listado de Servicios (Deshabilitados):

--------------------------------------

**O23 - Service: dmboot - Microsoft Corp., Veritas Software - C:\WINDOWS\SYSTEM32\drivers\dmboot.sys



106 Servicios.

30 de Carga Automatica.

75 de Carga Manual.

1 Deshabilitados.

[msc hotline sat]

Pues vemos un BHO que lanza un fichero sospechoso:



O2 - BHO: Download_Bho Class - {A986E409-30CC-4185-89BB-AB212C104524} - C:\Program Files\PPLiveVA\DownloaderManager.dll





Añade .VIR a su extension y envianos para analizar este fichero:



C:\Program Files\PPLiveVA\DownloaderManager.dll





[b]¿Como enviar las muestras a zonavirus? - Para ello recordar[/b]:

https://foros.zonavirus.com/viewtopic.php?f=5&t=14253



Tras recibirlos, los analizaremos e implementaremos su control y eliminacion, si procede, en nuestras utilidades, de lo cual informaremos



saludos



ms, 11-7-2010



Tras ello reinicia y dinos si se ha resuelto el problema o no, gracias



ms, 11-7-2009

[msc hotline sat]

Pues aunque la DLL pedida como muestra está en Chino (RPC), el preanalisis no ha detectado rutinas sospechosas:



File DownloaderManager.dll received on 2010.07.12 08:13:31 (UTC) Current status: finished Result: 0/40 (0.00%)





Hay estos otros dos que si no los conoce o no son voluntarios, podrían ser malwares. En tal caso envienoslos tambien y los analizaremos e informaremos:







C:\WINDOWS\SYSTEM32\PRINTCTRL.EXE



C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe







saludos



ms, 12-7-2010

[rafara]

son voluntarios y los tengo de mucho antes de que me sucediera el problema

[msc hotline sat]

Pues si pasaste el ELISTARA y persiste el HOSTS que vemos en el log del SPROCES, arrastra el fichero HOSTS actual al escritorio, desde donde lo podras eliminar, y en la ruta original, c:\windows\system32\drivers\etc\ , quitale la extension .TMP al fichero actual HOSTS.TMP (creado por el ELISTARA) , ya que ello queda fijado por algunos malwares, impidiendo acceder a muchas webs de seguridad, y con lo indicado lo solucionaremos



saludos



ms, 30-7-2010

[rafara]

ya lo he eliminado

[msc hotline sat]

Pues lo celebramos, y dando el Tema por solucionado, procedemos a cerrarlo



Si nos necesita de nuevo, ya sabe donde estamos



saludos



ms, 30-7-2010