Tema: Os pido un analisis de HijackThis, gracias
Ver Mensaje Individual
  post #7 (permalink)  
Antiguo 07/04/08, 07:08:23
jcjunior jcjunior está offline
Usuario
  
Registrado: abr 2008
Ubicación: Catalunya
Mensajes: 9
Re: Os pido un analisis de HijackThis, gracias
Problema resuelto!!!!!
Muchas gracias GPastor, eres el amo, ya no me aparece nada de nada, lo has conseguido!
No sé como poner que el tema está resuelto para cerrar este post.
Muchas gracias de nuevo por toda tu disponibilidad


Aquí estan los dos logs

C:\ProgramData\mzyhvtsa moved successfully.
C:\ProgramData\ulajijmz moved successfully.
C:\ProgramData\pejswanj moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.0 log created on 04072008_105539



ComboFix 08-04-04.1 - Jaume 2008-04-07 11:01:17.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.3082.18.1195 [GMT 2:00]
Se ejecuta desde: C:\Users\Jaume\Desktop\ComboFix.exe
.
TimedOut: Windir.dat

(((((((((((((((((( Archivos creados desde 2008-03-07 - 2008-04-07 )))))))))))))))))))))))))))))))))
.

Ningún archivo ha sido creado durante este intervalo de tiempo

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-04-06 16:35 --------- d-----w C:\ProgramData\mfufviti
2008-04-04 19:48 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com
2008-04-04 19:47 --------- d-----w C:\Users\Jaume\AppData\Roaming\SUPERAntiSpyware.co m
2008-04-04 19:47 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-04-04 19:47 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-04 14:41 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-04-04 14:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-04 10:12 --------- d-----w C:\Program Files\MiniRacingOnline
2008-04-03 14:20 --------- d-----w C:\Program Files\Panda Security
2008-04-03 11:14 --------- d---a-w C:\ProgramData\TEMP
2008-04-02 21:53 --------- d-----w C:\ProgramData\Yahoo! Companion
2008-04-02 15:30 --------- d-----w C:\Program Files\Babylon
2008-04-02 14:26 --------- d-----w C:\Users\Jaume\AppData\Roaming\Skype
2008-04-02 13:33 --------- d-----w C:\Program Files\Winamp
2008-04-02 13:28 --------- d-----w C:\Program Files\CCleaner
2008-04-02 13:27 --------- d-----w C:\Program Files\Yahoo!
2008-04-01 16:57 --------- d-----w C:\Program Files\ewido
2008-04-01 13:50 --------- d-----w C:\ProgramData\MSScanAppDataDir
2008-03-29 17:45 1,146,232 ----a-w C:\Windows\System32\aswBoot.exe
2008-03-29 17:35 20,560 ----a-w C:\Windows\system32\drivers\aswFsBlk.sys
2008-03-29 17:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-03-29 17:31 75,856 ----a-w C:\Windows\system32\drivers\aswSP.sys
2008-03-29 17:29 23,152 ----a-w C:\Windows\system32\drivers\aswRdr.sys
2008-03-29 17:27 42,912 ----a-w C:\Windows\system32\drivers\aswTdi.sys
2008-03-29 17:23 95,608 ----a-w C:\Windows\System32\AvastSS.scr
2008-03-19 23:22 --------- d-----w C:\Program Files\rFactor
2008-03-14 21:53 --------- d-----w C:\Users\Jaume\AppData\Roaming\uTorrent
2008-03-13 12:35 --------- d-----w C:\Program Files\Windows Mail
2008-03-09 18:02 --------- d-----w C:\Program Files\SopCast
2008-02-27 21:26 --------- d-----w C:\Program Files\TVAnts
2008-02-17 15:02 --------- d-----w C:\Program Files\Common Files\Steam
2008-02-17 14:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-14 02:07 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-14 02:07 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-14 02:04 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-14 02:04 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-14 02:04 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-14 02:04 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-14 02:04 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-14 02:04 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-14 02:03 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-14 02:03 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 02:03 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 02:03 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-14 02:03 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-14 02:03 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-14 02:03 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-14 02:03 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 02:03 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 02:03 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-14 02:03 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-14 02:03 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-14 02:01 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-14 02:01 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-14 02:01 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-14 02:01 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-09 17:31 --------- d-----w C:\Users\Jaume\AppData\Roaming\Paludour
2008-01-10 08:40 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2007-09-15 15:09 174 --sha-w C:\Program Files\desktop.ini
2007-08-17 12:31 5,059,072 ----a-w C:\Users\Jaume\autorun.dat
2007-08-17 12:01 26,272 ----a-w C:\Users\Jaume\config.dat
2007-08-17 12:00 5,640,192 ----a-w C:\Users\Jaume\FIFA08 Demo.exe
2007-08-17 05:16 402,696 ----a-w C:\Users\Jaume\AutoRun.exe
2007-08-17 05:16 386,312 ----a-w C:\Users\Jaume\EASetup.exe
.

((((((((((((((((((((((((((((( snapshot@2008-04-06_16.37.16,36 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-06 1319 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-04-07 08:57:26 67,584 --s-a-w C:\Windows\bootstat.dat
- 2008-04-05 22:23:57 1,773,072 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache3.0.0.0.dat
+ 2008-04-07 08:56:13 1,773,072 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache3.0.0.0.dat
- 2008-04-06 14:25:35 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\usrclass.dat
+ 2008-04-07 08:59:02 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\usrclass.dat
- 2008-04-06 13:11:53 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-04-07 08:58:58 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-04-06 14:33:26 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\ Local\Microsoft\Windows\usrclass.dat
+ 2008-04-07 09:00:31 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\ Local\Microsoft\Windows\usrclass.dat
- 2008-04-06 13:11:48 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.D AT
+ 2008-04-07 08:58:52 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.D AT
- 2008-04-06 13:15:28 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2008-04-07 09:02:36 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
- 2008-04-06 13:15:28 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-04-07 09:02:36 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-06 13:15:28 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2008-04-07 09:02:36 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
- 2008-04-06 13:14:43 104,768 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-04-07 09:03:48 104,768 ----a-w C:\Windows\System32\perfc009.dat
- 2008-04-06 13:14:43 123,364 ----a-w C:\Windows\System32\perfc00A.dat
+ 2008-04-07 09:03:48 123,364 ----a-w C:\Windows\System32\perfc00A.dat
- 2008-04-06 13:14:43 613,046 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-04-07 09:03:48 613,046 ----a-w C:\Windows\System32\perfh009.dat
- 2008-04-06 13:14:43 691,180 ----a-w C:\Windows\System32\perfh00A.dat
+ 2008-04-07 09:03:48 691,180 ----a-w C:\Windows\System32\perfh00A.dat
- 2008-04-06 13:12:18 10,142 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2804976899-3378241370-351480153-1000_UserData.bin
+ 2008-04-07 08:59:34 10,294 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2804976899-3378241370-351480153-1000_UserData.bin
- 2008-04-06 13:12:18 95,702 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
+ 2008-04-07 08:59:33 96,594 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
- 2008-04-06 13:12:16 54,532 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2008-04-07 08:59:32 55,020 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-12-13 18:49 1185120 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2007-12-13 18:49 1185120]
"{965B54B0-71E0-4611-8DE7-F73FA0B20E26}"= "C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll" [2007-12-18 15:42 267488]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CLASSES_ROOT\clsid\{965b54b0-71e0-4611-8de7-f73fa0b20e26}]
[HKEY_CLASSES_ROOT\BabylonTBLib.BabylonTB.1]
[HKEY_CLASSES_ROOT\TypeLib\{162484B8-B114-453f-A344-C0B24B0F1D99}]
[HKEY_CLASSES_ROOT\BabylonTBLib.BabylonTB]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-12-13 18:49 1185120]
"{965B54B0-71E0-4611-8DE7-F73FA0B20E26}"= C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll [2007-12-18 15:42 267488]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CLASSES_ROOT\clsid\{965b54b0-71e0-4611-8de7-f73fa0b20e26}]
[HKEY_CLASSES_ROOT\BabylonTBLib.BabylonTB.1]
[HKEY_CLASSES_ROOT\TypeLib\{162484B8-B114-453f-A344-C0B24B0F1D99}]
[HKEY_CLASSES_ROOT\BabylonTBLib.BabylonTB]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe" [2007-09-20 21:45 171448]
"VoipBuster"="C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" [2008-01-22 19:30 8811824]
"pejswanj"="C:\ProgramData\pejswanj\aribihsd.e xe" [ ]
"eQGCnznfC1"="C:\ProgramData\ulajijmz\snwlkpqp.exe " [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36 201728]
"mzyhvtsa"="C:\ProgramData\mzyhvtsa\yjmfmvgz.e xe" [ ]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-07-12 03:03 1006264]
"KeNotify"="C:\Program Files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 17:14 34352]
"SVPWUTIL"="C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 21:42 438272]
"topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-04-02 12:48 577536]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-13 07:11 4489216 C:\Windows\RtHDVCpl.exe]
"TPwrMain"="C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 10:39 411192]
"HSON"="C:\Program Files\TOSHIBA\TBS\HSON.exe" [2006-12-07 16:49 55416]
"SmoothView"="C:\Program Files\Toshiba\SmoothView\SmoothView.exe" [2007-05-23 15:57 509496]
"00TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 16:32 538744]
"HWSetup"="\HWSetup.exe" [ ]
"NDSTray.exe"="NDSTray.exe" []
"Desktop SMS"="C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 10:51 1507328]
"Skytel"="Skytel.exe" [2007-05-28 14:39 1826816 C:\Windows\SkyTel.exe]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 16:40 413696]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-08 04:53 894512]
"Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe " [2007-02-19 16:00 571024]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 14:37 174872]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22 517768]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-29 18:32 185632]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-12-20 17:16 37376]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 21:16 286720]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp. exe" [2008-03-29 19:37 79224]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSVideo8"= VfWWDM32.dll
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"TCP Query User{8A320215-5546-40AA-A653-8376AB86483C}E:\\jocs\\steam\\steamapps\\jaumecv@e mail.com\\day of defeat source\\hl2.exe"= UDP:E:\jocs\steam\steamapps\jaumecv@email.com\day of defeat source\hl2.exe:hl2
"UDP Query User{9C25FB62-C88E-4F88-B27B-91B9FDEE4B70}E:\\jocs\\steam\\steamapps\\jaumecv@e mail.com\\day of defeat source\\hl2.exe"= TCP:E:\jocs\steam\steamapps\jaumecv@email.com\day of defeat source\hl2.exe:hl2
"TCP Query User{629B9401-2E99-4731-9291-71ABC3A0D7A9}E:\\jocs\\steam\\steamapps\\jaumecv@e mail.com\\half-life 2\\hl2.exe"= UDP:E:\jocs\steam\steamapps\jaumecv@email.com\half-life 2\hl2.exe:hl2
"UDP Query User{8C626A83-6FFC-4432-BFFE-87D616B54365}E:\\jocs\\steam\\steamapps\\jaumecv@e mail.com\\half-life 2\\hl2.exe"= TCP:E:\jocs\steam\steamapps\jaumecv@email.com\half-life 2\hl2.exe:hl2
"{5ACA8506-D40C-4D6B-8806-3257A342252A}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{8FD4EB2C-9E6C-4BE3-A15D-B56578C6C94A}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{07CAF7FE-FA47-40B7-8846-32AD5A447A06}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{ED799DCE-DCCC-4D69-9C05-CCC348BDE392}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{C1448998-3F84-4E62-BEA5-2828A0A5DBE5}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F44205CA-CAE9-43D9-AD06-24C6B6A91339}"= UDP:29900:LocalSubnet:LocalSubnet:team fortress
"{D9EA02A7-E493-45BD-A9E0-EECD58B3D015}"= UDP:28900:LocalSubnet:LocalSubnet:Team fortress 2
"TCP Query User{07EDF16D-DE76-471D-B703-CCF5D2A9E56F}E:\\jocs\\steam\\steamapps\\jaumecv@e mail.com\\team fortress 2\\hl2.exe"= UDP:E:\jocs\steam\steamapps\jaumecv@email.com\team fortress 2\hl2.exe:hl2
"UDP Query User{5F1519A7-9BE0-4122-8DCE-084FFCF2C74E}E:\\jocs\\steam\\steamapps\\jaumecv@e mail.com\\team fortress 2\\hl2.exe"= TCP:E:\jocs\steam\steamapps\jaumecv@email.com\team fortress 2\hl2.exe:hl2
"TCP Query User{3B0E5FAB-6184-437D-A5D9-3334AA4C8356}E:\\jocs\\steam\\steamapps\\jaumecv@e mail.com\\day of defeat source\\hl2.exe"= UDP:E:\jocs\steam\steamapps\jaumecv@email.com\day of defeat source\hl2.exe:hl2
"UDP Query User{0047251F-698D-4633-8D45-25B8BB4BAC64}E:\\jocs\\steam\\steamapps\\jaumecv@e mail.com\\day of defeat source\\hl2.exe"= TCP:E:\jocs\steam\steamapps\jaumecv@email.com\day of defeat source\hl2.exe:hl2
"TCP Query User{7F386566-84E5-40FD-A2DE-F7A935271B73}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{A601802E-02D4-42DB-B04A-6E006584D77D}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"{E03589D9-B96B-43EB-8CE5-448D6CA53595}"= UDP:E:\Jocs\Steam\Steam.exe:Steam
"{24D55F4E-E29A-4BDC-AB8D-226FF98C420B}"= TCP:E:\Jocs\Steam\Steam.exe:Steam
"TCP Query User{53050EE2-186C-43B4-AFC2-D9DB265DB328}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{B09E7127-DEEB-4389-8852-F73561A43777}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{130A50DD-BA28-41FC-9188-A9D145532529}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{1E18F374-BEC4-4B0A-BF02-71C9603DE75A}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{3317F407-EE72-4215-8A0F-AB259C532C7D}"= UDP:C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:Voi pBuster
"{9C4807E4-A078-4724-A3FF-6268E0D5AA02}"= TCP:C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:Voi pBuster
"TCP Query User{F04E39A2-231E-4CF2-BCA3-98C95171B319}E:\\jocs\\steam\\steamapps\\jaumecv@e mail.com\\source sdk base\\hl2.exe"= UDP:E:\jocs\steam\steamapps\jaumecv@email.com\sour ce sdk base\hl2.exe:hl2
"UDP Query User{53AF2585-90B9-4365-B4CE-DD71B0B8653F}E:\\jocs\\steam\\steamapps\\jaumecv@e mail.com\\source sdk base\\hl2.exe"= TCP:E:\jocs\steam\steamapps\jaumecv@email.com\sour ce sdk base\hl2.exe:hl2
"TCP Query User{AAC50D31-AAB1-4287-BD4D-89DF995570E6}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{C7671289-BDEB-455D-9D05-F694A75FFE12}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"{5D06BB24-2984-4E49-A8D7-EFA3C1087976}"= UDP:28114:utorrent
"TCP Query User{C8045284-DA59-4188-A20C-BE66213D56DA}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{5F827502-ED65-4095-9A72-9620642AF729}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{41BC2A72-0141-415F-B31F-F00BE1842285}C:\\program files\\windows sidebar\\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Windows Sidebar
"UDP Query User{C70395A0-08E4-4801-AA7B-2DCBE0778BF1}C:\\program files\\windows sidebar\\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Windows Sidebar
"{F25144A9-7FDF-4CBA-87A9-745B100A1D56}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{0274D5B8-80BB-40D7-96AF-040DE5F00EAF}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{DA65E4F4-0E31-4FD9-B6FF-8F4284C7359D}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{F2556135-AC4E-4822-8361-4CA4C40E7A27}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{5DBA1E68-2BA8-4332-9498-629C0E875B40}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{E6A4E6A1-9BAF-4B9A-9EA2-DD1EE7DFBE3B}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{355583A9-C588-47F1-889E-A948C8797A62}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{0F52A932-BF41-4F1A-8B84-4867926BA36E}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"TCP Query User{01ADDEEF-E847-4828-AD05-FAF5BA9E84F5}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{F5EAFD20-7BEF-44E7-B498-C8E4F66C1647}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{A79B4DC8-03B0-4489-9E73-F121F51B9F34}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{7A1271DE-39EF-4995-823E-F2F375F4685C}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{A057FFD4-1641-465A-A054-C4207B9BEC7F}C:\\program files\\kylotonn entertainment\\speedball 2 tournament\\speedball 2\\speedball2.exe"= UDP:C:\program files\kylotonn entertainment\speedball 2 tournament\speedball 2\speedball2.exe:speedball2
"UDP Query User{51D2326B-6AFA-479D-8285-07BC7A9A99BD}C:\\program files\\kylotonn entertainment\\speedball 2 tournament\\speedball 2\\speedball2.exe"= TCP:C:\program files\kylotonn entertainment\speedball 2 tournament\speedball 2\speedball2.exe:speedball2
"TCP Query User{9544255B-DA59-4EEC-819C-B8DB384E850F}C:\\program files\\totalcmd\\totalcmd.exe"= UDP:C:\program files\totalcmd\totalcmd.exe:Total Commander 32 bit international version, file manager replacement for Windows
"UDP Query User{F58E0F63-FA00-44C2-9818-986EDF800859}C:\\program files\\totalcmd\\totalcmd.exe"= TCP:C:\program files\totalcmd\totalcmd.exe:Total Commander 32 bit international version, file manager replacement for Windows
"TCP Query User{C1428D1B-CCDB-4E1E-9E69-BCF962202227}E:\\jocs\\flatout2\\flatout2.exe"= UDP:E:\jocs\flatout2\flatout2.exe:FlatOut2
"UDP Query User{EB0CE1FC-1880-4BC9-8296-0456911DAD22}E:\\jocs\\flatout2\\flatout2.exe"= TCP:E:\jocs\flatout2\flatout2.exe:FlatOut2
"TCP Query User{E063BFB8-7332-42AD-8B21-BF08E871B42D}E:\\jocs\\flatout2\\flatout2.exe"= UDP:E:\jocs\flatout2\flatout2.exe:FlatOut2
"UDP Query User{DC1ABB61-6783-41C0-ACBD-1F4CF5C70005}E:\\jocs\\flatout2\\flatout2.exe"= TCP:E:\jocs\flatout2\flatout2.exe:FlatOut2
"TCP Query User{50F96DCA-CA8C-4F4A-9642-AE8C0C910F6E}E:\\jocs\\team fortress 2\\hl2.exe"= UDP:E:\jocs\team fortress 2\hl2.exe:hl2
"UDP Query User{74BB2D3D-8C28-4014-92BB-607E1ECFC02B}E:\\jocs\\team fortress 2\\hl2.exe"= TCP:E:\jocs\team fortress 2\hl2.exe:hl2
"TCP Query User{3BE16B3E-C2F5-4387-88DB-55F1013B8005}E:\\jocs\\crimson çskies\\crimson.icd"= UDP:E:\jocs\crimson çskies\crimson.icd:Crimson Skies Executable
"UDP Query User{404AD68D-3C8E-44A4-8D6F-D77BAF602A62}E:\\jocs\\crimson çskies\\crimson.icd"= TCP:E:\jocs\crimson çskies\crimson.icd:Crimson Skies Executable
"TCP Query User{50004D95-E629-45D4-9F26-4E079C7B85FC}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"UDP Query User{BFFB2732-F9B3-4599-9409-E42EA1BC3355}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Archivo auxiliar de DirectPlay de Microsoft
"TCP Query User{75EC8F70-E0AE-4795-B80C-BB3183CAECA4}E:\\jocs\\testdriveunlimited\\testdri veunlimited.exe"= UDP:E:\jocs\testdriveunlimited\testdriveunlimited. exe:Test Drive Unlimited
"UDP Query User{DF08A004-5997-4A06-812B-5069BC3E5D2D}E:\\jocs\\testdriveunlimited\\testdri veunlimited.exe"= TCP:E:\jocs\testdriveunlimited\testdriveunlimited. exe:Test Drive Unlimited
"TCP Query User{D3F20D70-2E17-45FC-9327-88FB11F6D000}E:\\jocs\\ravenshield\\system\\ravens hield.exe"= UDP:E:\jocs\ravenshield\system\ravenshield.exe:rav enshield
"UDP Query User{0E42A06E-3AA4-4D06-94DE-F71B1C7D9078}E:\\jocs\\ravenshield\\system\\ravens hield.exe"= TCP:E:\jocs\ravenshield\system\ravenshield.exe:rav enshield
"TCP Query User{5AB9297C-E212-4F7A-9FE7-FE9841894BF2}E:\\jocs\\crimson çskies\\crimson.exe"= UDP:E:\jocs\crimson çskies\crimson.exe:Crimson Skies Executable
"UDP Query User{05B5BA9A-0253-4E78-A1AD-66ACFF684D2A}E:\\jocs\\crimson çskies\\crimson.exe"= TCP:E:\jocs\crimson çskies\crimson.exe:Crimson Skies Executable
"{A850880F-1E1C-4FD8-AA68-EF5F1E72C606}"= UDP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
"{0CCCEDD4-79C5-4828-B6AF-5513D9A69B7C}"= TCP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
"{3B01B727-9BAC-40DC-90F9-E948984B1178}"= UDP:C:\Program Files\Sierra\FEAR\FEARMP.exe:FEAR
"{1E2FFF04-246B-476F-9535-662738D4B8E7}"= TCP:C:\Program Files\Sierra\FEAR\FEARMP.exe:FEAR
"TCP Query User{54E89C9C-7C7F-4E2C-A5BF-F2B31D3D82CD}E:\\jocs\\rfactor\\rfactor.exe"= UDP:E:\jocs\rfactor\rfactor.exe:rFactor
"UDP Query User{F479F160-D7FE-41AA-ACCC-EFD96FF11988}E:\\jocs\\rfactor\\rfactor.exe"= TCP:E:\jocs\rfactor\rfactor.exe:rFactor
"TCP Query User{945DF74C-BB0B-4C4F-B22F-93E493E047C2}C:\\jocs\\pes 2008\\pes2008.exe"= UDP:C:\jocs\pes 2008\pes2008.exe:Pro Evolution Soccer 2008
"UDP Query User{CB1A0D16-1907-42D3-8D89-0369409F8B20}C:\\jocs\\pes 2008\\pes2008.exe"= TCP:C:\jocs\pes 2008\pes2008.exe:Pro Evolution Soccer 2008
"{9364368A-25F4-4DC9-B8C6-76BB7F4E9C57}"= TCP:5739:pes 2008
"{B5298CBB-3027-4371-8366-6038CC9C58A8}"= UDP:80:pes2008 1
"{77EEE340-7995-4692-B27B-EC25F93C60ED}"= UDP:443:pes2008 2
"{317FA801-F607-48E8-B7D4-9E46355F0400}"= UDP:8800:pes 2008
"{0D4177D0-268F-4720-A14A-BE129785C8B6}"= UDP:8801:pes 2008
"{45DDCB12-E70C-4340-A923-4BBB35009ADA}"= UDP:8802:pes 2008
"{7EAB0B87-887E-4EBA-AC01-91083763791A}"= UDP:8803:pes 2008
"{021E2E12-BABF-42A4-89FD-F26F8B4980BC}"= UDP:8804:pes 2008
"{A0721B39-3DA6-4AB3-8073-3EE6D6115877}"= UDP:8805:pes 2008
"{ECEE7C47-5FDF-4F81-BED9-E0CEF107F5BC}"= UDP:8806:pes 2008
"{75C82DDF-DF0B-4FAC-940C-699E46001864}"= UDP:8807:pes 2008
"{31459A95-8E85-47AA-BCEE-FCD9AD717820}"= UDP:8809:pes 2008
"{B3357E85-AE27-45E4-83E8-8D24A18B1C27}"= UDP:8810:pes 2008
"{5ADD63D9-E7F8-4E04-8667-294E6C39C36F}"= UDP:8811:pes 2008
"{8E64D1A8-FCC8-47E9-9B12-57EEF92F2C45}"= UDP:8812:pes 2008
"{BA5DB2C4-1C99-46FD-9019-A4F3EE46F117}"= UDP:8813:pes 2008
"{82E26D9B-7465-4F3A-9E68-E062636BFF43}"= UDP:8814:pes 2008
"{BBF816AF-427F-4EA0-B6B8-A9C4EEAA178D}"= UDP:8815:pes 2008
"{7FE6D300-7106-42D4-932C-24567EDB2F61}"= UDP:8816:pes 2008
"{EED0A23A-7A0E-40AB-8DF5-2F768971085E}"= UDP:8817:pes 2008
"{6F9AE6C3-8092-4393-B1DD-906AD8C46658}"= UDP:8818:pes 2008
"{56F0AE5B-C49E-4E1E-B29A-5703FFD21BF2}"= UDP:8819:pes 2008
"{FC20F79E-AF1D-4C17-8CB6-AE66CA81CC0C}"= UDP:8820:pes 2008
"{B3D8AD81-8E36-4651-A70F-33D929550C56}"= UDP:8821:pes 2008
"{FA3780A0-DA2D-41CD-9611-8E3E4533FA3C}"= UDP:8822:pes 2008
"{83E60F80-629F-4EBC-BBFC-B963E4A3FAC8}"= UDP:8823:pes 2008
"{951561A5-B5CA-4F9F-B63B-0249BB944C66}"= UDP:8824:pes 2008
"{A12E7F39-AAD3-4C4B-B874-C7418C83D511}"= UDP:8825:pes 2008
"{15A63926-2D19-4DB3-9B27-BFDD31EA2F00}"= UDP:8826:pes 2008
"{6EEDB058-7281-43EF-A6E2-0708D78D167F}"= UDP:8827:pes 2008
"{7F4BFF22-7879-4C18-8196-FA37079CEC27}"= UDP:8828:pes 2008
"{3CF1F4B4-71CA-44B4-805C-5F1D4397C55D}"= UDP:8829:pes 2008
"{B3311CB9-CFD7-4C65-B900-C2A61BA9C1F4}"= UDP:8830:pes 2008
"{6A316D99-3D2E-4555-B622-960929BDCF37}"= UDP:8831:pes 2008
"{7E42A69C-A161-441F-8628-B77780841985}"= UDP:8832:pes 2008
"{06FA45DD-6255-49BB-BF12-DBCC9D8D242C}"= UDP:8833:pes 2008
"{8BDB8706-E90F-4303-8538-1B722544A0E0}"= UDP:8834:pes 2008
"{EB8F5005-3242-428A-A17F-74A1ADCCEDAE}"= UDP:8835:pes 2008
"{4FDD9BF3-952F-4B66-9A0A-F058132862E9}"= UDP:8836:pes 2008
"{ABC2211A-F468-46CB-81E7-3F6535CB0586}"= UDP:8837:pes 2008
"{11576496-DE89-4F0B-B3D2-EF72060312C9}"= UDP:8838:pes 2008
"{52B7B7CE-A8A8-43CF-BCE4-DBC78699D4E5}"= UDP:8839:pes 2008
"{0195AEB5-DD78-4E28-834E-3AA15F7BE6BC}"= UDP:8840:pes 2008
"{0AA82A6C-D1FC-4542-AF39-0A60FB8E9A0C}"= UDP:8841:pes 2008
"{419F3C2A-2659-493D-B26E-ACBE150E97C2}"= UDP:8842:pes 2008
"{42A4EE7C-F7AE-4E87-825B-24D2476A9A71}"= UDP:8843:pes 2008
"{3E39AD09-C9D8-4812-8802-AE1D72782706}"= UDP:8844:pes 2008
"{488DE13A-A690-49FA-AE18-D8EABBD16E21}"= UDP:8845:pes 2008
"{55456879-7352-4D8D-827A-7C43CEC5641B}"= UDP:8846:pes 2008
"{0D221F34-68B8-4F31-BE86-FB002C333F13}"= UDP:8847:pes 2008
"{E40E90D3-8D72-477A-849C-FC1965424EAF}"= UDP:8848:pes 2008
"{11FB3509-5818-403B-ADE4-9529602797E2}"= UDP:8849:pes 2008
"{FDBBA9BD-2FA5-4713-BCE6-06AB5D1E1F1F}"= UDP:8850:pes 2008
"{2D35F049-172E-4BF7-B955-78961F62BFD9}"= UDP:14020:pes 2008
"{9D1C78FE-1945-4997-BB2D-5FBC806F69A5}"= TCP:5730:pes 2008
"{C44723DA-87E9-4501-A290-68F14349740B}"= TCP:5731:pes 2008
"{CC037DA3-3D02-4493-BD68-29A719B9F244}"= TCP:5732:pes 2008
"{2B377D7F-7E85-47B6-8841-93CB7BC161F8}"= TCP:5733:pes 2008
"{15F6811A-62ED-48C9-9384-9747972C392F}"= TCP:5734:pes 2008
"{FFFEA570-3859-4E74-AC88-F4B79F152136}"= TCP:5735:pes 2008
"{E5FC3F69-8A75-4EA8-A5F2-BAA1907363B1}"= TCP:5736:pes 2008
"{729DEE13-8230-4D9E-BF4D-719A3B14AC55}"= TCP:5737:pes 2008
"{7F57950A-FD6C-430B-B874-7E1B592E7AF1}"= TCP:5738:pes 2008
"{7EBF2651-6697-4BC7-9D94-A15AB433DFCA}"= UDP:8851:pes 2008
"{3D49B0A6-B78C-4D6C-B3E6-84EE61B536AE}"= UDP:8852:pes 2008
"{26AE0EC9-7862-4CB9-9D3A-EB41DC848A58}"= UDP:8853:pes 2008
"{6838A6E7-3B64-4729-9400-1229B371C3D3}"= UDP:8854:pes 2008
"{4F4B72AE-945C-4D84-9964-C7660CCC5226}"= UDP:8855:pes 2008
"{A347C0E3-E7DB-44DC-A686-4CDC78367203}"= UDP:8856:pes 2008
"{34215373-66C2-439E-B41D-6EEE00171F95}"= UDP:8857:pes 2008
"{6CE81FD6-D553-40D0-858F-EF7B0C81CE9E}"= UDP:8858:pes 2008
"{9BBBE457-544B-41A1-8214-8A2AA7948949}"= UDP:8859:pes 2008
"{B15371D6-51E9-4311-A5BF-424FCC882156}"= UDP:8860:pes 2008
"{8D58BA7E-6240-4C00-B794-FF7639FD3E56}"= UDP:8861:pes 2008
"{BD90609E-1F73-4FE3-A5AE-417EB7C3348B}"= UDP:8862:pes 2008
"{8025A80F-CBA6-4C23-962E-84587617E212}"= UDP:8863:pes 2008
"{02521F7A-B3C4-4662-AB5F-BBA1DE2D1F6F}"= UDP:8864:pes 2008
"{64BB60D3-C64C-4DEB-96AE-496594625EDB}"= UDP:8865:pes 2008
"{567EDD7A-76D7-495B-9931-03664BBFF9CC}"= UDP:8866:pes 2008
"{DE16ACCE-3F12-4E1F-B78E-38021B1C6A57}"= UDP:8867:pes 2008
"{2DB44F1F-208A-45F3-9BF1-D2D1FB9216A2}"= UDP:8868:pes 2008
"{CE86D9C5-A321-4975-A0AE-FB84B415A794}"= UDP:8869:pes 2008
"{42ACA596-3A16-49C1-955B-7F1E3F8C6027}"= UDP:8870:pes 2008
"{B5A1E947-FE24-45D9-A57E-E9E96D5D36E1}"= UDP:8871:pes 2008
"{9A2FA8E6-BAEF-4486-92AC-A48ADD868B99}"= UDP:8872:pes 2008
"{7FC19D9D-DE9C-4A8E-8F30-9B3C37B59418}"= UDP:8873:pes 2008
"{62A8F3C2-EECF-4445-93DC-D571E9BEF8F1}"= UDP:8874:pes 2008
"{DB3E9DFA-74CC-482A-8B21-E1EF53674220}"= UDP:8875:pes 2008
"{4FE0E106-DE73-4C38-ABEC-6CD15D51F34E}"= UDP:8876:pes 2008
"{83EFCA02-5832-49D3-AA33-4B1FBA27DFB9}"= UDP:8877:pes 2008
"{EDB1E4E2-A16F-4CED-8A85-B9D33ABC0346}"= UDP:8878:pes 2008
"{C7220C4A-17A2-4824-8BCE-CD9F524EBEEF}"= UDP:8879:pes 2008
"{6B858CD6-EF2F-48FE-BBCD-2C7BFD455102}"= UDP:8880:pes 2008
"{D3695EC4-5916-42BB-969C-38D2656FE876}"= UDP:8881:pes 2008
"{9761DA6C-8085-43C2-AB81-4E7D4F5A9D5E}"= UDP:8882:pes 2008
"{1E2CBF68-3AA1-4F1A-B126-B6E9C389FB1F}"= UDP:8883:pes 2008
"{FE186DB3-8B38-4D9E-9BDE-C7224960FD54}"= UDP:8884:pes 2008
"{2B71AE18-D6EA-459D-A8F7-76A006644154}"= UDP:8885:pes 2008
"{A573B296-113B-47DC-B4E3-609AC5906BBA}"= UDP:8886:pes 2008
"{C6728DFB-4824-441E-85A4-2A97233C7237}"= UDP:8887:pes 2008
"{A432D256-C987-4444-918C-6379EDB3E52A}"= UDP:8888:pes 2008
"{6EDFC778-063E-4859-8FD7-7DED27682BCE}"= UDP:8889:pes 2008
"{A22B0C22-84AF-4382-BA36-0D943E926D07}"= UDP:8890:pes 2008
"{BC7F26C2-B92F-4754-A9E0-04EF9A360AF5}"= UDP:8891:pes 2008
"{5B3A89D2-30E3-4AF8-AC73-BE5FA81B5EFC}"= UDP:8892:pes 2008
"{4B297556-7A73-4D4C-AAE7-74EB7CC3F627}"= UDP:8893:pes 2008
"{EEF3349C-42D5-458F-85B0-C4DF31500C0D}"= UDP:8894:pes 2008
"{26C9A03C-48FF-405F-8EDF-BF959880EF07}"= UDP:8895:pes 2008
"{B50155EF-6BD2-4BDD-A40B-00BB80262201}"= UDP:8896:pes 2008
"{DEC91D48-6EFC-4C38-83A4-95105DB7FE4D}"= UDP:8897:pes 2008
"{7F85FDA5-2592-43BF-A53E-524B9D616BCE}"= UDP:8898:pes 2008
"{5341BA6D-5CB3-425D-B8E9-B1EC4F8588A5}"= UDP:8899:pes 2008
"TCP Query User{4CB2B73E-D401-45CF-990A-ABE2FD99FB5D}E:\\jocs\\testdriveunlimited\\testdri veunlimited.exe"= UDP:E:\jocs\testdriveunlimited\testdriveunlimited. exe:Test Drive Unlimited
"UDP Query User{DB260EDA-8660-45B2-9182-E411760DCF2A}E:\\jocs\\testdriveunlimited\\testdri veunlimited.exe"= TCP:E:\jocs\testdriveunlimited\testdriveunlimited. exe:Test Drive Unlimited
"TCP Query User{C3DDABA8-F245-4841-88D3-F7C21D835DB4}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{A4E70C34-A224-4980-8ABB-1782A038CB85}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"{569F9E4F-7715-4D01-A8AA-97D350B0C106}"= UDP:C:\Program Files\MiniRacingOnline\MiniRacingOnLine.exe:MiniRa cingOnLine
"{D3962026-C064-440D-840F-F326D03E08E7}"= TCP:C:\Program Files\MiniRacingOnline\MiniRacingOnLine.exe:MiniRa cingOnLine

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|S vc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"DisableNotifications"= 1 (0x1)

R0 CplIR;Embedded IR Driver;C:\Windows\system32\DRIVERS\CplIR.SYS [2007-03-06 15:01]
R0 LPCFilter;LPC Lower Filter Driver;C:\Windows\system32\DRIVERS\LPCFilter.sys [2006-07-28 16:25]
R0 tos_sps32;TOSHIBA tos_sps32 Service;C:\Windows\system32\DRIVERS\tos_sps32.sys [2007-06-15 21:04]
R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
R1 BRCMDECO;BRCMDECO;C:\Windows\system32\DRIVERS\BRCM HD32.sys [2007-05-15 15:44]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswF sBlk.sys [2008-03-29 19:35]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\as wMonFlt.sys [2008-03-29 19:32]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R2 TNaviSrv;TOSHIBA Navi Support Service;C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe [2007-06-15 21:46]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 21:55]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atik mdag.sys [2007-06-21 11:36]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 12:50]
R3 tosrfec;Bluetooth ACPI;C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 16:32]
R3 UVCFTR;UVCFTR;C:\Windows\system32\Drivers\UVCFTR_S .SYS [2007-04-16 10:19]
S3 athr;Controlador de dispositivo de LAN inalámbrica extensible Atheros;C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 09:30]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-02-16 20:04]
S4 KR10I;KR10I;C:\Windows\system32\drivers\kr10i.sys [2007-01-18 16:40]
S4 KR10N;KR10N;C:\Windows\system32\drivers\kr10n.sys [2007-01-18 16:47]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{12b7de87-ae06-11dc-ac07-001b381daaeb}]
\shell\Auto\command - qbtsydcvp.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL qbtsydcvp.exe

.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-07 11:04:22
Windows 6.0.6000 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
--------------------- DLLs cargados bajo los procesos en ejecución ---------------------

PROCESS: C:\Windows\Explorer.exe
-> C:\Program Files\IDM\Desktop SMS\oehook.dll
.
Tiempo completado: 2008-04-07 11:04:54
ComboFix-quarantined-files.txt 2008-04-07 09:04:50
ComboFix2.txt 2008-04-06 14:37:35
El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.
El sistema no puede encontrar el texto del mensaje para el mensaje número 0x2379 en el archivo de mensajes para Application.
.
2008-04-06 16:43:36 --- E O F ---
Responder Con Cita