Blog Registrarse Manuales Programas Glosario

Regresar   Foro de Spyware » Spyware - Adware - Hijackers - Malwares » Foro de Virus y Spywares
Actualizar Win32.TrojanDownloader.Agent
 

Para evitar Virus, Spyware y otros Malwares, te recomendamos mantenerte informado en: InfoSpyware Blog


Foro de Virus y Spywares Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector.
No ponga su log de HijackThis aquí !!

Tema Cerrado
Página 1 de 5 1 2345
 
Enviar a: Herramientas
  post #1  
Antiguo 14/03/09, 20:19:05
Usuario
  
Registrado: mar 2009
Ubicación: España
Mensajes: 22
Malware Win32.TrojanDownloader.Agent
Hola a todos!! Primero deciros que mi ordenador es un portátil Intel Pentium Centrino de 1,5 MHz, 1 Gb de RAM, 80 Gb disco duro con ahora más o menos 20 libres y SO Windows XP SP2.

Desde hace un tiempo va bastante lento sobre todo al iniciarlo. Le pasaba con frecuencia el Panda y el Ad-ware 2008 (ahora, anniversary edition) hallando simplemente algunos coockies espías. Sin embargo, ha sido esta mañana cuando la CPU alcanzaba valores constantes del 100% y el uso de PF 1,85 Gb. Ante ese caso he comenzado a preocuparme y he pasado el Ad-ware encontrando 4 coockies, y un archivos y una clave de registro infectados por el Win32.TrojanDownloader.Agent. He eliminado las coockies y los dos archivos los he mandado a cuarentena. He pasado el Panda y me ha dado resultado nulo. Unas horas después he vuelto a pasar el ad-warey de nuevo han aparecido 2 coockies y un nuevo archivo infectado por el mismo que también he mandado en cuarentena. Ha sido entonces cuando he creído que era necesario buscar una solución ya que si ahora lo pasara de nuevo, encontraría otro archivo que sumar a la lista de cuarentena.

Os paso aquí los dos registros de análisis de Ad-ware esperando que sea posible una buena solucción. Los valores actuales de CPU rondan hahora entre el 3% y el 25% siendo habitual los picos de 8%. El uso de PF está en 790 Mb cuando recuerdo que hace un tiempo estaba a 200 y algo. Muchísimas gracias.

1er análisis

Logfile created: 14/03/2009 16:11:38
Lavasoft Ad-Aware version: 8.0.3
Extended engine version: 8.1
User performing scan: Daniel

*********************** Definitions database information ***********************
Lavasoft definition file: 146.22
Extended engine definition file: 8.1

******************************** Scan results: *********************************
Scan profile name: Análisis completo (ID: full)
Objects scanned: 157862
Objects detected: 6


Type Detected
==========================
Processes.......: 0
Registry entries: 1
Hostfile entries: 0
Files...........: 1
Folders.........: 0
LSPs............: 0
Cookies.........: 4
Browser hijacks.: 0
MRU objects.....: 0



Removed items:
Description: *2o7* Family Name: Cookies Clean status: Success Item ID: 408943 Family ID: 0
Description: *revsci* Family Name: Cookies Clean status: Success Item ID: 409137 Family ID: 0
Description: *weborama* Family Name: Cookies Clean status: Success Item ID: 408955 Family ID: 0
Description: *wunderloop* Family Name: Cookies Clean status: Success Item ID: 599639 Family ID: 0

Quarantined items:
Description: C:\Archivos de programa\Archivos comunes\Real\GToolbar\GoogleToolbarInstaller.exe Family Name: Win32.TrojanDownloader.Agent Clean status: Success Item ID: 573990 Family ID: 1001
Description: HKU:S-1-5-21-1292428093-1060284298-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced:Hidden Family Name: Win32.TrojanDownloader.Agent Clean status: Success Item ID: 414374 Family ID: 1001

Scan and cleaning complete: Finished correctly after 3697 seconds

*********************************** Settings ***********************************

Scan profile:
ID: full, enabled:1, value: Análisis completo
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: folderstoscan, enabled:1, value: C:\
ID: scanrootkits, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: extendedengine, enabled:0, value: true
ID: useheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480

Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav

Scheduled scan settings:
<Empty>

Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: normal, domain: normal,off,silently
ID: displaystatus, enabled:1, value: false
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: autodetectproxy, enabled:1, value: false
ID: useautoconfigscript, enabled:1, value: false
ID: autoconfigurl, enabled:0, value:
ID: useproxy, enabled:1, value: false
ID: proxyserver, enabled:0, value:
ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily, enabled:1, value: Daily
ID: time, enabled:1, value: Sat Mar 14 16:03:00 2009
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly, enabled:1, value: Weekly
ID: time, enabled:1, value: Sat Mar 14 16:03:00 2009
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: true
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false

Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: language, enabled:1, value: es, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

Realtime protection settings:
ID: realtime, enabled:1
ID: processprotection, enabled:1, value: true
ID: registryprotection, enabled:0, value: true
ID: networkprotection, enabled:0, value: true
ID: loadatstartup, enabled:1, value: true
ID: usespywareheuristics, enabled:0, value: true
ID: extendedengine, enabled:0, value: true
ID: useheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: strict, domain: medium,mild,strict
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant


****************************** System information ******************************
Computer name: PORT
Processor name: Intel(R) Pentium(R) M processor 1500MHz
Processor identifier: x86 Family 6 Model 9 Stepping 5
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 2309, number of processors 1
Physical memory available: 480960512 bytes
Physical memory total: 1073201152 bytes
Virtual memory available: 2050768896 bytes
Virtual memory total: 2147352576 bytes
Memory load: 55%
Microsoft Windows XP Professional Service Pack 2 (build 2600)
Windows startup mode:

Running processes:
PID: 1176 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1292 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1316 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1360 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1372 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1544 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1556 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1644 name: C:\WINDOWS\system32\svchost.exe owner: Servicio de red domain: NT AUTHORITY
PID: 1836 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1852 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 2028 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 248 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 304 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1260 name: C:\WINDOWS\system32\S24EvMon.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1700 name: C:\WINDOWS\system32\svchost.exe owner: Servicio de red domain: NT AUTHORITY
PID: 668 name: C:\WINDOWS\system32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 580 name: C:\Archivos de programa\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1776 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 924 name: C:\Archivos de programa\Google\Update\GoogleUpdate.exe owner: SYSTEM domain: NT AUTHORITY
PID: 516 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1124 name: C:\Archivos de programa\Java\jre6\bin\jqs.exe owner: SYSTEM domain: NT AUTHORITY
PID: 368 name: C:\WINDOWS\system32\ZCfgSvc.exe owner: Daniel domain: PORT
PID: 1108 name: C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 2976 name: C:\WINDOWS\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 3128 name: C:\WINDOWS\Explorer.EXE owner: Daniel domain: PORT
PID: 2108 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2652 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3200 name: C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3616 name: C:\WINDOWS\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 1100 name: c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 2612 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3056 name: C:\WINDOWS\system32\RegSrvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 900 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2672 name: C:\Archivos de programa\Intel\PROSetWireless\NCS\PROSet\PRONoMgr. exe owner: Daniel domain: PORT
PID: 2832 name: C:\WINDOWS\SOUNDMAN.EXE owner: Daniel domain: PORT
PID: 3020 name: C:\WINDOWS\AGRSMMSG.exe owner: Daniel domain: PORT
PID: 3240 name: C:\Archivos de programa\ltmoh\Ltmoh.exe owner: Daniel domain: PORT
PID: 3280 name: C:\WINDOWS\system32\1XConfig.exe owner: Daniel domain: PORT
PID: 3364 name: C:\Archivos de programa\EzButton\CplBCL50.EXE owner: Daniel domain: PORT
PID: 3532 name: C:\Archivos de programa\Java\jre6\bin\jusched.exe owner: Daniel domain: PORT
PID: 3580 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE owner: Daniel domain: PORT
PID: 1868 name: C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe owner: Daniel domain: PORT
PID: 612 name: C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe owner: Daniel domain: PORT
PID: 2608 name: C:\Archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe owner: Daniel domain: PORT
PID: 3700 name: C:\Archivos de programa\pdf24\PDFBackend.exe owner: Daniel domain: PORT
PID: 552 name: C:\Archivos de programa\Lavasoft\Ad-Aware\AAWTray.exe owner: Daniel domain: PORT
PID: 2072 name: C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolba rNotifier.exe owner: Daniel domain: PORT
PID: 2712 name: C:\WINDOWS\system32\ctfmon.exe owner: Daniel domain: PORT
PID: 2776 name: C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe owner: Daniel domain: PORT
PID: 3328 name: C:\Archivos de programa\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Daniel domain: PORT
PID: 2724 name: C:\WINDOWS\system32\wuauclt.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3468 name: C:\Archivos de programa\HP\Digital Imaging\bin\hpqgalry.exe owner: Daniel domain: PORT
PID: 3804 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2324 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3312 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3428 name: C:\WINDOWS\system32\wuauclt.exe owner: Daniel domain: PORT
PID: 3524 name: C:\WINDOWS\system32\wbem\wmiapsrv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2180 name: C:\WINDOWS\System32\alg.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 948 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe owner: Daniel domain: PORT
PID: 2592 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\avciman.exe owner: Daniel domain: PORT
PID: 3352 name: C:\Archivos de programa\HP\Digital Imaging\bin\hpqSTE08.exe owner: Daniel domain: PORT
PID: 3176 name: C:\Archivos de programa\HP\Digital Imaging\bin\hpqbam08.exe owner: Daniel domain: PORT
PID: 444 name: C:\Archivos de programa\HP\Digital Imaging\bin\hpqgpc01.exe owner: Daniel domain: PORT

Startup items:
Name: NeroFilterCheck
imagepath: C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe
Name: PRONoMgr.exe
imagepath: C:\Archivos de programa\Intel\PROSetWireless\NCS\PROSet\PRONoMgr. exe
Name: SoundMan
imagepath: SOUNDMAN.EXE
Name: AGRSMMSG
imagepath: AGRSMMSG.exe
Name: LtMoh
imagepath: C:\Archivos de programa\ltmoh\Ltmoh.exe
Name: CplBCL50
imagepath: C:\Archivos de programa\EzButton\CplBCL50.EXE
Name: SunJavaUpdateSched
imagepath: "C:\Archivos de programa\Java\jre6\bin\jusched.exe"
Name: ATIModeChange
imagepath: Ati2mdxx.exe
Name: APVXDWIN
imagepath: "C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s
Name: HP Component Manager
imagepath: "C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe"
Name: DXDllRegExe
imagepath: dxdllreg.exe
Name: TkBellExe
imagepath: "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
Name: hpqSRMon
imagepath: C:\Archivos de programa\HP\Digital Imaging\bin\hpqSRMon.exe
Name: Adobe Reader Speed Launcher
imagepath: "C:\Archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Name: QuickTime Task
imagepath: "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
Name: PDFPrint
imagepath: "C:\Archivos de programa\pdf24\PDFBackend.exe"
Name: Ad-Watch
imagepath: C:\Archivos de programa\Lavasoft\Ad-Aware\AAWTray.exe
Name: PostBootReminder
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
Name: CDBurn
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: SysTray
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Name: WPDShServiceObj
imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Name: Nokia.PCSync
imagepath: "C:\Archivos de programa\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog
Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
imagepath: Precargador Browseui
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Demonio de caché de las categorías de componente
Name:
location: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Adobe Gamma Loader.lnk
imagepath: C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
Name:
imagepath: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\desktop.ini
Name:
location: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\HP Digital Imaging Monitor.lnk
imagepath: C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
Name:
location: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Inicio rápido de HP Image Zone.lnk
imagepath: C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe

Bootexecute items:
Name:
imagepath: autocheck autochk *

Running services:
Name: ALG
displayname: Servicio de puerta de enlace de capa de aplicación
Name: Ati HotKey Poller
displayname: Ati HotKey Poller
Name: AudioSrv
displayname: Audio de Windows
Name: BITS
displayname: Servicio de transferencia inteligente en segundo plano
Name: Browser
displayname: Examinador de equipos
Name: CryptSvc
displayname: Servicios de cifrado
Name: DcomLaunch
displayname: Iniciador de procesos de servidor DCOM
Name: Dhcp
displayname: Cliente DHCP
Name: dmserver
displayname: Administrador de discos lógicos
Name: Dnscache
displayname: Cliente DNS
Name: ERSvc
displayname: Servicio de informe de errores
Name: Eventlog
displayname: Registro de sucesos
Name: EventSystem
displayname: Sistema de sucesos COM+
Name: FastUserSwitchingCompatibility
displayname: Compatibilidad de cambio rápido de usuario
Name: helpsvc
displayname: Ayuda y soporte técnico
Name: hpqcxs08
displayname: hpqcxs08
Name: hpqddsvc
displayname: Servicio HP CUE DeviceDiscovery
Name: HPSLPSVC
displayname: HP Network Devices Support
Name: Irmon
displayname: Monitor de infrarrojos
Name: JavaQuickStarterService
displayname: Java Quick Starter
Name: lanmanserver
displayname: Servidor
Name: lanmanworkstation
displayname: Estación de trabajo
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LmHosts
displayname: Ayuda de NetBIOS sobre TCP/IP
Name: MDM
displayname: Machine Debug Manager
Name: Net Driver HPZ12
displayname: Net Driver HPZ12
Name: Netman
displayname: Conexiones de red
Name: Nla
displayname: NLA (Network Location Awareness)
Name: Panda Software Controller
displayname: Panda Software Controller
Name: PAVFNSVR
displayname: Panda Function Service
Name: PavPrSrv
displayname: Panda Process Protection Service
Name: PAVSRV
displayname: Panda anti-virus service
Name: PlugPlay
displayname: Plug and Play
Name: Pml Driver HPZ12
displayname: Pml Driver HPZ12
Name: PolicyAgent
displayname: Servicios IPSEC
Name: ProtectedStorage
displayname: Almacenamiento protegido
Name: PSHost
displayname: Panda Host Service
Name: PSIMSVC
displayname: Panda IManager Service
Name: RasMan
displayname: Administrador de conexión de acceso remoto
Name: RegSrvc
displayname: RegSrvc
Name: RemoteRegistry
displayname: Registro remoto
Name: RpcSs
displayname: Llamada a procedimiento remoto (RPC)
Name: S24EventMonitor
displayname: Spectrum24 Event Monitor
Name: SamSs
displayname: Administrador de cuentas de seguridad
Name: Schedule
displayname: Programador de tareas
Name: seclogon
displayname: Inicio de sesión secundario
Name: SENS
displayname: Notificación de sucesos del sistema
Name: SharedAccess
displayname: Firewall de Windows/Conexión compartida a Internet (ICS)
Name: ShellHWDetection
displayname: Detección de hardware shell
Name: Spooler
displayname: Cola de impresión
Name: srservice
displayname: Servicio de restauración de sistema
Name: SSDPSRV
displayname: Servicio de descubrimientos SSDP
Name: stisvc
displayname: Adquisición de imágenes de Windows (WIA)
Name: TapiSrv
displayname: Telefonía
Name: TermService
displayname: Servicios de Terminal Server
Name: Themes
displayname: Temas
Name: TPSrv
displayname: Panda TPSrv
Name: TrkWks
displayname: Cliente de seguimiento de vinculos distribuidos
Name: W32Time
displayname: Horario de Windows
Name: WebClient
displayname: Cliente Web
Name: winmgmt
displayname: Instrumental de administración de Windows
Name: WmiApSrv
displayname: Adaptador de rendimiento de WMI
Name: wscsvc
displayname: Centro de seguridad
Name: wuauserv
displayname: Actualizaciones automáticas
Name: WudfSvc
displayname: Windows Driver Foundation - User-mode Driver Framework
Name: WZCSVC
displayname: Configuración inalámbrica rápida

2º análisis

Logfile created: 14/03/2009 21:15:58
Lavasoft Ad-Aware version: 8.0.3
Extended engine version: 8.1
User performing scan: Daniel

*********************** Definitions database information ***********************
Lavasoft definition file: 146.22
Extended engine definition file: 8.1

******************************** Scan results: *********************************
Scan profile name: Análisis completo (ID: full)
Objects scanned: 160093
Objects detected: 3


Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 1
Folders.........: 0
LSPs............: 0
Cookies.........: 2
Browser hijacks.: 0
MRU objects.....: 0



Removed items:
Description: *2o7* Family Name: Cookies Clean status: Success Item ID: 408943 Family ID: 0
Description: *weborama* Family Name: Cookies Clean status: Success Item ID: 408955 Family ID: 0

Quarantined items:
Description: C:\System Volume Information\_restore{9BA9067D-DB21-4ACB-A65F-259F33EC3133}\RP320\A0052656.exe Family Name: Win32.TrojanDownloader.Agent Clean status: Success Item ID: 573990 Family ID: 1001

Scan and cleaning complete: Finished correctly after 3487 seconds

*********************************** Settings ***********************************

Scan profile:
ID: full, enabled:1, value: Análisis completo
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: folderstoscan, enabled:1, value: C:\
ID: scanrootkits, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: extendedengine, enabled:0, value: true
ID: useheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480

Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav

Scheduled scan settings:
<Empty>

Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: normal, domain: normal,off,silently
ID: displaystatus, enabled:1, value: false
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: autodetectproxy, enabled:1, value: false
ID: useautoconfigscript, enabled:1, value: false
ID: autoconfigurl, enabled:0, value:
ID: useproxy, enabled:1, value: false
ID: proxyserver, enabled:0, value:
ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily, enabled:1, value: Daily
ID: time, enabled:1, value: Sat Mar 14 16:03:00 2009
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly, enabled:1, value: Weekly
ID: time, enabled:1, value: Sat Mar 14 16:03:00 2009
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: true
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false

Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: language, enabled:1, value: es, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

Realtime protection settings:
ID: realtime, enabled:1
ID: processprotection, enabled:1, value: true
ID: registryprotection, enabled:0, value: true
ID: networkprotection, enabled:0, value: true
ID: loadatstartup, enabled:1, value: true
ID: usespywareheuristics, enabled:0, value: true
ID: extendedengine, enabled:0, value: true
ID: useheuristics, enabled:0, value: true
ID: heuristicslevel, enabled:0, value: strict, domain: medium,mild,strict
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant


****************************** System information ******************************
Computer name: PORT
Processor name: Intel(R) Pentium(R) M processor 1500MHz
Processor identifier: x86 Family 6 Model 9 Stepping 5
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 2309, number of processors 1
Physical memory available: 394440704 bytes
Physical memory total: 1073201152 bytes
Virtual memory available: 2038874112 bytes
Virtual memory total: 2147352576 bytes
Memory load: 63%
Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Windows startup mode:

Running processes:
PID: 1172 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1300 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1328 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1372 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1384 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1556 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1568 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1644 name: C:\WINDOWS\system32\svchost.exe owner: Servicio de red domain: NT AUTHORITY
PID: 1840 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1864 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 2028 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 248 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 304 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1252 name: C:\WINDOWS\system32\S24EvMon.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1716 name: C:\WINDOWS\system32\svchost.exe owner: Servicio de red domain: NT AUTHORITY
PID: 652 name: C:\WINDOWS\system32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 600 name: C:\Archivos de programa\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1712 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1292 name: C:\Archivos de programa\Google\Update\GoogleUpdate.exe owner: SYSTEM domain: NT AUTHORITY
PID: 356 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 980 name: C:\Archivos de programa\Java\jre6\bin\jqs.exe owner: SYSTEM domain: NT AUTHORITY
PID: 464 name: C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 1240 name: C:\WINDOWS\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 2100 name: C:\WINDOWS\system32\ZCfgSvc.exe owner: Daniel domain: PORT
PID: 2424 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3104 name: C:\WINDOWS\Explorer.EXE owner: Daniel domain: PORT
PID: 3636 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2124 name: C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2332 name: C:\WINDOWS\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 2800 name: c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 3648 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1884 name: C:\WINDOWS\system32\RegSrvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2528 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3840 name: C:\Archivos de programa\Intel\PROSetWireless\NCS\PROSet\PRONoMgr. exe owner: Daniel domain: PORT
PID: 3888 name: C:\WINDOWS\SOUNDMAN.EXE owner: Daniel domain: PORT
PID: 952 name: C:\WINDOWS\AGRSMMSG.exe owner: Daniel domain: PORT
PID: 1900 name: C:\Archivos de programa\ltmoh\Ltmoh.exe owner: Daniel domain: PORT
PID: 3140 name: C:\Archivos de programa\EzButton\CplBCL50.EXE owner: Daniel domain: PORT
PID: 2448 name: C:\Archivos de programa\Java\jre6\bin\jusched.exe owner: Daniel domain: PORT
PID: 2956 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE owner: Daniel domain: PORT
PID: 2984 name: C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe owner: Daniel domain: PORT
PID: 3156 name: C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe owner: Daniel domain: PORT
PID: 2368 name: C:\Archivos de programa\pdf24\PDFBackend.exe owner: Daniel domain: PORT
PID: 3088 name: C:\Archivos de programa\Lavasoft\Ad-Aware\AAWTray.exe owner: Daniel domain: PORT
PID: 3500 name: C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolba rNotifier.exe owner: Daniel domain: PORT
PID: 3804 name: C:\WINDOWS\system32\ctfmon.exe owner: Daniel domain: PORT
PID: 3060 name: C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe owner: Daniel domain: PORT
PID: 2788 name: C:\WINDOWS\system32\1XConfig.exe owner: Daniel domain: PORT
PID: 320 name: C:\Archivos de programa\HP\Digital Imaging\bin\hpqgalry.exe owner: Daniel domain: PORT
PID: 2784 name: C:\WINDOWS\system32\wuauclt.exe owner: Daniel domain: PORT
PID: 2116 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3456 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2640 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2064 name: C:\WINDOWS\system32\wbem\wmiapsrv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 4084 name: C:\WINDOWS\System32\alg.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 372 name: C:\Archivos de programa\HP\Digital Imaging\bin\hpqSTE08.exe owner: Daniel domain: PORT
PID: 3952 name: C:\Archivos de programa\HP\Digital Imaging\bin\hpqbam08.exe owner: Daniel domain: PORT
PID: 2468 name: C:\Archivos de programa\HP\Digital Imaging\bin\hpqgpc01.exe owner: Daniel domain: PORT
PID: 1036 name: C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe owner: Daniel domain: PORT
PID: 960 name: C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe owner: Daniel domain: PORT
PID: 4792 name: C:\Archivos de programa\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Daniel domain: PORT

Startup items:
Name: Nokia.PCSync
imagepath: "C:\Archivos de programa\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog
Name: NeroFilterCheck
imagepath: C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe
Name: PRONoMgr.exe
imagepath: C:\Archivos de programa\Intel\PROSetWireless\NCS\PROSet\PRONoMgr. exe
Name: SoundMan
imagepath: SOUNDMAN.EXE
Name: AGRSMMSG
imagepath: AGRSMMSG.exe
Name: LtMoh
imagepath: C:\Archivos de programa\ltmoh\Ltmoh.exe
Name: CplBCL50
imagepath: C:\Archivos de programa\EzButton\CplBCL50.EXE
Name: SunJavaUpdateSched
imagepath: "C:\Archivos de programa\Java\jre6\bin\jusched.exe"
Name: ATIModeChange
imagepath: Ati2mdxx.exe
Name: APVXDWIN
imagepath: "C:\Archivos de programa\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s
Name: HP Component Manager
imagepath: "C:\Archivos de programa\HP\hpcoretech\hpcmpmgr.exe"
Name: DXDllRegExe
imagepath: dxdllreg.exe
Name: TkBellExe
imagepath: "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
Name: hpqSRMon
imagepath: C:\Archivos de programa\HP\Digital Imaging\bin\hpqSRMon.exe
Name: Adobe Reader Speed Launcher
imagepath: "C:\Archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Name: QuickTime Task
imagepath: "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
Name: PDFPrint
imagepath: "C:\Archivos de programa\pdf24\PDFBackend.exe"
Name: Ad-Watch
imagepath: C:\Archivos de programa\Lavasoft\Ad-Aware\AAWTray.exe
Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
imagepath: Precargador Browseui
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Demonio de caché de las categorías de componente
Name: PostBootReminder
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
Name: CDBurn
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: SysTray
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Name: WPDShServiceObj
imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Name:
location: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Adobe Gamma Loader.lnk
imagepath: C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
Name:
imagepath: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\desktop.ini
Name:
location: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\HP Digital Imaging Monitor.lnk
imagepath: C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe
Name:
location: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Inicio rápido de HP Image Zone.lnk
imagepath: C:\Archivos de programa\HP\Digital Imaging\bin\hpqthb08.exe

Bootexecute items:
Name:
imagepath: autocheck autochk *
Name:
imagepath: lsdelete

Running services:
Name: ALG
displayname: Servicio de puerta de enlace de capa de aplicación
Name: Ati HotKey Poller
displayname: Ati HotKey Poller
Name: AudioSrv
displayname: Audio de Windows
Name: BITS
displayname: Servicio de transferencia inteligente en segundo plano
Name: Browser
displayname: Examinador de equipos
Name: CryptSvc
displayname: Servicios de cifrado
Name: DcomLaunch
displayname: Iniciador de procesos de servidor DCOM
Name: Dhcp
displayname: Cliente DHCP
Name: dmserver
displayname: Administrador de discos lógicos
Name: Dnscache
displayname: Cliente DNS
Name: ERSvc
displayname: Servicio de informe de errores
Name: Eventlog
displayname: Registro de sucesos
Name: EventSystem
displayname: Sistema de sucesos COM+
Name: FastUserSwitchingCompatibility
displayname: Compatibilidad de cambio rápido de usuario
Name: helpsvc
displayname: Ayuda y soporte técnico
Name: hpqcxs08
displayname: hpqcxs08
Name: hpqddsvc
displayname: Servicio HP CUE DeviceDiscovery
Name: HPSLPSVC
displayname: HP Network Devices Support
Name: Irmon
displayname: Monitor de infrarrojos
Name: JavaQuickStarterService
displayname: Java Quick Starter
Name: lanmanserver
displayname: Servidor
Name: lanmanworkstation
displayname: Estación de trabajo
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LmHosts
displayname: Ayuda de NetBIOS sobre TCP/IP
Name: MDM
displayname: Machine Debug Manager
Name: Net Driver HPZ12
displayname: Net Driver HPZ12
Name: Netman
displayname: Conexiones de red
Name: Nla
displayname: NLA (Network Location Awareness)
Name: Panda Software Controller
displayname: Panda Software Controller
Name: PAVFNSVR
displayname: Panda Function Service
Name: PavPrSrv
displayname: Panda Process Protection Service
Name: PAVSRV
displayname: Panda anti-virus service
Name: PlugPlay
displayname: Plug and Play
Name: Pml Driver HPZ12
displayname: Pml Driver HPZ12
Name: PolicyAgent
displayname: Servicios IPSEC
Name: ProtectedStorage
displayname: Almacenamiento protegido
Name: PSHost
displayname: Panda Host Service
Name: PSIMSVC
displayname: Panda IManager Service
Name: RasMan
displayname: Administrador de conexión de acceso remoto
Name: RegSrvc
displayname: RegSrvc
Name: RemoteRegistry
displayname: Registro remoto
Name: RpcSs
displayname: Llamada a procedimiento remoto (RPC)
Name: S24EventMonitor
displayname: Spectrum24 Event Monitor
Name: SamSs
displayname: Administrador de cuentas de seguridad
Name: Schedule
displayname: Programador de tareas
Name: seclogon
displayname: Inicio de sesión secundario
Name: SENS
displayname: Notificación de sucesos del sistema
Name: SharedAccess
displayname: Firewall de Windows/Conexión compartida a Internet (ICS)
Name: ShellHWDetection
displayname: Detección de hardware shell
Name: Spooler
displayname: Cola de impresión
Name: srservice
displayname: Servicio de restauración de sistema
Name: SSDPSRV
displayname: Servicio de descubrimientos SSDP
Name: stisvc
displayname: Adquisición de imágenes de Windows (WIA)
Name: TapiSrv
displayname: Telefonía
Name: TermService
displayname: Servicios de Terminal Server
Name: Themes
displayname: Temas
Name: TPSrv
displayname: Panda TPSrv
Name: TrkWks
displayname: Cliente de seguimiento de vinculos distribuidos
Name: W32Time
displayname: Horario de Windows
Name: WebClient
displayname: Cliente Web
Name: winmgmt
displayname: Instrumental de administración de Windows
Name: WmiApSrv
displayname: Adaptador de rendimiento de WMI
Name: wscsvc
displayname: Centro de seguridad
Name: wuauserv
displayname: Actualizaciones automáticas
Name: WudfSvc
displayname: Windows Driver Foundation - User-mode Driver Framework
Name: WZCSVC
displayname: Configuración inalámbrica rápida
InfoSpyware

  post #2  
Antiguo 14/03/09, 22:29:03
Avatar de Blottedisk
Usuario Habitual
  
Registrado: ene 2009
Ubicación: Argentina
Mensajes: 1.013
Re: Win32.TrojanDownloader.Agent
Hola Zhong

al Foro de Spyware

Consejos para antes de publicar un nuevo mensaje

Políticas del Foro de InfoSpyware


--------------------------------------------------------------------------------------


Bueno, vamos a comenzar eliminando malware de tu sistema. Realiza todos y cada uno de los siguientes pasos sin saltearte ninguno (para mayor comodidad trabaja con otro equipo a la vez o imprime los pasos):



Paso 1- Apaga Restaurar Sistema (Solo en Windows Me XP y Vista) y reinicia el PC a Modo a prueba de fallos (Modo seguro) con funciones de red.





Paso 2- Descarga, actualiza y ejecuta Malwarebytes' Anti-Malware || Manual

* Realiza un examen completo del PC y elimina las infecciones que este detecte.
* El reporte queda guardado en la pestaña "Logs" o "Registros" en español, abres el reporte y copias el contenido para pegarlo en este tema.



Paso 3- Descarga y ejecuta Dr. Web Cure-It || Manual



Paso 4- Descarga y ejecuta Ccleaner || Manual

* Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
* Después usa su opción de "Registro" para limpiar todo el registro de Windows.



Paso 5- Reinicia el sistema en modo normal y realiza un análisis completo del Pc con Kaspersky Antivirus Online || Manual


Paso 6- Descargá y ejecutá Prevx CSI

* Asegurate de estar conectado a Internet y comenzá el scan.
* Cuando termines, volvés al programa, seleccionás el menú Tools y luego Save Scan Results. Guardás el archivo en el escritorio y copias el reporte para pegarlo en un nuevo post.


* Nota *

- Al terminar reactiva el Restaurar Sistema


- Pega los reportes de Prevx CSI, Malwarebytes' Anti-Malware, Dr. Web Cure-It y Kaspersky así continuamos con el problema.
  post #3  
Antiguo 15/03/09, 17:02:24
Usuario
  
Registrado: mar 2009
Ubicación: España
Mensajes: 22
Re: Win32.TrojanDownloader.Agent
Ya estoy de nuevo aquí después de unos intensos escaneos. Sinceramente los resultados me descolocan pero como vosotros sois los expertos...ahí va! Por cierto, el enlace de Prevx CSI nos lleva al producto PrevxEdge en vez de Prevx CSI. ¡Muchas gracias! (lo envio en dos mensajes porque no me deja publicarlo al ser tan largo)

Reporte Malwarebytes

Malwarebytes' Anti-Malware 1.34
Versión de la Base de Datos: 1851
Windows 5.1.2600 Service Pack 2

15/03/2009 14:02:38
mbam-log-2009-03-15 (14-02-32).txt

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 180662
Tiempo transcurrido: 38 minute(s), 2 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 3
Carpetas Infectadas: 0
Ficheros Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Hijack.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Hijack.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Hijack.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
(No se han detectado elementos maliciosos)

Reporte Dr Web Cure-It

msd1cd.vbs c:\ probablemente SCRIPT.Virus Eliminado.
MSd1CD.vbs C:\ probablemente SCRIPT.Virus Ruta no válida al archivo
JSCRIPT5.CHM\htm/jstextwriteln.htm C:\Archivos de programa\Microsoft Office\OFFICE11\3082\JSCRIPT5.CHM una modificación de VBS.Generic.94
JSCRIPT5.CHM C:\Archivos de programa\Microsoft Office\OFFICE11\3082 Contenedor con objetos infectados Eliminado.
~$rad442.vbs C:\Documents and Settings\Daniel\Configuración local\Temp\Mso probablemente SCRIPT.Virus Eliminado.
~$rad446.vbs C:\Documents and Settings\Daniel\Configuración local\Temp\Mso probablemente SCRIPT.Virus Eliminado.
~$rad4F3.vbs C:\Documents and Settings\Daniel\Configuración local\Temp\Mso probablemente SCRIPT.Virus Eliminado.
~$rad612.vbs C:\Documents and Settings\Daniel\Configuración local\Temp\Mso probablemente SCRIPT.Virus Eliminado.
~$rad8F2.vbs C:\Documents and Settings\Daniel\Configuración local\Temp\Mso probablemente SCRIPT.Virus Eliminado.
~$radB97.vbs C:\Documents and Settings\Daniel\Configuración local\Temp\Mso probablemente SCRIPT.Virus Eliminado.

Reporte Kaspersky

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, March 15, 2009
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, March 15, 2009 16:47:19
Records in database: 1909096
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 107193
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 03:12:48


File name / Threat name / Threats count
C:\Documents and Settings\Daniel\Mis documentos\Trabajos Dani\Programas Descargados\Hacha\Hacha_3.5__Hjsplit__Hacha_Pro_2. 5_y_Hacha_pro_3.rar Infected: Trojan-Dropper.Win32.Agent.aceh 1

The selected area was scanned.
  post #4  
Antiguo 15/03/09, 17:04:12
Usuario
  
Registrado: mar 2009
Ubicación: España
Mensajes: 22
Re: Win32.TrojanDownloader.Agent
Reporte Prevx CSI

Prevx Scan Log - Version v3.0.1.17
Log Generated: 15/3/2009 21:46, Type: 0,0
Windows XP Professional Service Pack 2 (Build 2600) 32bit|3082
Some non-malicious files are not included in this log.

Last Scan: Sun 2009-03-15 21:45:54 Hora estándar romance. Number of Scans: 1. Last Scan Duration: 1 minute 45 seconds.
[U] c:\archivos de programa\pdf24\pdfbackend.exe [PX5: ECB8D32B005715B00CA7020D19291E007CB27420]
[U] c:\windows\optcheck.exe [PX5: C1B7D453480AFA1EEE54042FCBF24A009231E891]
[U] c:\windows\opterase.exe [PX5: 4A74F426C80FEBC3CD570295152976003A66D774]
[U] c:\archivos de programa\lavasoft\ad-aware\toolbox\lt\processwatch.exe [PX5: 5EA4B0D2687E7AAF75781CFBA5763100127176F9]
[U] c:\archivos de programa\lavasoft\ad-aware\shellext.dll [PX5: A6B44FE96095AA8941FC016F791007009FB6EDE1]
[U] c:\documents and settings\daniel\lametritonus_sb.dll [PX5: 69FCE638007C01CCD024001D959000005C52D5CC]
[U] c:\archivos de programa\divx\divxbundleuninstall.exe [PX5: 8BBFD997B0C3D6E0EB1501CEBA529500A66F4722]
[U] c:\archivos de programa\octoshape streaming services\daniel\uninst.exe [PX5: 8850373754FF162B2FC20313FDE8B4000054A16D]
[U] c:\archivos de programa\manycam 2.3\uninstall.exe [PX5: 60C5E9190B571ADEC50900E126B85F00B61FB175]
[U] c:\documents and settings\daniel\mis documentos\trabajos dani\programas descargados\le conjugueur\leconjugueur.exe [PX5: B92F0B38009EFE2DB03305C14AED9E0080F56A0B]
[U] c:\archivos de programa\divx\divxplayeruninstall.exe [PX5: 8BBFD997B0C3D6E0EB1501CEBA529500A66F4722]
[U] c:\windows\system32\lsdelete.exe [PX5: F2FD53814840A46D3DCB00A8B931410067C764B8]
[U] c:\archivos de programa\pdf24\pdffrontendex.exe [PX5: 5B468BA000F158F412F819DFD9D66B00ED58E739]
[U] c:\archivos de programa\manycam 2.3\manycam.exe [PX5: B878EA2D281C4A3955041BD3C534A10060169E51]
[UP] c:\archivos de programa\ares\ares.exe [PX5: 7D587D48002AA4B676180D640360760016C2B922]
[U] c:\archivos de programa\google\common\google updater\googleupdaterservice.exe [PX5: 71C40966F02912EFC9050264CE7AA400211E37FD]
[UP] c:\archivos de programa\ares\chatserver.exe [PX5: 223503F90068610450370632329BE400FE069BE2]
[G] (ACTIVE) c:\windows\system32\ntlsapi.dll [PX5: 84F8BE37006C52E520B8003B3C2E0700C2313FB8]
[G] (ACTIVE) c:\windows\system32\wscntfy.exe [PX5: D019625200E6E09B3694008A88863A0076A2BEE7]
[G] (ACTIVE) c:\windows\system32\atl71.dll [PX5: E909302D009C54105C6B0151449A85009FE0FD3B]
[G] (ACTIVE) c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0 _es_a53cf5803f4c3827\hpqisrtb.resources.dll [PX5: EC3FD27A0010560540B90007A9330500CE628ED6]
[G] (ACTIVE) c:\windows\assembly\gac\hpqfmrsc.resources\3.0.0.0 _es_a53cf5803f4c3827\hpqfmrsc.resources.dll [PX5: 44A164FC00ED74071EB800DBE4E8AF002EA6AE29]
[G] (ACTIVE) c:\windows\assembly\gac\accessibility\1.0.5000.0__ b03f5f7f11d50a3a\accessibility.dll [PX5: C498A8200024C3231E4A003865AD07000660F252]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\es\hpqmirsc.resources.dll [PX5: 8BC427DF006B02ED80CA000250381B00210CD807]
[G] (ACTIVE) c:\windows\assembly\gac\lead.drawing\13.0.0.66__9c f889f53ea9b907\lead.drawing.dll [PX5: 8953CD8E00599BAF40D701D2A0840400FC2B8BAC]
[G] (ACTIVE) c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf580 3f4c3827\hpqisrtb.dll [PX5: 56FFE1250011E43D8066006ADE02CA005BA71944]
[G] (ACTIVE) c:\windows\assembly\gac\hpodmres.resources\3.0.0.0 _es_a53cf5803f4c3827\hpodmres.resources.dll [PX5: B26694CC00416EE614C900F989A8620099CE1E38]
[G] (ACTIVE) c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0 _es_a53cf5803f4c3827\hpqcprsc.resources.dll [PX5: 91398E59002B3833181000CC9726F50031DAC5FE]
[G] (ACTIVE) c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf580 3f4c3827\hpqcprsc.dll [PX5: CB867921001F3BCD809E0082201FD600E350966F]
[G] (ACTIVE) c:\windows\assembly\gac\lead.windows.forms\13.0.0. 66__9cf889f53ea9b907\lead.windows.forms.dll [PX5: C75399FC003D240190F70038296D6000A36E0131]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqstp08.rsc [PX5: C70539DD00FCA1142ED700A48F352F00E3484783]
[G] (ACTIVE) c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf580 3f4c3827\hpqasset.dll [PX5: 6A6569090092E41B600000BDBF8F2900025FCF8A]
[G] (ACTIVE) c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf580 3f4c3827\hpqthumb.dll [PX5: FA613E1B007FBAC5B0C20034CC0F3E008739943E]
[G] (ACTIVE) c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a 53cf5803f4c3827\interop.hpqimgr.dll [PX5: D30B7E090066333828E400399D2966001440FFE7]
[G] (ACTIVE) c:\windows\assembly\gac\hpqietpz.resources\3.0.0.0 _es_a53cf5803f4c3827\hpqietpz.resources.dll [PX5: C5DA8A23000AC34DE0DE009427A5AC002F9C2F07]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqmirsc.dll [PX5: CBC93A7200D61432C01500794B92E4007BEAC4C7]
[G] (ACTIVE) c:\windows\system32\hidphone.tsp [PX5: E2DCFBE200670E2476E800FB7902FC006C8EB2A0]
[GP] (ACTIVE) c:\windows\assembly\gac\hpodmres\3.0.0.0__a53cf580 3f4c3827\hpodmres.dll [PX5: 94596A8400B202E250CE0990B66234007F06DEEE]
[G] (ACTIVE) c:\windows\assembly\gac\hpqtray.resources\3.0.0.0_ es_a53cf5803f4c3827\hpqtray.resources.dll [PX5: 3A2037F500594220B07F03E482806F004E202BC6]
[G] (ACTIVE) c:\windows\system32\modemui.dll [PX5: 1CF91C1E002EA7364E3E029D2698A100F61500C7]
[G] (ACTIVE) c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf580 3f4c3827\hpqccrsc.dll [PX5: B34CA3D300312A3FF0CC02B1FD4666007526A379]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqsplh08.dll [PX5: 121C67150085DAE61028010C07339900089AFFF7]
[G] (ACTIVE) c:\windows\system32\mfc71.dll [PX5: 6CC9C2640078308D309410C7EE8D9E0004FCAA75]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqstp08.dll [PX5: 21E156C0009EFA3270C9030A0C401900C451AF86]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqssm08.dll [PX5: 5C6F7BBA0098DA6460A902436AF2D40069053934]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpocxi08.dll [PX5: 059504EF00DB7384C09B06F77DC7C6007A8DE358]
[G] (ACTIVE) c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf580 3f4c3827\hpqietpz.dll [PX5: 43C404480053EB866092095A9EA9050011E0031C]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqimgr.dll [PX5: 3CF8501500BBAB7C50DF0731E2C57300E3FE3A3B]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqsem08.rsc [PX5: 3F98B68F005F30DF901C0E2DDDE82A00437A9A0A]
[G] (ACTIVE) c:\windows\system32\ntdll.dll [PX5: 98EF83350066C7012EB20B444BEBEA00FDFA1B1D]
[G] (ACTIVE) c:\windows\system32\apphelp.dll [PX5: 2E534C590076A85BF05D01EC9E4FFB0041CC8F28]
[GP] (ACTIVE) c:\windows\system32\shlwapi.dll [PX5: 5CE7C78F0013FB2E3ECF073D58A10F002D35474D]
[G] (ACTIVE) c:\windows\system32\wldap32.dll [PX5: 78532EC4002CE532A2010226E6EC3100D288D46A]
[G] (ACTIVE) c:\windows\system32\msasn1.dll [PX5: 53A680C5001F77D2E015002794535400615D5BDC]
[G] (ACTIVE) c:\windows\system32\oleaut32.dll [PX5: D947C0320023C1EC686E08689A5979000E5A87B2]
[G] (ACTIVE) c:\windows\system32\winsta.dll [PX5: D29D7238005E39C8D2660086022E850047F553AA]
[G] (ACTIVE) c:\windows\system32\kernel32.dll [PX5: 0AD652AA00FC1D0CD6930F5593CD84003EAA2675]
[G] (ACTIVE) c:\windows\system32\normaliz.dll [PX5: E3FC1A7000BA1C775C420052AC60C600F74EBAFC]
[G] (ACTIVE) c:\windows\system32\rpcrt4.dll [PX5: B94B9B48001AE653EAB808B51D4BF6004A4B2CE0]
[G] (ACTIVE) c:\windows\system32\mpr.dll [PX5: E1769E5D002BB291EAE5000F10C15F003F050C88]
[G] (ACTIVE) c:\windows\system32\profmap.dll [PX5: 464AF86000D0EF596C4F00D134ACAA006B5210F5]
[G] (ACTIVE) c:\windows\system32\smss.exe [PX5: EAEF384300B86E2BC60900AD18ED0300293E33E9]
[G] (ACTIVE) c:\windows\system32\ole32.dll [PX5: 85434D2700A77E169AF713D8C3B0DC0010212224]
[G] (ACTIVE) c:\windows\system32\ws2_32.dll [PX5: D0E28E6300700B1344D7019D11CF0E00A6D97321]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\memvfile.dll [PX5: 21365AAB3074ED7728BA00BA330BF700B8AF89F5]
[G] (ACTIVE) c:\windows\system32\user32.dll [PX5: D423C40D007DC87CD48F089CF302B800BD365EF2]
[G] (ACTIVE) c:\windows\system32\csrss.exe [PX5: 457E08CD00DE83E3183600665DD0AE00CE0C5D18]
[G] (ACTIVE) c:\windows\system32\secur32.dll [PX5: D47AEB0E00BFF984DA8900537F5177003C41273E]
[G] (ACTIVE) c:\windows\system32\regapi.dll [PX5: 8994521200ACB6D2C2EE007361942C00C7AF9AD6]
[G] (ACTIVE) c:\windows\system32\gdi32.dll [PX5: 10B2AD5B00FBE98F54E9043E0128720087370407]
[G] (ACTIVE) c:\windows\system32\sfc.dll [PX5: 16BA5AAF006AA18914FD002B882F7D000268955C]
[G] (ACTIVE) c:\windows\system32\rasadhlp.dll [PX5: 44992DD300BD805F2027003B3C2E07007AE475CE]
[G] (ACTIVE) c:\windows\system32\wintrust.dll [PX5: F100221C002C3B32B2670226273B85008E88AB48]
[G] (ACTIVE) c:\windows\system32\msimg32.dll [PX5: 60CFE62D006411D9129100D0C427CA00FCBA3F32]
[G] (ACTIVE) c:\windows\system32\imagehlp.dll [PX5: CB27BFD000EA8A5C340F02F2506EE8007827234E]
[G] (ACTIVE) c:\windows\system32\authz.dll [PX5: 869C1EE500523D0FDE60003D7F38BD00C6DB4829]
[G] (ACTIVE) c:\windows\system32\basesrv.dll [PX5: CDE7154D0060E2E4CE1D00F8B4D58500225DA231]
[G] (ACTIVE) c:\windows\system32\nddeapi.dll [PX5: 0E25A19F00E774A0488300C192BED300190B75F5]
[G] (ACTIVE) c:\windows\system32\psapi.dll [PX5: 5DB1DF3A00AE978A5A1800B9B5A8C300F46B0147]
[G] (ACTIVE) c:\windows\system32\wininet.dll [PX5: 7477CEC2001677879CF70CBCDB8F0F00B4BFC046]
[G] (ACTIVE) c:\windows\system32\comdlg32.dll [PX5: 35BADF82002DFDB3487D042258AF1F008796AEC8]
[G] (ACTIVE) c:\windows\system32\version.dll [PX5: 17E09890009DDCC84AAD00E153CBBA004DC22A42]
[G] (ACTIVE) c:\windows\system32\ws2help.dll [PX5: 24F60F18004A18B14EEC00B4A6264D00CDC99D7F]
[G] (ACTIVE) c:\windows\system32\csrsrv.dll [PX5: 672F934100D50DA280D100335AB03A000F9E986B]
[G] (ACTIVE) c:\windows\system32\imm32.dll [PX5: EAF58DAC001A7574AE3A01510D2524000AD51A29]
[G] (ACTIVE) c:\windows\system32\ntmarta.dll [PX5: 0D1DDBEE00F103CCD4AF019C0B4A10006C9192C5]
[G] (ACTIVE) c:\windows\system32\msacm32.dll [PX5: 0D1DE66A00D4DB3A1A3401A597817D0037CCF287]
[G] (ACTIVE) c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [PX5: 6C2DA8F700C891F6167D107D5B6FFD0077DB39A8]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskalloc.dll [PX5: B28CDA41307129A5661A00FD968BF400F4F4A37D]
[G] (ACTIVE) c:\windows\system32\winsrv.dll [PX5: EA125ACC0017E3527A0804FB6E773E005218A2D4]
[G] (ACTIVE) c:\windows\system32\shimeng.dll [PX5: 279F1622004662C4002001439E899A002CD6FF56]
[G] (ACTIVE) c:\windows\system32\cryptui.dll [PX5: 129C767D00A220AE1057086D08D9310040D9E487]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskutil.dll [PX5: 4066986D30517B643F780108A45863003CA83F5D]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\avengdll.dll [PX5: 7CC0217330183D0ED60200CF0AC19A007392EE80]
[G] (ACTIVE) c:\windows\system32\rsaenh.dll [PX5: 19B797A900BB112F5426027FDD39EC001D5760F1]
[G] (ACTIVE) c:\windows\system32\netapi32.dll [PX5: 6EC693D000F863B614FE057D51A181005BF963CE]
[G] (ACTIVE) c:\windows\system32\ncobjapi.dll [PX5: 659F6BDC000C16A88E7100EBB57A6700BA4B1BAB]
[G] (ACTIVE) c:\windows\system32\odbcint.dll [PX5: E9DA0BA800AA7FCA80D3017B50890400AB9367CF]
[G] (ACTIVE) c:\windows\system32\samlib.dll [PX5: 0A4259CD00125305FA5E00E12F5DF70023F5487C]
[G] (ACTIVE) c:\windows\system32\sfc_os.dll [PX5: 7D6F505700566C3D2A44029CE35AC300B5CC4E83]
[G] (ACTIVE) c:\windows\system32\sxs.dll [PX5: 0B049B4B00FDCF13EE780AEF92F9EE0027D7C70A]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskvfile.dll [PX5: F3C62036301EBAF14A200005D5E5F4004B682FD8]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskvfs.dll [PX5: 704067B2307372684798018CD8A4D60055095D7D]
[G] (ACTIVE) c:\windows\system32\userenv.dll [PX5: A72C91C40047264B22F50B5AA68B76000446A2E5]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskpack.dll [PX5: 1541AB2330860A079CB5007BB7790D00EBC8808C]
[G] (ACTIVE) c:\windows\system32\schannel.dll [PX5: 26AB19DA00FA09A936D60289435FAB0097E90D78]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pavvt.dll [PX5: E10B917B3001AE2FBE8E00EEE73ECF00A280DAAA]
[G] (ACTIVE) c:\windows\system32\msctfime.ime [PX5: D4826BFB0058A22FB40702CAEFA82D00B1A843FB]
[G] (ACTIVE) c:\windows\system32\samsrv.dll [PX5: 3C608BC000CE21C68C4E06BCC0EDF60056CE127A]
[G] (ACTIVE) c:\windows\system32\msvcp60.dll [PX5: 2D7DD02900BE71EC5085060A796CD8001A29C65E]
[G] (ACTIVE) c:\windows\system32\msgina.dll [PX5: 2A7186AA00D0A8B542390FFB32187D0006E7DFAB]
[G] (ACTIVE) c:\windows\system32\winlogon.exe [PX5: D62A3B7C00E89575B6CC07CFE43BE4002BBE03EA]
[G] (ACTIVE) c:\windows\system32\msprivs.dll [PX5: E30E7715004FDC23BCE10065E2B2780066A6BA36]
[G] (ACTIVE) c:\windows\system32\wmi.dll [PX5: DB6BBB81002B12B116A5006A26ACBD00DFD8FD5B]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskmdfs.dll [PX5: 82BED88B30E9D1044E6900707878A1003059E5F9]
[G] (ACTIVE) c:\windows\system32\shdocvw.dll [PX5: D9FE865200F9C218D0E616C0CC5CD600671E086E]
[G] (ACTIVE) c:\windows\system32\msv1_0.dll [PX5: 4F662A0E00F27A20FA0D01B81C65BB00CC35E701]
[G] (ACTIVE) c:\windows\system32\cryptdll.dll [PX5: 4E5B27930078862F82C600020204960096544D9A]
[G] (ACTIVE) c:\windows\system32\setupapi.dll [PX5: 86B2723300EAF0FA40960F6622B8E300EF682B50]
[G] (ACTIVE) c:\windows\system32\umpnpmgr.dll [PX5: A0722C41001DFC8BE6A7011B43DD83005C160D57]
[G] (ACTIVE) c:\windows\system32\wsock32.dll [PX5: 2C097C2B007169C964BA0014DCE7CC005EEFF8B1]
[G] (ACTIVE) c:\windows\apppatch\acadproc.dll [PX5: 4481FDAC006BDDB69ABC00D7D79D140035AF8893]
[G] (ACTIVE) c:\windows\system32\eventlog.dll [PX5: 6EF7BBA8001E9CD9DA5600E2BE4F3C00A92A830A]
[G] (ACTIVE) c:\windows\system32\msidle.dll [PX5: C01BDBB100B3849C1AFE00448F955F00220937D5]
[G] (ACTIVE) c:\windows\system32\iphlpapi.dll [PX5: 352A2D920078A26F746401FF71F80300B30353A7]
[G] (ACTIVE) c:\windows\system32\msvcrt.dll [PX5: EAD3CF360087D2AD3C120509FE506F0095FEE97D]
[G] (ACTIVE) c:\windows\system32\shfolder.dll [PX5: 3376B191009ABDE8627700E93AF072006CF833A6]
[G] (ACTIVE) c:\windows\system32\ntdsapi.dll [PX5: E54F018B0042836806A701AA022FCD00031E5B24]
[G] (ACTIVE) c:\windows\system32\winrnr.dll [PX5: 634398C900A7C2A842AB003098E89200C986BEE2]
[G] (ACTIVE) c:\windows\system32\odbc32.dll [PX5: 254CEA4B00E1697FD015036BACB9C10046492F60]
[G] (ACTIVE) c:\windows\system32\icaapi.dll [PX5: 7C70CD8A005CCAE92CC10044E2AB07008CB1961C]
[G] (ACTIVE) c:\windows\system32\wtsapi32.dll [PX5: 56DACE0F004CDD7F48CB007245065C008FDA35BC]
[G] (ACTIVE) c:\windows\system32\iertutil.dll [PX5: 113CD2F1005016D81659042CCB521800393808C2]
[G] (ACTIVE) c:\windows\system32\msctf.dll [PX5: 99BE7CFE008D202D80AA04B06FA73C00987CB41F]
[G] (ACTIVE) c:\windows\system32\wdigest.dll [PX5: AA8C83CD00C8BF0BC0EE005925A79E008667520F]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\gwstore.dll [PX5: BD055D3130A40607CD140085A9538D00F6ED7036]
[G] (ACTIVE) c:\windows\system32\dnsapi.dll [PX5: 443C3E9C00F32706460902DB54A51D002B0DAFE8]
[G] (ACTIVE) c:\windows\system32\winscard.dll [PX5: 9D7EFE12000ADB8E8887013E8876730069BE0C5D]
[G] (ACTIVE) c:\windows\system32\comctl32.dll [PX5: 58711F2E006292906CA709BAB1FB73009B925961]
[G] (ACTIVE) c:\windows\system32\winmm.dll [PX5: 0468DD7F005BE141C0A3022C5AD8F40051FF491A]
[G] (ACTIVE) c:\windows\system32\uxtheme.dll [PX5: 5BD2A2E6009DC26F5C520314A5669E00732CFAA0]
[G] (ACTIVE) c:\windows\system32\scesrv.dll [PX5: 911C3B80009A7DEDF225041A41C0A6001595C16F]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskas.dll [PX5: 4A09A630305850471601019AE9FE160015E9800E]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\avengine.exe [PX5: C825A25130E42568790E016D568E9A00F611E1D3]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskcmp.dll [PX5: 32FD2DDB306A7570F573062DEABC23002122FD1F]
[G] (ACTIVE) c:\windows\system32\rtutils.dll [PX5: CC95D32B00130FA5ACFA00D907EAE700F3E912C7]
[G] (ACTIVE) c:\windows\system32\wuauclt.exe [PX5: 84E432BC180DA03EC8AE001EFB581900EB96F5B8]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskscs.dll [PX5: 1DE1BDEE30B1B39B8560046B76893B006CB6B603]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pavlsp.dll [PX5: 8B81725830937102B59502686DFD0E0084BC5EFA]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pavsrvdl.dll [PX5: A6F6C62530E468A3F54200519E976A004B76EB84]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\libxml2.dll [PX5: AC021F300097CF3FC0E5075B60419E00F6734C8E]
[G] (ACTIVE) c:\archivos de programa\archivos comunes\panda software\pavshld\procprot.dll [PX5: 5E8A365D30F70D5FB55D0128A1B44E00AF5469DD]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\parserfw.dll [PX5: 57539AB630DE9A7C89AA02CBE658F600555C2372]
[G] (ACTIVE) c:\windows\system32\msvcp71.dll [PX5: F133D4F000B92F08A0E107FD67B66E0015498C05]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskavs.dll [PX5: 578D88E830766FEA09C60C46995F1B000793ABA2]
[G] (ACTIVE) c:\windows\system32\certcli.dll [PX5: 2F400EDF005031590C1B03A79E33680065438D9F]
[G] (ACTIVE) c:\windows\system32\hnetcfg.dll [PX5: 85F02F59005F04964C7C05B743856A0073209A98]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pavcntrs.dll [PX5: 4ACA285F302B8567561A015098D25000CFCEB583]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskhtml.dll [PX5: C5461E8530D080B656B103978D0A4F000A80EB33]
[G] (ACTIVE) c:\windows\system32\xpsp2res.dll [PX5: 6CA97E5F00898EC644792D6118710400D3D14C71]
[G] (ACTIVE) c:\windows\system32\esent.dll [PX5: 1EC7418C00A2CE2FB6CE10FF97FB04001536C3EC]
[G] (ACTIVE) c:\windows\system32\netrap.dll [PX5: 08EC4AB2006CCA2930AE000DBD733C008130944B]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskfss.dll [PX5: 420DB2E93071AA739518014650D285000EF2ED66]
[G] (ACTIVE) c:\windows\system32\tputil.dll [PX5: 5D264929308136547641024E11D7A2006156BAD2]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskahk.dll [PX5: DE879F5B301EE71FD52C1E0D5C374C00E299487B]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pskvm.dll [PX5: 31CE167F30740027CB690287F171C600C95B7DC0]
[G] (ACTIVE) c:\windows\system32\msvcr71.dll [PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pavtpu.dll [PX5: 3FC7C21F303EE3C8158702C454A5C1004A543835]
[G] (ACTIVE) c:\archivos de programa\archivos comunes\panda software\pavshld\pavshld.dll [PX5: A7A6995B30ACE56CA5FE038587FC5800709C95CE]
[G] (ACTIVE) c:\windows\system32\wudfplatform.dll [PX5: 68EBF21300004703807D023B513C9C00752717BA]
[G] (ACTIVE) c:\windows\system32\atl.dll [PX5: 4712F2F6008A4DC9E6A3004879775D0068D64C02]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\icl_cfg.dll [PX5: 4C7147CA3079B00815270273D0DCB60048B7E008]
[G] (ACTIVE) c:\windows\system32\netlogon.dll [PX5: 7C4C538A00B0693C362206A7BBB24600C4D5AA8C]
[G] (ACTIVE) c:\windows\system32\duser.dll [PX5: 66E717F600C04788A4CA04C2AD90EC008BCEE3C3]
[G] (ACTIVE) c:\windows\system32\clbcatq.dll [PX5: DDDD061C00DDD1C99CCC07876975D500625A98BF]
[G] (ACTIVE) c:\windows\system32\pavipc.dll [PX5: F587A66E30750E32F6620035417801001E48AFBE]
[G] (ACTIVE) c:\windows\system32\kerberos.dll [PX5: CE55A83D0044F5988491040C84B56F00EF1B8F26]
[G] (ACTIVE) c:\windows\apppatch\acgenral.dll [PX5: 9270CCBD009E086C44D81C9C0E15FE00E531DCC8]
[G] (ACTIVE) c:\windows\system32\rasman.dll [PX5: 105F6FB0002D89D3F04E005C98AFF9003FE7AB2C]
[G] (ACTIVE) c:\windows\system32\powrprof.dll [PX5: 09290C9900B2127E4485007208C0330020D5346C]
[G] (ACTIVE) c:\windows\system32\comres.dll [PX5: D3FD3AB2006F991AC6A30C7CE8FD7800CDC842F1]
[G] (ACTIVE) c:\windows\system32\lsasrv.dll [PX5: 4A2D1F9A00EE2E84164F0B1A2FFB09004D96F628]
[G] (ACTIVE) c:\archivos de programa\java\jre6\bin\msvcr71.dll [PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7]
[G] (ACTIVE) c:\windows\system32\sensapi.dll [PX5: 979BAA3800B378B51AB50084442FCD0003FBB75B]
[G] (ACTIVE) c:\windows\system32\zcfgsvc.exe [PX5: 2E56B13D006AFA83C0FF05F1D95115000F9F8273]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqste08.exe [PX5: FBB82F7B00210F3FD01202C64EC72300B60C4C58]
[G] (ACTIVE) c:\windows\system32\usbmon.dll [PX5: BB95C04D0002A012429B00DADB792600AEDE6330]
[G] (ACTIVE) c:\windows\system32\mdimon.dll [PX5: EA52985F881491026DDF00E6CF431700709C524A]
[G] (ACTIVE) c:\windows\system32\mprapi.dll [PX5: FB95FFCB00846CE4547B017CD7ABC1005780758E]
[G] (ACTIVE) c:\windows\system32\activeds.dll [PX5: 5A8CD8B7002647C8F6250205FD961200BC73E390]
[G] (ACTIVE) c:\windows\system32\rasapi32.dll [PX5: 567602E200FFE5CC9E5B03564D831C00FC92B97A]
[G] (ACTIVE) c:\windows\system32\tapi32.dll [PX5: CDD5F0E800F5E5E3C61D0271F9934A006CD45B41]
[G] (ACTIVE) c:\windows\system32\pfmgrapi.dll [PX5: 90923C47006A0F58605203F047B9C600B61F7727]
[G] (ACTIVE) c:\windows\system32\pjlmon.dll [PX5: A8F33D6C008BC3F33C73006C67F57E00A04CC944]
[G] (ACTIVE) c:\windows\system32\snmpapi.dll [PX5: D96E61CE001A311C4A670026245D2100887BB9F7]
[G] (ACTIVE) c:\windows\system32\psguimgr.dll [PX5: E3F8AFDE0040E645708E0D484AC71900BE6993AC]
[G] (ACTIVE) c:\windows\system32\mstlsapi.dll [PX5: 0DD9363400470019C4F901369ADAFD0038B16027]
[G] (ACTIVE) c:\windows\system32\spool\prtprocs\w32x86\mdippr.d ll [PX5: 4D4AE505884240F76F32007DF0119700FF03BCA4]
[G] (ACTIVE) c:\windows\system32\tcpmib.dll [PX5: 4DBBA373000A5A473A2900278BCFBD0043922587]
[G] (ACTIVE) c:\windows\system32\midimap.dll [PX5: 24DF17C9002D88084A0000F598A51000C779A4FD]
[G] (ACTIVE) c:\windows\system32\psregapi.dll [PX5: 0407582A00CAF1CFA06E026C1FF72B0098D68E4E]
[G] (ACTIVE) c:\windows\system32\systools.dll [PX5: 90B4FFAF00473CD08EAF015B62097D0026F46C55]
[G] (ACTIVE) c:\windows\system32\adsldpc.dll [PX5: 8E406B6F00EF99F53026027F152EC400715D87FC]
[G] (ACTIVE) c:\windows\system32\mgmtapi.dll [PX5: 49947C0000CEC97B3AB20042F20C17007241F68A]
[G] (ACTIVE) c:\windows\system32\wconfig.dll [PX5: C8DD77D200F793D9702C08D9BE16C200528647FA]
[G] (ACTIVE) c:\windows\system32\c1xstngs.dll [PX5: 198A1B6500ED8440402703FA85135B00B2F3502C]
[G] (ACTIVE) c:\windows\system32\wifiadap.dll [PX5: B224BA060038E808B0E301EE42C96F006F83B4BF]
[G] (ACTIVE) c:\archivos de programa\intel\prosetwireless\proset\esn\pmapiesn. dll [PX5: EDE80E9D00E1B480506400B79802D90059A169B0]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqgpc01.exe [PX5: 2F7059A100FDCF12003F046D88E59A00D8709300]
[G] (ACTIVE) c:\windows\system32\wsnmp32.dll [PX5: B81F62DB00084892A6A600294A020B00E18C2D21]
[G] (ACTIVE) c:\archivos de programa\windows media player\wmpband.dll [PX5: F6834A59007867DC7A5F013351A569006132E2D2]
[G] (ACTIVE) c:\windows\system32\wzcsapi.dll [PX5: 72E79423008CC47DCAC3000BF959BF008CCA7DBD]
[G] (ACTIVE) c:\windows\system32\oledlg.dll [PX5: 0B349EEF008794C4E608012EA6CE1B0044F500AC]
[G] (ACTIVE) c:\windows\system32\wpdshserviceobj.dll [PX5: 7176B495005E12B50A520234E7E1AF00FB8DD268]
[G] (ACTIVE) c:\windows\system32\ntshrui.dll [PX5: 7CF2F9680005A80F3670025CC8B2C1000E90E978]
[G] (ACTIVE) c:\windows\system32\stobject.dll [PX5: 74D5AFEE0058724FDE5201D468B94C0001BBC8FE]
[G] (ACTIVE) c:\windows\system32\winhttp.dll [PX5: D1184F8A000329A15C2C0581976F3900B9C6357E]
[G] (ACTIVE) c:\windows\system32\wbem\wbemprox.dll [PX5: 41AF53F000D76A754A3B0017C766460059B4913B]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqddcmn.dll [PX5: A73C1EF10074A6D4D07002ED2757BF00ABDC8E9A]
[G] (ACTIVE) c:\windows\system32\msacm32.drv [PX5: 627AD51D00148556522200427C818D0043F4CF77]
[G] (ACTIVE) c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a 1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll [PX5: 4B6AF860005E2DB6B4260971351F230010BD1760]
[G] (ACTIVE) c:\windows\system32\linkinfo.dll [PX5: 87EB2C9D005DD1A14E450046E4D6CC00209A4616]
[G] (ACTIVE) c:\archivos de programa\archivos comunes\microsoft shared\vs7debug\3082\mdmui.dll [PX5: FF526CE600876F1B602C00112F4B2A00B01BDFC0]
[G] (ACTIVE) c:\windows\system32\batmeter.dll [PX5: 0CBAEF8400F9F02570C400FC5F48D3006CB1F08B]
[G] (ACTIVE) c:\windows\system32\tcpmon.dll [PX5: E69B2BE700ABB98FB63E003AA4CF500094509247]
[G] (ACTIVE) c:\windows\system32\1xconfig.exe [PX5: 17D842530074602BD0010214C38C84003EC58A7A]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqbam08.exe [PX5: 9F526AC9008FBF3250AC0999A5F0130061D74F02]
[G] (ACTIVE) c:\windows\system32\actxprxy.dll [PX5: 08D91898002A5E8F8E45010BE1EF6000D6D8311B]
[G] (ACTIVE) c:\windows\system32\msi.dll [PX5: B09678EF00F05CBD8EB12B2266AE24009D824D36]
[G] (ACTIVE) c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a 1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll [PX5: 5705CBCE00CDFB7384FA08D41193B300A8C4800C]
[G] (ACTIVE) c:\windows\system32\dsound.dll [PX5: E6E1E181002A93F29CC505BC0371CD0097C9FC4C]
[G] (ACTIVE) c:\windows\system32\pavshook.dll [PX5: 36EAC8B0304442BE75F7043577F7E90053BE9061]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\pavtrc.dll [PX5: 2B0FF288309F0C76350902CF3A80A900DF6BE36A]
[G] (ACTIVE) c:\windows\system32\mydocs.dll [PX5: 1980F96D004008BD64080142D36FCC00707E97C8]
[G] (ACTIVE) c:\windows\system32\s24mudll.dll [PX5: 4BF70D3400C51A5F1091015B7CEF6F00B0872FBE]
[G] (ACTIVE) c:\windows\system32\odbcbcp.dll [PX5: 18E2722C00CF877760370035AE24B900A256E8CE]
[G] (ACTIVE) c:\windows\system32\portabledevicetypes.dll [PX5: 79585FF4007031758CF802904E46EE00DF2F75D4]
[G] (ACTIVE) c:\windows\system32\browseui.dll [PX5: 74E197CD00F453B89CCF0F389ED22800A2F5D2C7]
[G] (ACTIVE) c:\windows\system32\netshell.dll [PX5: 8F61EBEE007CF701368C1AE01A3E160004C67871]
[G] (ACTIVE) c:\windows\system32\olepro32.dll [PX5: 0FB8559900CCC4AB461A010B73ADAB007DABB930]
[G] (ACTIVE) c:\windows\system32\cnbjmon.dll [PX5: C6D0F05C00D08C54C40800EE1DDA56004CF2217A]
[G] (ACTIVE) c:\windows\system32\mlang.dll [PX5: B58CF9FF00C71BB4F23308B27C750F009F6ECAC6]
[G] (ACTIVE) c:\windows\system32\credui.dll [PX5: 4B1C54330056D4F18654029213832F00541A786D]
[G] (ACTIVE) c:\windows\system32\themeui.dll [PX5: 2500D8B70090FCF0F62105A70B2114002CDD47FE]
[G] (ACTIVE) c:\windows\system32\wdmaud.drv [PX5: 1D5D80A1007CAE6E5CD700B54F7AC9005DCD202D]
[G] (ACTIVE) c:\windows\system32\wbem\wbemcomn.dll [PX5: 93B00EDC0040901346F3037FF72C08006DF56EA5]
[G] (ACTIVE) c:\archivos de programa\intel\prosetwireless\proset\esn\zcsvcesn. dll [PX5: 189D9B3900D81EF990A800B32BBD950094D689A0]
[G] (ACTIVE) c:\windows\system32\wbem\esscli.dll [PX5: 16FC3DB200BAAC77C8B4030B6F14AB00849854F2]
[G] (ACTIVE) c:\archivos de programa\nokia\nokia pc suite 7\phonebrowser.dll [PX5: 5003FD6700B2E935546009B67D62C200AC4714FC]
[G] (ACTIVE) c:\windows\system32\msxml3.dll [PX5: DE8EF42C00DF6418E41510179EABBD009FA5D9E0]
[G] (ACTIVE) c:\windows\system32\win32spl.dll [PX5: 2AC399FE003F737390A2015FBD175700DE719B51]
[G] (ACTIVE) c:\windows\system32\hpz3l5ha.dll [PX5: AC3C088F0034460BCEAA015B646FDB00A85135B0]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\idsflt.dll [PX5: D67B377930DBEFB856DD01569E956800D82C449F]
[G] (ACTIVE) c:\windows\system32\wups2.dll [PX5: C42F62EC18C4806CAA68006E7A0A2200A2691D5B]
[G] (ACTIVE) c:\windows\system32\portabledeviceapi.dll [PX5: 413BE4C6002C530256CD0467F46CFA0079ACDAE6]
[G] (ACTIVE) c:\windows\system32\mfc42loc.dll [PX5: 637F238C008ED728E0B900BDB164BB0008398734]
[G] (ACTIVE) c:\archivos de programa\intel\prosetwireless\ncs\proset\esnpguir. dll [PX5: 981CABD8005EB187606F0563806C760067098981]
[G] (ACTIVE) c:\windows\system32\upnp.dll [PX5: 3BB01F1600F77B62063F026310FD6700274EE576]
[G] (ACTIVE) c:\windows\system32\hpzsnt09.dll [PX5: 2A10D29942BC26E1D06B02859D5F1F0018D95007]
[G] (ACTIVE) c:\windows\system32\ipsecsvc.dll [PX5: D6534F56002CADCECE3002041B815700FC32EDBA]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\plats.dll [PX5: C0A9E19F3059A9ADE6F30034CB26E600DF1A5053]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\pnmatdi.dll [PX5: E61D6D1C988F94DE550501A0956D8000F4DFFBEC]
[G] (ACTIVE) c:\windows\system32\ssdpapi.dll [PX5: 019F66100094BE55886700FEA91CE30029465EC0]
[G] (ACTIVE) c:\windows\system32\pstorsvc.dll [PX5: ADAD9071006320468854009E56DB9500A5F0AE3D]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\pnmapi.dll [PX5: F1030951309EA887B6E70A0F687DA900AA71CAE9]
[G] (ACTIVE) c:\windows\system32\hpowiax5.dll [PX5: EE6C8D2800EAA427201E0BDD5DB60C0018DC33B0]
[G] (ACTIVE) c:\windows\system32\wbem\wmiutils.dll [PX5: 094FD3AD000A6748823F0102F92795006C8E5380]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\pnmsrv.dll [PX5: 5614AF1130F95C39252C0C9EEB6FF6006BD39F24]
[G] (ACTIVE) c:\windows\system32\inetpp.dll [PX5: 08E36CFD008F9C9F26620121DC8B410071F4EFB4]
[G] (ACTIVE) c:\windows\system32\cfgmgr32.dll [PX5: D3CC478A001087EF425F003C4DC9A1000870B79D]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\smsflt.dll [PX5: F8DE218130A169BD560E01962F98BE0074F226E7]
[G] (ACTIVE) c:\windows\system32\xmlprovi.dll [PX5: DC1530B800B2F067C42200BE57C71000F95D7BBC]
[G] (ACTIVE) c:\windows\system32\oakley.dll [PX5: C901D85300046CE116C204B93C6D3F00AB3E7DB6]
[G] (ACTIVE) c:\windows\system32\psbase.dll [PX5: E579F22800FE14CB80F3013F2FFDAD00E8EAE5FA]
[G] (ACTIVE) c:\windows\system32\wbem\fastprox.dll [PX5: 583FA14700E4BC9A34F5075F66FDAB004AFB8AB4]
[G] (ACTIVE) c:\windows\system32\clusapi.dll [PX5: 15B87D46001EC8C1E2C500B4FE618400AA068365]
[G] (ACTIVE) c:\windows\system32\mtxclu.dll [PX5: 66978F8E0092BC0304EB01E29B925900BE607930]
[G] (ACTIVE) c:\windows\system32\wbem\wbemsvc.dll [PX5: E597447300757EBFAAF700E3ED2B7800271D3E9E]
[G] (ACTIVE) c:\windows\system32\mfc42.dll [PX5: E58D7CCE00E29192B06C0FEDC35279002AEB23D6]
[G] (ACTIVE) c:\windows\microsoft.net\framework\v2.0.50727\perf counter.dll [PX5: 074C3C2908B7AE705CCE01BBF8F445003D0B42AF]
[G] (ACTIVE) c:\windows\system32\resutils.dll [PX5: E027AB3900DAF26FE68800D61F5B3100EA99A3C6]
[G] (ACTIVE) c:\archivos de programa\ltmoh\mohapi.dll [PX5: 086F214D000F26A0709C013378C2E6006B1F0DDD]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\wnmflt.dll [PX5: 18BD22F830246FA3761C015DFDF90D00EB325D4A]
[G] (ACTIVE) c:\windows\microsoft.net\framework\v2.0.50727\corp erfmonext.dll [PX5: 9756E8D60879BF228ECB0149D1790000EA965E28]
[G] (ACTIVE) c:\windows\system32\pdh.dll [PX5: 89BF4C3E00BA0AE95E7304D5FD174D0067801FB6]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\tpconf.dll [PX5: 47BB48C2303338E446D101675178F800335C3BB8]
[G] (ACTIVE) c:\windows\winsxs\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\gdiplus.dll [PX5: E1136118008B76C950631A4188EDBB00E069DFBD]
[G] (ACTIVE) c:\windows\system32\winipsec.dll [PX5: C2856AA600629B99807A0017761B17001188782D]
[G] (ACTIVE) c:\archivos de programa\nokia\nokia pc suite 7\ngscm.dll [PX5: CA5AD16B00430AED901E0C127BF75A00075290B3]
[G] (ACTIVE) c:\windows\system32\wuaueng.dll [PX5: 96A8FDF31820FD8A9E1D1B88260572006ACE6A58]
[G] (ACTIVE) c:\windows\system32\colbact.dll [PX5: A0B0F9B500ACD436ECA70034F32E2C00E7E17786]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\netflt.dll [PX5: 9D3D78AA30FB4543B5B60116E82A920025E214B4]
[G] (ACTIVE) c:\windows\system32\wbem\wbemcore.dll [PX5: CB85D85E0076B9651C900855B8DE6D00F450B1CC]
[G] (ACTIVE) c:\windows\system32\spoolss.dll [PX5: 1B2085D10071A02E24DD01F03E4F50000C187CFD]
[G] (ACTIVE) c:\windows\system32\cabinet.dll [PX5: 60605FEC005AB19AEA050033F1225300B2AB86F7]
[G] (ACTIVE) c:\windows\system32\mscoree.dll [PX5: 2FF012BA00BB752D4E8504215026F6009A6054D1]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\psimfltr.dll [PX5: 60A5860030D5730EA8B600CCD50D5A008457D2F5]
[G] (ACTIVE) c:\archivos de programa\nokia\nokia pc suite 7\resource\phonebrowser_nokia.ngr [PX5: 0B65CE6300B2F8CDC00B086051FB6100CB416864]
[G] (ACTIVE) c:\windows\system32\wbem\ncprov.dll [PX5: 6188469200A63424B8DE006C60FBAF004653FA12]
[G] (ACTIVE) c:\windows\system32\dssenh.dll [PX5: 31E843BE00E2A81C18FA0265E10B6500232880A4]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\avcic.dll [PX5: 96C9491D30B57C07F82F00AC03F60000B349E033]
[G] (ACTIVE) c:\windows\system32\mscms.dll [PX5: 54292A75005CC2F8222801CB84644D0087B17889]
[G] (ACTIVE) c:\windows\system32\vssapi.dll [PX5: 4EFEF304002AF8059230067AACCA28004298F648]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\protexc.dll [PX5: 2083341A30C6C761D3E501E8774B560039882ED1]
[G] (ACTIVE) c:\windows\system32\localspl.dll [PX5: 780CEBA800925E1E3EF50520685EA5002E608ED2]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\fnetctrl.dll [PX5: 8C102B1C3018146F55070171F33675000C988997]
[G] (ACTIVE) c:\windows\system32\mspatcha.dll [PX5: 3C149574009989FF761A002188C0A30012BC67EC]
[G] (ACTIVE) c:\windows\microsoft.net\framework\v2.0.50727\msco rwks.dll [PX5: CF433B660005682CBA375814C8DECC00564205E0]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\apflctrl.dll [PX5: 31824D19309371F975A001F1912DA700F325AFB8]
[G] (ACTIVE) c:\windows\system32\spool\prtprocs\w32x86\hpzpp5ha .dll [PX5: C4B891900050EB4132EA0420D6BDF100A55463BA]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\dsaflt.dll [PX5: 34AC994B30A2F131668001E57E21DD0022037595]
[G] (ACTIVE) c:\archivos de programa\nokia\nokia pc suite 7\lang\phonebrowser_spa.nlr [PX5: F7D9F0E200CF585A74B2002E2777E20081506DCD]
[G] (ACTIVE) c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_cbb27474\atl80.dll [PX5: EEA0ABF1009B0E5C781C0186AB2A510079B716A2]
[G] (ACTIVE) c:\windows\microsoft.net\framework\v1.1.4322\mscor jit.dll [PX5: 2F4601B300158762D00C041754821C006CBBBB16]
[G] (ACTIVE) c:\archivos de programa\ezbutton\cdromutl.dll [PX5: 3FC73E5B003A0F2DC08F00FB16B82C00DD8D961C]
[G] (ACTIVE) c:\windows\system32\sti.dll [PX5: 48786430008C2F0D0A3C012F189ACB0089E952D7]
[G] (ACTIVE) c:\windows\assembly\gac\lead.wrapper\13.0.0.66__9c f889f53ea9b907\lead.wrapper.dll [PX5: 0F0E040B0084309A902A06626F22EF00D6717B94]
[G] (ACTIVE) c:\windows\system32\drprov.dll [PX5: 8C937598008403A638800074FD083400E5D9628A]
[G] (ACTIVE) c:\windows\system32\netui0.dll [PX5: BC88890E00EFD2F344060128764BE7009508254C]
[G] (ACTIVE) c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803 f4c3827\hpqtray.dll [PX5: 1B59B89900BFD2DEA05605E6C38CA8005EF1D95B]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpotra08.rsc [PX5: 2D14C3F000322E3B326E0095AEDDFE00E562F036]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqwso08.dll [PX5: 72D5182B0081E577B06A07D07EA48B00D9246BEF]
[G] (ACTIVE) c:\archivos de programa\google\googletoolbarnotifier\5.0.926.3450 \swg.dll [PX5: BB203CB6F0D46DEB09EA0A59149E6E004BA51F73]
[G] (ACTIVE) c:\windows\system32\wbem\wbemcons.dll [PX5: 907C40C200F6C4F6182601250FBA4100773EEDE7]
[G] (ACTIVE) c:\windows\system32\hpzipr12.dll [PX5: 6FB24DD1006D47EF825600176119F60093ED092A]
[G] (ACTIVE) c:\windows\system32\jscript.dll [PX5: FA885F76005A710A80BB072BB1453100D393DD16]
[G] (ACTIVE) c:\windows\system32\wbem\repdrvfs.dll [PX5: A886C9F000087395B4C8026D60ACD3003DC24017]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hposcn08.rsc [PX5: C70539DD00FCA11426D700A48F352F00AEFB2625]
[G] (ACTIVE) c:\windows\assembly\gac\system.windows.forms\1.0.5 000.0__b77a5c561934e089\system.windows.forms.dll [PX5: 10AAD49200E4B2A350151FACA23D8300443ABC25]
[G] (ACTIVE) c:\archivos de programa\ezbutton\comfnutl.dll [PX5: EFB41C5C00EDF765D03A0081BA8D6C0026D378FF]
[G] (ACTIVE) c:\archivos de programa\ezbutton\rgnmaker.dll [PX5: D861902B002E4647C0E90056E305C000B65D72DB]
[G] (ACTIVE) c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80esp.dll [PX5: 58C3C18300A8E550F0A3008DA9DACF00648E0EC3]
[G] (ACTIVE) c:\windows\assembly\gac\system\1.0.5000.0__b77a5c5 61934e089\system.dll [PX5: 4DA3EA4A003CBC77D0DB1288759A96005E9C967B]
[G] (ACTIVE) c:\archivos de programa\ezbutton\tkbarutl.dll [PX5: 6F34D7DD0062D6CEF0540023A4440F00A13DD962]
[G] (ACTIVE) c:\windows\assembly\gac\system.drawing\1.0.5000.0_ _b03f5f7f11d50a3a\system.drawing.dll [PX5: E0A5227800908BAE20F10767845498006FBD9EC7]
[G] (ACTIVE) c:\windows\system32\ntlanman.dll [PX5: D2078510004A52D5AA2600FDF16F8C006DA235E6]
[G] (ACTIVE) c:\windows\microsoft.net\framework\v1.1.4322\mscor sn.dll [PX5: 17792AC6001E46E4309501ADD189730029C88BC1]
[G] (ACTIVE) c:\windows\system32\advpack.dll [PX5: 6D8C6391000AA20CE8CF011C93C06500D606ABE9]
[G] (ACTIVE) c:\windows\system32\ssleay32.dll [PX5: A3BCF2C4000BB4AF40EC020BBCC3820007E82996]
[G] (ACTIVE) c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll [PX5: 4A2EABCA00EEEF38AEDF10453CA10400EACE2231]
[G] (ACTIVE) c:\archivos de programa\ezbutton\osdutl.dll [PX5: 99F9F09F0050A1A3D011014A8EF95D00A284C058]
[G] (ACTIVE) c:\archivos de programa\ezbutton\mixerutl.dll [PX5: 46C6408B00AEADF5F009007B152A6E004A06F010]
[G] (ACTIVE) c:\windows\system32\netui1.dll [PX5: C2F6351F006E2C02C0AA0303F330830078558708]
[G] (ACTIVE) c:\windows\microsoft.net\framework\v1.1.4322\fusio n.dll [PX5: 2123929800EC6BF8507B04CB6847AA005FCEF14A]
[G] (ACTIVE) c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__ a53cf5803f4c3827\interop.hpqcxm08.dll [PX5: 024ECF6F0071AAD0900E00673AA17000A8130522]
[G] (ACTIVE) c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\dpiftran.dll [PX5: 372273273022F6F9160903FE17B867004B7EB61E]
[G] (ACTIVE) c:\windows\system32\davclnt.dll [PX5: 301304810099E131624800B42D603500C49E9D7E]
[G] (ACTIVE) c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf580 3f4c3827\hpqfmrsc.dll [PX5: 9448E11C0084DC5670E400539FB272003518F55A]
[G] (ACTIVE) c:\archivos de programa\hp\hpcoretech\hpvcr70.dll [PX5: 557F46BF00B8F62240C40522AB7B720047DFA04B]
[G] (ACTIVE) c:\archivos de programa\archivos comunes\microsoft shared\office11\msoxmlmf.dll [PX5: 3AB1DFA96054F262B59A001EC0681C0042A89C47]
[G] (ACTIVE) c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf580 3f4c3827\hpqgldlg.dll [PX5: B68D785900B52183500E0257F4612900002181F3]
[G] (ACTIVE) c:\windows\assembly\gac\lead\13.0.0.66__9cf889f53e a9b907\lead.dll [PX5: DE4C9A7700C401F540C101DAB30DEA00F8A7D41E]
[G] (ACTIVE) c:\windows\system32\wbem\wmiprvsd.dll [PX5: C84FFDD000CDF6C4AC7A0635A6571A00FC334116]
[G] (ACTIVE) c:\archivos de programa\ezbutton\wnd2file.dll [PX5: B66552F500EEF86AD0CF002F9FAD470043A8C1EB]
[G] (ACTIVE) c:\windows\system32\msxml4.dll [PX5: EABA86F708DA1BE5A07B13076693B200CA2D7643]
[G] (ACTIVE) c:\archivos de programa\ezbutton\lgkcutl.dll [PX5: E94CF8F300050DF33046017A207A7500956D938D]
[G] (ACTIVE) c:\windows\system32\libeay32.dll [PX5: 83F2F25D007C571EF0AF09D67CFCF600A518447A]
[G] (ACTIVE) c:\windows\assembly\gac\system.xml\1.0.5000.0__b77 a5c561934e089\system.xml.dll [PX5: 37B936D600E9E0A0704814170B365B00E2A3106F]
[G] (ACTIVE) c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf580 3f4c3827\hpqiface.dll [PX5: 9AA5BD8A00C6F55A40C800BBF1EAA000C0AD4A83]
[G] (ACTIVE) c:\windows\system32\comsvcs.dll [PX5: ED0A598E00540BAB56A9139D5AFF60007C17C9BE]
[G] (ACTIVE) c:\windows\microsoft.net\framework\v1.1.4322\mscor wks.dll [PX5: 43D5E03F00BFAAD2601C26EA2A0194008FF90ECC]
[G] (ACTIVE) c:\windows\system32\wbem\wbemess.dll [PX5: 24F62F590030CEBC2E7C0420B541310085AD8F8F]
[G] (ACTIVE) c:\archivos de programa\google\googletoolbarnotifier\5.0.926.3450 \gtn.dll [PX5: 9D8C659BF01F6C15C5E6018A04D44F009F2F542F]
[G] (ACTIVE) c:\archivos de programa\ezbutton\szupfutl.dll [PX5: 5254BBCB00572695F00500ABD6B4F90074751325]
[G] (ACTIVE) c:\windows\microsoft.net\framework\v1.1.4322\mscor lib.dll [PX5: E65D52060042C450B08520DCA2642C00328CC46F]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqcxm08.dll [PX5: 9509172500FA28EC409F028F13DEFC00C71D8FAF]
[G] (ACTIVE) c:\windows\system32\intelae5.dll [PX5: 4382240F00C3CE08703A07A2A858DD000AB9C687]
[G] (ACTIVE) c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf580 3f4c3827\hpqgskin.dll [PX5: 38C1407700CA4BD430CA01F0A31FF3001D996D7F]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\es\hpqgalry.resources.dll [PX5: ABF79AE1006B76E480DF021DD86CA9007E11A404]
[G] (ACTIVE) c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf580 3f4c3827\hpqptfnd.dll [PX5: CC44146D00A42B0B4005003F965303006D3823D5]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqcob08.dll [PX5: 2A8D02D80094AE31209402340DF55900E533E8FC]
[G] (ACTIVE) c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf580 3f4c3827\hpqutils.dll [PX5: 9158DE5700DD2A0C505302B7CC5C7700DFE35B14]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\ltkrn13n.dll [PX5: 9F1BFE3600EB2484D2B706AE36661F00B70543E9]
[G] (ACTIVE) c:\archivos de programa\intel\prosetwireless\proset\esn\pnc11esn. dll [PX5: F7897DD000F51BB060AC00EAF9C68B00C0C07687]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqddusr.dll [PX5: 0767F7060053DED5F05100104C454600153028A5]
[G] (ACTIVE) c:\windows\system32\wbem\wmiapres.dll [PX5: 453F1DCD00139FEA1E4200F0D5DABA008D9CA8C7]
[G] (ACTIVE) c:\windows\system32\browselc.dll [PX5: A43CEFF90061B9180CFD0182F246E000D22DBE6F]
[G] (ACTIVE) c:\windows\system32\hpzidr12.dll [PX5: 6984B38F00EEA490C0D100CA5013AB0045731C9D]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpodio08.dll [PX5: 78B8F64D00C4ADE5A09A0F5CC18EFF00318F8A20]
[G] (ACTIVE) c:\windows\system32\loadperf.dll [PX5: B0ECADC000D4C9728A18018EE22E9E0000F3FB75]
[G] (ACTIVE) c:\windows\system32\mfc42u.dll [PX5: 74A4697B00B6ECC7FB5E0E2428CECF00BE23B318]
[G] (ACTIVE) c:\windows\system32\wmasf.dll [PX5: 3D36799C0034542F6690031EC75D2100FDEBB35E]
[G] (ACTIVE) c:\windows\system32\mucltui.dll [PX5: 33D63AFF685931E1198D041F6E815000CF9B26FA]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqtra08.rsc [PX5: 6BE654C1000D8107BA600023B13322008246546B]
[G] (ACTIVE) c:\windows\system32\rasdlg.dll [PX5: 99501B8B00BB9C93567F0AD56A0D55009F5D3A2F]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpotra08.dll [PX5: 8125E1630035CD38A04A040FDF887100D6DDE1F8]
[G] (ACTIVE) c:\windows\system32\pn802_11.dll [PX5: D81D758D00161A3060C703B413D60F006E4BB380]
[G] (ACTIVE) c:\windows\system32\wuaucpl.cpl [PX5: 5BC9525C1882B33F42BE0377DB07C0000DBA11FB]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpostd08.rsc [PX5: 8D2EA66D0019F38910DE042DDDE82A00EE51F5D9]
[G] (ACTIVE) c:\windows\system32\msutb.dll [PX5: 0C9BCA6A00E3038EFCC802EAAE2EF50004742D1F]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpodev08.dll [PX5: 26A450E400834509A08401F3ECCF7D0022986CA7]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpotradd.dll [PX5: 0697FF0300773ADA30B101C6A7E6BB00ED9F28A3]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqxml2.dll [PX5: 4F9756FD00215712B47800DB11341300B59C5DD3]
[G] (ACTIVE) c:\windows\system32\utildll.dll [PX5: D07D55B2009D3505660A00A968898E006F9BF1CE]
[G] (ACTIVE) c:\windows\system32\msdtcprx.dll [PX5: D7EB7E5C00A3086582FD0655E0DA9A004016EF43]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqgpb01.dll [PX5: 82B9131000B4FD7C00050127092B31001D9BDDFF]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqrif08.dll [PX5: 40296AD300ECE0DA704104B341FE5200E205C6E6]
[G] (ACTIVE) c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll [PX5: C2148C6300282B34D02310815560F00037CA9FFC]
[G] (ACTIVE) c:\windows\system32\wucltui.dll [PX5: F30CBD881889C2ADF0E6042AF42051003FFB5A8B]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpostd08.dll [PX5: 98C565E900816FDC5003052876D3DF00BBDD4C3C]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqtap08.dll [PX5: B85FF94200C38E3C003601368CB9400053B135D4]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpodvd08.dll [PX5: 88EB773000B905D55C8603524A5F7800B2A57DA5]
[G] (ACTIVE) c:\windows\system32\wmvcore.dll [PX5: B705FDA8005BF799826F258393D0250046115EF3]
[G] (ACTIVE) c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf580 3f4c3827\hpqcmctl.dll [PX5: BCD6114100B082A4800A08F8020628006076CC53]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqsti08.dll [PX5: 6E5ACBDC0081250900B804FA87635E0077F62268]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpquio08.dll [PX5: 6002F58500C20735705A02A23CE52F002A1CB219]
[G] (ACTIVE) c:\archivos de programa\intel\prosetwireless\proset\esn\c1xstesn. dll [PX5: BA8BE39900ECD4C700430163806C7600576F76E1]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hposcn08.dll [PX5: A65AD9BC00F484CE7037029725E9D600BD0E670E]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqcpta.dll [PX5: 1A18A1790054DE92D86F01E9C8604C0041368D5A]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqmif08.dll [PX5: F911124700FD63ABA01D0426F700E300A61FC541]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqtao08.dll [PX5: EC019785008EBE24800801F1C258D1009900AF29]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpqsrta.dll [PX5: F6D389A8003309A7E6530158611E8600351B0B35]
[G] (ACTIVE) c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf580 3f4c3827\hpqimgrc.dll [PX5: 03ED15A500BAAD0A807102F8DB32AF00129FDA34]
[G] (ACTIVE) c:\archivos de programa\hp\digital imaging\bin\hpodeb08.dll [PX5: 7B5E49AC0026D8EE209103FE1A07BA007E0673E6]
[G] (ACTIVE) c:\windows\system32\unimdm.tsp [PX5: 5AA9CCC600D235C12A9C035E10B91700C6F57E32]
[G] (ACTIVE) c:\windows\system32\hid.dll [PX5: A8834F4D004546A3526300281E991900AE216BFC]
[G] (ACTIVE) c:\windows\system32\wbem\wmiprov.dll [PX5: 008A2BDA00F529373650020A6E0EE200AEDD0E44]
[G] (ACTIVE) c:\windows\system32\avifil32.dll [PX5: DB5CA1EE007130484E4501B55F1ABF00CD83C4C6]
[G] (ACTIVE) c:\archivos de programa\archivos comunes\adobe\acrobat\activex\pdfshell.dll [PX5: 170D444058498696C50E05D5753D2A008C5B595D]
[G] (ACTIVE) c:\windows\system32\unimdmat.dll [PX5: 5C5F4C170014C671343C01EBBF82B00018AB958A]
[G] (ACTIVE) c:\windows\system32\msvfw32.dll [PX5: DCEA5088000EB3C0DCEE014FA1C2A900B7DDBBBF]
[G] (ACTIVE) c:\windows\system32\uniplat.dll [PX5: 1FDEEC2D0042FB83369D00FC8F082200BF0D5BFF]
[G] (ACTIVE) c:\windows\system32\ipconf.tsp [PX5: 06C22A4E005ACB2C44A8007135F3E4008EFDFA18]
[G] (ACTIVE) c:\windows\system32\traffic.dll [PX5: 1EA6257D009974987A13001FDDC58500F5C220B6]
[G] (ACTIVE) c:\archivos de programa\archivos comunes\adobe\acrobat\activex\pdfshell.esp [PX5: 941904C700A6D740C07804108C0B1B001F550E48]
[G] (ACTIVE) c:\windows\system32\mfc71esp.dll [PX5: 0864BF830009A174F01E00D548E3EC0043284099]
[G] (ACTIVE) c:\windows\system32\h323.tsp [PX5: AB7DB74D00410904125404B9E99E9C00294CC6C2]
[G] (ACTIVE) c:\windows\system32\kmddsp.tsp [PX5: 149659C100E676EF822600BC47440A00A0C42B3D]
[G] (ACTIVE) c:\windows\system32\shmedia.dll [PX5: 259F090F0001E8BD548C02AFBE632600185D713E]
[G] (ACTIVE) c:\windows\system32\ndptsp.tsp [PX5: 4ADDF61800032549E0370099893E8F006FC1D939]
[G] (ACTIVE) c:\windows\system32\netcfgx.dll [PX5: B6261DD4009990EEA682091CBF6CD600228AE764]
[G] (ACTIVE) c:\windows\system32\rastapi.dll [PX5: 76057243006F5060E645005439F5C50084899D55]
[G] (ACTIVE) c:\windows\system32\urlmon.dll [PX5: 8824B84F00E2C05FB41711C615A73E00B3EDBEC0]
[G] (ACTIVE) c:\windows\system32\webcheck.dll [PX5: 4B5AE3EB00EB6139907003615F37EF007F07DFCD]
[G] (ACTIVE) c:\windows\assembly\nativeimages1_v1.1.4322\mscorl ib\1.0.5000.0__b77a5c561934e089_6d9bf058\mscorlib. dll [PX5: F2509EB700136B9FC027330E7CA91600E2A915DE]
[GN] (ACTIVE) c:\windows\assembly\nativeimages1_v1.1.4322\system .xml\1.0.5000.0__b77a5c561934e089_02dbe574\system. xml.dll [PX5: 859061CB0030E490E09B1F40E71E84004021B541]
[G] (ACTIVE) c:\windows\assembly\nativeimages1_v1.1.4322\system \1.0.5000.0__b77a5c561934e089_97842a45\system.dll [PX5: C207685F00CB8D0A003F1ECC4261D600DD5BB46D]
[G] (ACTIVE) c:\windows\assembly\nativeimages1_v1.1.4322\system .drawing\1.0.5000.0__b03f5f7f11d50a3a_a1fa21ec\sys tem.drawing.dll [PX5: CEEC3993001FF4A3C0960CFCCB080E005B5C5CE4]
[G] (ACTIVE) c:\windows\system32\ieframe.dll [PX5: 81FEB6DD00D9686592DE5CA92261AB00E70EEBAC]
[G] (ACTIVE) c:\windows\assembly\nativeimages1_v1.1.4322\system .windows.forms\1.0.5000.0__b77a5c561934e089_7602b8 bd\system.windows.forms.dll [PX5: 21A5D878003EDEE210152E914FD21900AFDEF12E]
[G] c:\windows\system32\drivers\ipfltdrv.sys [PX5: E130718C809C039180F700DA0AC8EE00F2B31814]
[G] c:\windows\system32\ipxsap.dll [PX5: 0F3954A0005722DF048E01E91BE55A002C9E92DC]
[G] c:\archivos de programa\windows live\messenger\wlcstart.exe [PX5: 3FE7169E60D42679F3E20017F2D91100F7E84F9F]
[G] c:\archivos de programa\outlook express\wab.exe [PX5: 076583F900AC6C85B47300517C3BE60068BCADC8]
[G] c:\windows\system32\drivers\enum1394.sys [PX5: 4E7FF71200A58CFF197100D1CCE6B600C8D9E0FF]
[G] c:\windows\system32\rdpclip.exe [PX5: 22CB3CC5009CADCFF4300018D68AB9002B64BAF5]
[G] c:\archivos de programa\archivos comunes\microsoft shared\office12\msoshext.dll [PX5: 0F0319D298F345C047B80E4B50C6F30063BE98CE]
[G] c:\windows\system32\osk.exe [PX5: 346F0631008F100B4CF6035F16FFB200907314FC]
[G] c:\windows\system32\mode.com [PX5: E973D3A100625BBF4CE400E712EA29007A26A730]
[G] c:\windows\system32\mprdim.dll [PX5: CD6C24A1000FB955C0580084E5CAEE00501565F0]
[G] c:\windows\system32\wuaucpl.cpl.mui [PX5: 542E34EF184C7DE16CE800CA0F447D001F91A8E9]
[G] c:\windows\system32\mciwave.drv [PX5: 68378EC70011E2766E3C004EC8148E009AED5400]
[G] c:\windows\system32\mciseq.drv [PX5: DFD1DBD00029431363D400FD92B3230040B5F1C3]
[G] c:\windows\system32\mobsync.exe [PX5: 9EC0A3080049272532860233FE44EC007186AF91]
[G] c:\windows\system32\cisvc.exe [PX5: D73C433500A9377016BC005665669D0035BCF649]
[G] c:\windows\system32\ipxrip.dll [PX5: A6FCA30D001806C1548600C59F9E4D00543E820B]
[G] c:\windows\system32\commdlg.dll [PX5: B6A1C23340643BD6843B00260933BB0011195501]
[G] c:\windows\system32\shmgrate.exe [PX5: 972C308200AD0F89A6D6007CC62E8E00D4A18BC5]
[G] c:\windows\system32\dskquoui.dll [PX5: D772C92600CC9A8844A702E2D1955100C5DE63CF]
[G] c:\windows\system32\drivers\atmuni.sys [PX5: 92E7BF650082565E607E05AD216E0900953642D5]
[G] c:\windows\system32\avifile.dll [PX5: 7DD4A6DD008238E7AC37016052733100F6122167]
[G] c:\archivos de programa\lavasoft\ad-aware\threatwork.exe [PX5: 08A48B8658CC41B6911104AA185BB9005573C13C]
[G] c:\windows\wc98pp.dll [PX5: 17B29EA6002FA01BCAFD0052BCB3C400BBDA630B]
[G] c:\windows\system32\ipxrtmgr.dll [PX5: 61088071003D00019CDB00410BF24E00867BAA7C]
[G] c:\archivos de programa\lavasoft\ad-aware\ad-awareadmin.exe [PX5: 8DB9FE14685E034347B608EE2EB41E000C1888B3]
[G] c:\archivos de programa\lavasoft\ad-aware\aawservice.exe [PX5: 87DD38F650BD2F95853D0E88DA596400AE83B993]
[G] c:\windows\fonts\vgaoem.fon [PX5: 6CA95C4D3080777B140100C1C8350800A078F465]
[G] c:\windows\system32\ups.exe [PX5: DFF6ED98000750CB484000B4D1F04D00D5B22D2D]
[G] c:\windows\system32\drivers\pxscan.sys [PX5: 11EEE13208526D6558A400F26A394F00E75A87AE]
[G] c:\windows\system32\wuapi.dll.mui [PX5: 9EABCCE118181D8B6CE00065D1EC5D00BC366A45]
[G] c:\windows\system32\drivers\tdtcp.sys [PX5: 8942980688A6EF76558200032BC6D800A375DA91]
[G] c:\windows\system32\ctl3dv2.dll [PX5: C84734B440655DC66A4D00304EF8AC0014627D07]
[G] c:\windows\system32\drivers\mbam.sys [PX5: 9D85F0E290EA43593C6000FF35635F00A764C5B5]
[G] c:\windows\system32\rcimlby.exe [PX5: 40C50CD1007BACA68C6F00393A10C30007A5C4F3]
[G] c:\windows\system32\drivers\mbamswissarmy.sys [PX5: 980187E66004A2499637002917ED4200CB3F38FA]
[G] c:\archivos de programa\lavasoft\ad-aware\aawtray.exe [PX5: 9436ED4058DE8B5DDD7907C38B37A50011FD06B1]
[G] c:\windows\system32\msacm.dll [PX5: 4310BF9370F2ACB6EF490048E192C7002F9094CE]
[G] c:\windows\system32\pavcpl.cpl [PX5: 0269252F305CA485D6820048BCD4250001D487B8]
[G] c:\windows\taskman.exe [PX5: 3F2A394F00E022653EEA00BD2EAB56009742874A]
[G] c:\windows\system32\iprtrmgr.dll [PX5: 144FBD660099709698A8024B89B1CA0021F8A9CA]
[G] c:\windows\system32\drivers\nikedrv.sys [PX5: 31AFD82600B7B0E92F3400332F79D6008B90E2A9]
[G] c:\windows\system32\diskcopy.com [PX5: B51AC2FE0016CEF71C05003B3C2E0700DFA71312]
[G] c:\windows\system32\drivers\rtl8139.sys [PX5: 0D1CF5B000B2C8EA5211002E76778C00F4B2E39E]
[G] c:\windows\system32\diskcomp.com [PX5: 07EFE4CF00E33AB824A100536EC85C008A3A2C7C]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimejavaextras.qt x [PX5: E3E12CDD00B852411461003B3C2E070076D9AF9D]
[G] c:\windows\twunk_16.exe [PX5: F36A27171006EDD2C23C0094956AFB0056981184]
[G] c:\windows\system32\msdtc.exe [PX5: 6EE007BA005C83B5187B000639E3D80018BC79E2]
[G] c:\windows\system32\compobj.dll [PX5: DA21156DD0BCD8E77562007DCF26A600F4FFDA3F]
[G] c:\windows\system32\format.com [PX5: F24E644D00F19B6C6414002263F4F7008FBFD5A6]
[G] c:\windows\system32\avicap.dll [PX5: E83FED0050D490751276017068E06000E5B3D427]
[G] c:\windows\system32\utilman.exe [PX5: 72EC074C00D79760C45C008D0AD2F00014E8E08B]
[G] c:\windows\twain_32.dll [PX5: 58791B4F00CF43BEC694009BAB662500C0C72801]
[G] c:\windows\system32\drivers\usbser_lowerfltj.sys [PX5: 8657765F8006CB751FF20045EAAACB00239BB569]
[G] c:\archivos de programa\lavasoft\ad-aware\toolbox\lt\hostfileeditor.exe [PX5: 472A972B701793D38D23204DA83B7200F593C449]
[G] c:\windows\system32\mprddm.dll [PX5: 5668D0D9003DEEB90E9A0193F522D10048124B1F]
[G] c:\windows\system32\drivers\mspclock.sys [PX5: 3656535900693AA115D1001337247B009D5BCE4B]
[G] c:\windows\system32\rdpsnd.dll [PX5: FD3D5E1D00B9A4634E9D00DF737E4200FDE4DE18]
[G] c:\windows\system32\drivers\cbidf2k.sys [PX5: 7B8DA5F780B7DA7536FE00ABA71B6C00B12776D7]
[G] c:\windows\system32\netapi.dll [PX5: 4765A86CD04DF3B2A77E0156CAF52A00D20C0C0C]
[G<00110020>] c:\windows\system32\drivers\sptd.sys [PX5: 4ADFB285F8AFE7B276750AE823E8B2008F580CD3]
[G] c:\windows\system32\mciavi.drv [PX5: 8B3733E1E01B7A5B1F1C01E84360C3009383E08C]
[G] c:\windows\system32\drivers\mcd.sys [PX5: 874B185900D5916B1EF900C2FE181D00136FAB22]
[G] c:\archivos de programa\lavasoft\ad-aware\ad-aware.exe [PX5: 61F9704948896D435F04202F4698B80092C8B5B8]
[G] c:\windows\system32\more.com [PX5: B4B2F27900723D1B3EDF009652606F0060743ADC]
[G] c:\windows\system32\magnify.exe [PX5: F75B2B5900F1CC211E520147693D72001A98016B]
[G] c:\archivos de programa\lavasoft\ad-aware\toolbox\autostart manager\autostart manager.exe [PX5: 73D2B13B583FB271991A06247C8AEB002F1946F7]
[G] c:\windows\system32\drivers\tdpipe.sys [PX5: 3FCBC6C1086354332FFD003DE3512D00CB438F2A]
[G] c:\windows\system32\msvideo.dll [PX5: 7DA4DEEA80EA4CBEF0D4012F00509C00F452838C]
[G] c:\windows\twunk_32.exe [PX5: 5D53387700CBFAF764B000A217274800DCE1DDCC]
[G] c:\windows\system32\drivers\atmepvc.sys [PX5: 7363E81E80EDA4EC7A0200CE34E22400450A279B]
[G] c:\windows\system32\ddeml.dll [PX5: 87F926CB00F2CB349A1200182C741300498BEAF4]
[G] c:\windows\system32\drivers\cinemst2.sys [PX5: 7C4B5F6480542F0A010D0467679A34007208E720]
[G] c:\windows\system32\drivers\cpqdap01.sys [PX5: C60D75F500CE16D02E4100D9B4337E008A228DE3]
[G] c:\windows\system32\chcp.com [PX5: C2AEE59B004172551EE000230CC1300070BC2133]
[G] c:\windows\system32\drivers\usbser_lowerflt.sys [PX5: 6795BB60800A0A6B1F69001F95CBF500D85BBFA4]
[G] c:\windows\system32\drivers\smclib.sys [PX5: 8A9722BD003AC63939580092009AC20088FC78D8]
[G] c:\windows\system32\regsvr32.exe [PX5: EA9CD204008691252EFD001A3E083800AF25060E]
[G] c:\windows\system32\ole2.dll [PX5: F2FC4A2A40B7B6B59BDF00629364AB00A54AED31]
[G] c:\windows\system32\olecli.dll [PX5: B5F4F24400858B0246DF0121D0BC3200AD54C2FD]
[G] c:\windows\system32\winspool.exe [PX5: F5BB157440E5748C08D600021F9AD300B79BCD14]
[G] c:\windows\system32\drivers\wdfldr.sys [PX5: 3BAF46DFE0FEFF7D7D93004FA882B400CC532E98]
[G] c:\windows\system32\drivers\tsbvcap.sys [PX5: 87882BA880A89CF8537500BE0BB03800CD0425CD]
[G] c:\windows\system32\win87em.dll [PX5: 22C03F9D0005E87A34B40075B0F00E00517D625F]
[G] c:\archivos de programa\codec pack de elisoft\utilvid\avichop02.exe [PX5: CD50AF190033CF7F80FA009AEE1EA8003ACEF15F]
[G] c:\archivos de programa\codec pack de elisoft\mp3fiis\mp3cnfg.exe [PX5: BFBD38C200D4949F4A0400B21DCCC3007B4F82C7]
[G] c:\archivos de programa\codec pack de elisoft\uninstal.exe [PX5: 2714BAD21BDE99A8527500A0B7537F0066E877AD]
[G] c:\windows\system32\netsetup.cpl [PX5: 5FA2622E00412084649B00A8D79D3D00803751FD]
[G] c:\windows\system32\drivers\rio8drv.sys [PX5: 689BF8B80051228F2F8000540597A5009049C8B5]
[G] c:\windows\system32\pmspl.dll [PX5: 98CDEBDE0094268EB67200C1C6BF85009014DA93]
[G] c:\windows\system32\drivers\vdmindvd.sys [PX5: 5DFBB3300012B79DE3E300778EC928004FCDB2AF]
[G] c:\windows\system32\ntlanui2.dll [PX5: EBE2371C003D84B73AA5000A7557EF008312F2FC]
[G] c:\windows\system32\wshnetbs.dll [PX5: B8ECF79D001A2C331CED00BFA62ECA005F89A854]
[G] c:\hpqimgrc.resources.dll [PX5: 830DEB7900CF7FFC404D0073D8C0290059A7BD19]
[G] c:\windows\system32\drivers\nwlnkflt.sys [PX5: A826BA3A803B83AE30C000488911C200DC3CA878]
[G] c:\windows\system32\drivers\mspqm.sys [PX5: 5D7EA63E804A637C13CA0078C414AC000E912E93]
[G] c:\windows\system32\drivers\cdralw2k.sys [PX5: 4518F26FF8DED74324DE0027365E6D0072F3B365]
[G] c:\archivos de programa\outlook express\msimn.exe [PX5: 9DF52CE900B66EAEEC1A000D7D657F00671B611C]
[G] c:\windows\system32\olesvr.dll [PX5: CE221EF60049CF2B5E3B009B247C6A00F018477F]
[G] c:\windows\system32\drivers\rawwan.sys [PX5: 3623B25780ED679386B1006F511AA700A8DBED63]
[G] c:\windows\system32\drivers\usbcamd2.sys [PX5: D11C923080C0476E5DDA002FC1E34E002B3DC035]
[G] c:\windows\system32\wupdmgr.exe [PX5: 0D7ADEAF00C0A6797E4400E678870400DEC5A995]
[G] c:\windows\system32\odbcad32.exe [PX5: 6CAF2E480086C6258035002DDDE82A001D3A706C]
[G] c:\windows\system32\ntsd.exe [PX5: 50EE19B0002D211C7C10004432E9BD007496520B]
[G] c:\windows\system32\drivers\riodrv.sys [PX5: 31AFD82600B7B0E92F3400332F79D600DA0E26E7]
[G] c:\windows\system32\tree.com [PX5: 4D2EA15A00B3F5F62C6000C07C03650043CF3086]
[G] c:\windows\system32\rasrad.dll [PX5: 86FA4C5B00CDBD275C9C003EB2296300EF4F4835]
[G] c:\windows\system32\wowdeb.exe [PX5: C1613D5DB0A80A260ABB006471357400B79BCD14]
[G] c:\windows\system32\edit.com [PX5: B542A12F6E6E0DA415520148D18458000EDD490A]
[G] c:\windows\microsoft.net\framework\v2.0.50727\aspn et_state.exe [PX5: 700BB9B808038308846600EF74731100EEABDE2B]
[GP] c:\documents and settings\daniel\lame_enc.dll [PX5: 4A9E28950092B89A7A6902028300BF00BDA78C7E]
[G] c:\windows\system32\drivers\rootmdm.sys [PX5: F3E7979300A8EEA3177100743639FF0080591A18]
[G] c:\archivos de programa\outlook express\setup50.exe [PX5: 36F522C000467F972069015D0AA93E00E01DDA9A]
[G] c:\windows\system32\drivers\usbser.sys [PX5: FAA01DEA00C3822D64C200E9D9D51700173A783C]
[G] c:\windows\system32\drivers\fsvga.sys [PX5: 78ACD409808333CF30C90046F776F800E113E645]
[G] c:\windows\system32\w3ssl.dll [PX5: 36644A690087BF963E07003141570300B0AE81BE]
[G] c:\windows\system32\drivers\nwlnknb.sys [PX5: 04BB889700AAB944F73D0096D8122400A0912260]
[G] c:\windows\system32\drivers\nwlnkfwd.sys [PX5: B9B73139006979BB7FBC0031EA7E320032D237D0]
[G] c:\windows\system32\rsvpsp.dll [PX5: 41479A44003DC54E60AE010FEC259500910B2C31]
[G] c:\windows\system32\slayerxp.dll [PX5: 0750470200116E6264DA00C5EC540500C09EBE3C]
[G] c:\windows\system32\drivers\mouhid.sys [PX5: 2301F35080287EAB3080000FDBBFFD00AE2B834A]
[G] c:\windows\system32\ole2nls.dll [PX5: 09B13294B021FA9E558F026E08072F00900228B5]
[G] c:\windows\system32\typelib.dll [PX5: C0620321C004C14EB60D020DCCE16200701F9AEA]
[G] c:\windows\system32\drivers\usbcamd.sys [PX5: D11C923000C0476E5DDA002FC1E34E00BC32EEBC]
[G] c:\archivos de programa\codec pack de elisoft\utilsnd\namp12.exe [PX5: 27B5716A007A168290E30071FD3F9E0052F55286]
[G] c:\windows\system32\win.com [PX5: 4E1E179E00A1B00F481B003D92602E00F95D81CF]
[G] c:\windows\system32\winoldap.mod [PX5: E19A53B2202676D208C7002132DA8800B79BCD14]
[G] c:\windows\system32\drivers\p3.sys [PX5: BC6A682380C862C2B66A0022A0FE9B0058F3515E]
[G] c:\windows\system32\rdpcfgex.dll [PX5: 8225447A005935AE124600C1F661D9007818030A]
[G] c:\windows\system32\drivers\tosdvd.sys [PX5: 628D18D7002B7E40CAFC00177DE27100B717B0CE]
[G] c:\windows\system32\drivers\ccdcmb.sys [PX5: B3E4B76F80376277442A00EBA910770004DFE078]
[G] c:\windows\system32\winsock.dll [PX5: FCF9BBDC30E28D0D0BF200D9F4D9CD00B79BCD14]
[G] c:\windows\system32\control.exe [PX5: 2549691E00D7FEE920C900E6B3BA70002F223BA2]
[G] c:\windows\system32\drivers\serenum.sys [PX5: 4F3C7EAD801665B83CEF00E324D68C009966C2DD]
[G] c:\windows\system32\storage.dll [PX5: 60BAD4D270E3252C10B800A49D4C780095AFB292]
[G] c:\windows\vmmreg32.dll [PX5: 6380CA0F003CFEC84A7E007BC8B99C00A7C9AFEB]
[G] c:\windows\system32\toolhelp.dll [PX5: 87219368400265353643009B30E21C003936EBD7]
[G] c:\windows\twain.dll [PX5: E8D9333B903C7E9E72D801ED4DFB06006AB81A5A]
[G] c:\windows\system32\drivers\cdr4_xp.sys [PX5: AA25D71B78C8E829247500E1DF1CD700586B4A7B]
[G] c:\windows\system32\ole2disp.dll [PX5: 3E66404830EBCC7296B902E3361C6400BE12EFF7]
[G] c:\windows\system32\msgsvc.dll [PX5: A2B1FB0C00EA00498403000260463C00960E445F]
[G] c:\windows\system32\drivers\nwlnkspx.sys [PX5: 38D410228045AB3DDA820098A4E752008EA9780C]
[G] c:\windows\system32\mnmsrvc.exe [PX5: 9DB7CD2B00D71BFC80AE00AF40E0780085115A57]
[G] c:\windows\system32\drivers\hidusb.sys [PX5: 1484F98A807906C3258400E49D6D650019C14BBC]
[G] c:\windows\hh.exe [PX5: DE60F90A00B20CAB2A0C0033C10B9F009C6D444E]
[G] c:\windows\system32\clipsrv.exe [PX5: 36670120004F616D823700EBB15ECF00B75FC218]
[G] c:\windows\system32\drivers\nwlnkipx.sys [PX5: B455E8AE80D2C31959AC01662F7EE7009B9C1B54]
[G] c:\windows\system32\rasauto.dll [PX5: A4AEDC230013BCC05C5D01D422714E00CC6FCE9A]
[G] c:\archivos de programa\msn gaming zone\windows\chkrzm.exe [PX5: 94459F2C4F2091ACA65800E4BD9348004162A979]
[G] c:\windows\msagent\agentpsh.dll [PX5: 0508B4F400931FFF5E8700E5590454006D1192B6]
[G] c:\windows\system32\deskmon.dll [PX5: 1947EE1700D9E4E3421B002DE92C3C00E6746FD1]
[G] c:\windows\system32\drivers\hpzius12.sys [PX5: 5E301761F0D8879B548A003C94203D00857CD188]
[G] c:\windows\system32\drivers\atmlane.sys [PX5: 823332B380717184DAFD00B035ED9500F95C0458]
[G] c:\windows\system32\fdeploy.dll [PX5: 614C2B5000245C4A281B013CD6ACE6000E2423D1]
[G] c:\windows\system32\rshx32.dll [PX5: 0119E72B009886A29EA400A67A9E09007F4B94AE]
[G] c:\windows\system32\drivers\sffdisk.sys [PX5: AF380F15808E7A972B3D001ABF251400652E930D]
[G] c:\windows\system32\locator.exe [PX5: 893C1ADB0045DDC726E601EBB10B830023C70D25]
[G] c:\windows\system32\twext.dll [PX5: 92CD9D8E00CD656FAC4300612927AB00F5446012]
[G] c:\windows\system32\drivers\mstee.sys [PX5: EF9F4FE18003FE44154E00AC0DDE6800FF407119]
[G] c:\windows\system32\msieftp.dll [PX5: 100D57B000E35ACBD66803F2AF79A000511056F2]
[G] c:\archivos de programa\msn gaming zone\windows\shvlzm.exe [PX5: 6FA6EC174D2091ACA65800E4BD934800707DF49E]
[G] c:\windows\system32\netplwiz.dll [PX5: C297F6F000D4647770F90D159F427F000C906625]
[G] c:\windows\system32\drivers\usbccgp.sys [PX5: 3051DD5F80B0E02D7BC400CFE2D7F10086CC5663]
[G] c:\windows\system32\drivers\tunmp.sys [PX5: CBD0AEE38035D6A5300B00CF5C419100CB427E52]
[G] c:\windows\system32\dfsshlex.dll [PX5: 81E643C50072C62270150004DD7E1900380E0A84]
[G] c:\archivos de programa\msn gaming zone\windows\bckgzm.exe [PX5: 470D7609512091ACA65800E4BD9348006DCD1A0A]
[G] c:\archivos de programa\msn gaming zone\windows\rvsezm.exe [PX5: 470D76094E2091ACA65800E4BD934800EF3FB8E1]
[G] c:\archivos de programa\hp\digital imaging\hp print screen\prnsys.exe [PX5: C739D54D003B6D97900800CB3A76E900663848EE]
[G] c:\windows\system32\tlntsvr.exe [PX5: 7735CDEB008EB51B22EC0113A0DCBB00F6F08271]
[G] c:\windows\microsoft.net\framework\v1.1.4322\confi gwizards.exe [PX5: 3559A8C600A0D6E7C0DF00B3E52649008AC2F3B9]
[G] c:\windows\system32\drivers\crusoe.sys [PX5: E4FE1A7000AF31429FBC00A2612936004F29C5C2]
[G] c:\windows\system32\drivers\diskdump.sys [PX5: 6D7A5F848072A37B37EB00C342763700264F9014]
[G] c:\windows\system32\docprop2.dll [PX5: 89A5ADFC00F119CABE8300F768F41A00F50D052E]
[G] c:\archivos de programa\msn gaming zone\windows\hrtzzm.exe [PX5: 1D9C14834D2091ACA65800E4BD934800B0D1EF8E]
[G] c:\windows\system32\drivers\atmarpc.sys [PX5: C41A09F600246E0AEA81009B2DE4BF0073057136]
[G] c:\windows\system32\drivers\asyncmac.sys [PX5: 8BD45D2B002F3B40389D007E91CC59004B62F8E9]
[G] c:\windows\system32\dsquery.dll [PX5: EC3B962F003BBBAAAC52036D6B07A50078AC1BBE]
[G] c:\windows\system32\docprop.dll [PX5: D154EA3B0046E469B8D800EF9445BD0030D9F47B]
[G] c:\windows\system32\drivers\sdbus.sys [PX5: BA494C87000D7A4F08B4013D43118E00EBAF0531]
[G] c:\windows\system32\drivers\amdk6.sys [PX5: 4242D904006C60F8A18300740C09B400A6CC4FBF]
[G] c:\windows\system32\drivers\tape.sys [PX5: 1278B1EF80B32A683A3F0096934CD200746C2998]
[G] c:\windows\system32\drivers\bridge.sys [PX5: 69CABDC3803104ED17D001BEA902E2004A7836B0]
[G] c:\windows\system32\alrsvc.dll [PX5: 27852B560048486C442300065BDCFA00335F59E2]
[G] c:\windows\system32\drivers\ip6fw.sys [PX5: 554B18088049820E711F003BBA86E4005B660DCC]
[G] c:\windows\system32\wuaueng.dll.mui [PX5: C049E3B718C219C74A7F000865069B002CBF7FB2]
[G] c:\windows\system32\drivers\wpdusb.sys [PX5: E04E67C68020394F960F004FBC02B000DC6FED3C]
[G] c:\windows\system32\gptext.dll [PX5: 9824171100EC3B76144503DBE4511800A1A94000]
[G] c:\windows\system32\drivers\usbprint.sys [PX5: C449F0710094064A6580004CDAAF0B00CAA1349A]
[G] c:\windows\system32\drivers\rndismp.sys [PX5: F5E4CD0480C828137517005714D7F1002CA246EF]
[G] c:\windows\system32\cabview.dll [PX5: 1787E79900A8F7F74C2701763FA52300A32B77FB]
[G] c:\windows\system32\dsuiext.dll [PX5: AE67137F00EFD75ABC3D012BF1676400D6DBFCA4]
[G] c:\windows\system32\sclgntfy.dll [PX5: 09DAE0110050B7E156E00098BF734100DD95A393]
[G] c:\windows\system32\smlogsvc.exe [PX5: D78824240095AB6068660128541E4400B268828F]
[G] c:\windows\system32\drivers\secdrv.sys [PX5: 84A9A7CB006F9ECC508100883E7135006D51A95C]
[G] c:\windows\system32\drivers\sffp_sd.sys [PX5: 35A841FC0030CAF028AD002AAB39F600184DF1C4]
[G] c:\windows\system32\drivers\usbscan.sys [PX5: A345B33E004758873B29000DE02C9B00A6455141]
[G] c:\windows\system32\drivers\hidparse.sys [PX5: 202AE5AF805FDB4161470039E900C0009EB401B0]
[G] c:\windows\system32\drivers\usb8023.sys [PX5: 6C38C2AE8005B13A31EC001CD2E193004FD5788A]
[G] c:\windows\system32\progman.exe [PX5: 8C2FEB83009859CFAC3D01B2DAB06700702D2506]
[G] c:\archivos de programa\windows nt\hypertrm.exe [PX5: 58B152BE00678E126E7C004E48378400A352B881]
[G] c:\windows\system32\deskperf.dll [PX5: 355F21420078B1334A8400DD3B49B700EBA19BE1]
[G] c:\windows\system32\drivers\ipinip.sys [PX5: 9655BFAF0030F62E523A00C352D248003081C413]
[G] c:\windows\system32\drivers\scsiport.sys [PX5: BAEDAB6C00163F8D78C6012DFF6A240038CAB5E8]
[G] c:\windows\system32\deskadp.dll [PX5: 7394796500F65B5C42E2005EACC72200B1688538]
[G] c:\windows\system32\quicktimevr.qtx [PX5: F6DADBD000DA9CAA60F601D13FB78D005697A80F]
[G] c:\windows\system32\drivers\mskssrv.sys [PX5: 441E162B80A429811D1500CB9CEDF700CED69BEA]
[G] c:\windows\system32\drivers\hpzipr12.sys [PX5: B1B9ACE970C51706409F00F854115200E899EF9F]
[G] c:\windows\system32\drivers\amdk7.sys [PX5: EABF85AE80CF7D2BA2F600B95331A000146F2880]
[G] c:\windows\system32\drivers\nmnt.sys [PX5: 4F6E51DE803D5E299DD30090E39024009FB3BD94]
[G] c:\windows\system32\drivers\mf.sys [PX5: F49C56310087ADB9F998009652109C00BB35FCB1]
[G] c:\windows\system32\drivers\processr.sys [PX5: AF0FBDFA805416189A000040A9FF7600F78A84C7]
[G] c:\archivos de programa\ati technologies\ati control panel\atiicdxx.sys [PX5: A2E6AFA000BA99A115600013D52356007C844E2A]
[G] c:\windows\system32\advpack.dll.mui [PX5: 88BB7E5A000F30412E5500D81E311200D2D283DE]
[G] c:\windows\system32\drivers\dmboot.sys [PX5: 917F152000320DE9366A0C3622393800272CB548]
[G] c:\windows\system32\drivers\sonydcam.sys [PX5: 0B9EAE4180F27A6F636900C11EF4E3002F2E7423]
[G] c:\archivos de programa\archivos comunes\microsoft shared\msinfo\msinfo32.exe [PX5: CCEAFB210036A3BBA0FA00953DF8F200E3C08242]
[G] c:\windows\system32\wscript.exe [PX5: 889A8F2A00D60426C0410166FCF6E00019942762]
[G] c:\windows\system32\rdpwsx.dll [PX5: E51E6F8D8862EA65546401DF11DAFF002795DCBB]
[GP] c:\documents and settings\daniel\lame_enc_sb.dll [PX5: 4A9E28950092B89A7A6902028300BF00BDA78C7E]
[G] c:\windows\system32\rsvp.exe [PX5: 2057508700E163D906880231F30F2D00EC5F5744]
[G] c:\windows\system32\drivers\hidclass.sys [PX5: 800EAA28801FAC928DC800F3F0296600134890AF]
[G] c:\windows\pcamr800.exe [PX5: D444C3860029CF7CB0780092B7CEB8006C01283A]
[G] c:\archivos de programa\codec pack de elisoft\lcljp\avimszh.dll [PX5: B2B08EE500E974821078019B8A69F200C7B1F2A5]
[G] c:\windows\div_iyuv.dll [PX5: 460EB40D00D8B6FE804D00110947F9006281F816]
[G] c:\windows\system32\charmap.exe [PX5: E25F272300117FE93CB201F2CEF591008EC0B2B7]
[GP] c:\archivos de programa\codec pack de elisoft\utilvid\divfix1091.exe [PX5: 58FA123F00D192CAE47402C1B165DB0082E1FA11]
[G] c:\windows\microsoft.net\framework\v2.0.50727\msco rsvw.exe [PX5: 6EFAD9B8005FFA1B128A0113E3634300FEFA54C7]
[G] c:\windows\system32\scardsvr.exe [PX5: DE0F893B00BAA7848646014ECC3CD200E74929AE]
  post #5  
Antiguo 15/03/09, 17:06:00
Usuario
  
Registrado: mar 2009
Ubicación: España
Mensajes: 22
Re: Win32.TrojanDownloader.Agent
[G] c:\windows\system32\drivers\streamip.sys [PX5: 37C869AE00A1D1423CD000F9D66948002AC47A8D]
[G] c:\windows\system32\drivers\pccsmcfd.sys [PX5: FD7B63C880E3B98D54CD0050D8CD5400C903E93E]
[G] c:\archivos de programa\pc connectivity solution\pccsmcfd.sys [PX5: FD7B63C880E3B98D54CD0050D8CD5400C903E93E]
[G] c:\windows\system32\wfwnet.drv [PX5: E9641F0220200734353000D28FC59A003BEC664C]
[G] c:\windows\system32\sessmgr.exe [PX5: DC9759C10020C05D2E3E02893D0F0900C0B91CA1]
[G] c:\archivos de programa\codec pack de elisoft\huffyuv\huffyuv.dll [PX5: DAF0F4200070A03898AD00EFED2F8100C2C2DD8F]
[G] c:\windows\system32\digest.dll [PX5: 5D9A21C70087EB020C9B01CC3CCBC600C1E384ED]
[G] c:\windows\system32\drivers\wudfrd.sys [PX5: 8A8F30350082CC51434301D0F97D39008AC35FC3]
[G] c:\archivos de programa\microsoft office\office11\mlshext.dll [PX5: C5F0198D80B4208C8130009CCA6500005C89CF63]
[G] c:\windows\system32\drivers\hpzid412.sys [PX5: F835D3ED90838372C70C00566197A4006B903D40]
[G] c:\windows\system32\mmcshext.dll [PX5: 734D11BC002F2126C67A0053EDBB01004423574F]
[G] c:\archivos de programa\archivos comunes\microsoft shared\textconv\write32.wpc [PX5: 71A6A3C449C4AC08B01A01656F55D100B0428A69]
[G] c:\windows\system32\drivers\lbd.sys [PX5: FBB422D4A01FFED3FAE300A67F7DB400C62A1682]
[G] c:\archivos de programa\outlook express\wabfind.dll [PX5: 593D861600A9A845805300462EEB27001F722F3E]
[G] c:\windows\system32\icardie.dll [PX5: B70DBCA900D6D410F8C30034D5390900DC35C1C2]
[G] c:\windows\jpgl.dll [PX5: 6AA3FD5600D21F2C90CB001997076600C5CD79AD]
[G] c:\windows\system32\shscrap.dll [PX5: BC11811D0045C6576E33002003B084009C160CD9]
[G] c:\windows\system32\drivers\comfiltr.sys [PX5: BEC410FD38FCFDF236ED00781DC6090081528B96]
[G] c:\windows\system32\drivers\imagedrv.sys [PX5: 3C11D7B200AF52D217B100E01B523C0062C31D17]
[G] c:\archivos de programa\malwarebytes' anti-malware\mbamext.dll [PX5: 2636393D903EDB421E1701B5D563E600F46C31CB]
[G] c:\windows\system32\icmui.dll [PX5: C41E471E00B060F0DACA00445CA0E200F7172209]
[G] c:\windows\system32\winmine.exe [PX5: FD0712CF0031322CD60D0193E78B8A00306D22EC]
[G] c:\windows\system32\msapsspc.dll [PX5: F3E340720065E7E5505801FBCA213C00CBEF5BF6]
[G] c:\windows\system32\xmlprov.dll [PX5: E5ACBFF900CA47BBFAA70127784FE200A6086224]
[G] c:\windows\system32\lanman.drv [PX5: 027E846DE09F8F896D9803C59F91BE0067425A6F]
[G] c:\windows\twunk_16.dll [PX5: FDF99D04007C05E7303F00F1E7B13B00D7B9C89F]
[G] c:\windows\twunk_32.dll [PX5: FDF99D04007C05E7303F00F1E7B13B00D7B9C89F]
[G] c:\archivos de programa\codec pack de elisoft\utilinfo\acmprop10.exe [PX5: E1BA26B0047EFD4C149B012A1F4C8300121CCE86]
[G] c:\windows\system32\drivers\ndisip.sys [PX5: 92D82929807F4CDE2A6000D7EF7E8C008BDE37E2]
[G] c:\windows\system32\comm.drv [PX5: 0D8B262B3068553F296F004B25B4F300F3172575]
[G] c:\windows\system32\drivers\mqac.sys [PX5: A4B93ADE00A3CC201DAC01B48E57ED00D6108E71]
[G] c:\archivos de programa\codec pack de elisoft\utilinfo\movietypefinder10.exe [PX5: EC33002400B8EC4B008601238EEA9F00A4315EAA]
[G] c:\windows\system32\drivers\ccdecode.sys [PX5: 4E4CADF380552430426F00BC05FF9D0038FB5853]
[G] c:\windows\system32\drivers\wstcodec.sys [PX5: B2CFBF068074D4084BB4001A2B9A35007D8AF7A1]
[G] c:\windows\system32\calc.exe [PX5: 5BDBC96E001A8363C22501E8D53F03000DF5BC52]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimecheck.ocx [PX5: 1334BD12304FC0BAC57001BB015F9600282720C1]
[G] c:\windows\system32\drivers\usbintel.sys [PX5: 46A2709480A8B9863E99007B5ED70B000E5AFC3D]
[G] c:\archivos de programa\archivos comunes\microsoft shared\speech\sapi.cpl [PX5: 8B4B35FF00DC7E30708502D5CF72BA009E0D084D]
[G] c:\documents and settings\daniel\lametritonus.dll [PX5: 270F2B6900B88628E02A009164FCE500FE85486E]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimestreamingextr as.qtx [PX5: 9843FF59006111A680530212FB0D8D008267D4F1]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\sdthook.sys [PX5: 06F50C8B385E14013C92003A5E8BC900E9BFCF45]
[G] c:\windows\system32\wucltui.dll.mui [PX5: 82316860184B8BCA8C770008D7D4E80024FBF766]
[G] c:\windows\system32\mspmsnsv.dll [PX5: F82E387E009585B66A440052C05A4E0090AF0C84]
[G] c:\windows\system32\ieudinit.exe [PX5: E787562D00728720360A0021165ED300E3CD6FE6]
[G] c:\windows\notepad.exe [PX5: D5B2A5710094FF11128201E40FA1440034CB73C1]
[GP] c:\archivos de programa\codec pack de elisoft\utilsnd\avimuxgui110c.exe [PX5: 8258487900BEF21042F602AFD2EC1300646C65F4]
[G] c:\archivos de programa\codec pack de elisoft\tools\minicalc.exe [PX5: 43ECD31D00F0C8A6C013008180BA82008DC24D45]
[G] c:\archivos de programa\archivos comunes\microsoft shared\textconv\wrd6er32.cnv [PX5: 6AD1BA7C605B01664DDC003B3C2E0700EF3D0F04]
[G] c:\windows\system32\drivers\slip.sys [PX5: C05453A580D50DE62B1A00E6C96F380022C2D117]
[G] c:\windows\system32\vfwwdm32.dll [PX5: 5404EB340063327FD65C005E9AC599008A6F1783]
[G] c:\windows\system32\drivers\udfs.sys [PX5: 5FD2643980FF4C93024701049FF5A900913F1B6B]
[G] c:\archivos de programa\codec pack de elisoft\m3jpegv3\mmtray.exe [PX5: EA1DBF2B00E00FF9D099004E335A9A00799F4C10]
[G] c:\windows\system32\wmpshell.dll [PX5: A257F2F40064E0C788EE01FC6369D900A88D9E47]
[G] c:\archivos de programa\archivos comunes\microsoft shared\textconv\mswrd632.wpc [PX5: 255241CE4A8E0D0D40E903D813E15E00FD716660]
[G] c:\windows\system32\netdde.exe [PX5: E0383CEB00BB76ABC2DC01BFB3AC1B00C5D788C5]
[G] c:\archivos de programa\microsoft office\office11\refiebar.dll [PX5: 3100C20560AD16DFF9B00093289226002B0E5A6C]
[G] c:\windows\alcrmv.exe [PX5: 4A462F050080662F20BE029C887EE300EC5BE36A]
[GP] c:\archivos de programa\codec pack de elisoft\oggvorbis\oggmux.exe [PX5: D0DD030100183555DA9100AA0CBCD700E1982B57]
[G] c:\windows\system32\cryptext.dll [PX5: CE0C524800DE013DD4E800E6AFBAF7001DA834E8]
[G] c:\windows\system32\cleanmgr.exe [PX5: 636AE91300389E7FFE100064B6DDA7007CB890C5]
[G] c:\windows\system32\mshta.exe [PX5: 718367AA002A4EB4B2EB00A2C177ED00FAF63606]
[G] c:\windows\uninst32.exe [PX5: 2BDF3EBB006C8E7A009B0123AB2CE2000EB051C5]
[G] c:\archivos de programa\archivos comunes\microsoft shared\textconv\recovr32.cnv [PX5: A374443E80947F7985C500545ED954004D56A778]
[G] c:\windows\system32\drivers\ccdcmbo.sys [PX5: 7F28C31780EB9054518A00185FAC4700E13D7EE8]
[G] c:\windows\system32\freecell.exe [PX5: 9CE31AF100A89970DABA0061D34EDA009EBC6F5D]
[G] c:\windows\agrsmdel.exe [PX5: 7CCCD77900D0D698FED100D219D82C00451EF65B]
[G] c:\archivos de programa\emule\uninstall.exe [PX5: 5829EF4D18000463207C0125256D5F005E7C8DC5]
[G] c:\windows\unneromediahome.exe [PX5: F09F9A5200676CEAC05F0E8F51A78700451F6449]
[G] c:\windows\system32\sol.exe [PX5: EDABAE770079E79BE049002FD274C400733BD453]
[G] c:\windows\system32\dmadmin.exe [PX5: 86BD0C8200018319722703238C591600415E5D2B]
[G] c:\windows\system32\system.drv [PX5: D4BD27742043BEDB0DB0000478EA5C00B79BCD14]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimestreamingauth oring.qtx [PX5: 4B3AA23100F24774707C054BC13C3A00B80A93BD]
[G] c:\archivos de programa\codec pack de elisoft\utilinfo\drfanalyzer090.exe [PX5: C017049900C8F1C7904C01F0086447008B017A0A]
[G] c:\archivos de programa\microsoft office\office11\outlook.exe [PX5: 2C76780C0870CA4B0C8C03B5E2262200228B3F4D]
[G] c:\archivos de programa\divx\divx codec\config.exe [PX5: EB747D0200BE07A510450124E9C50000C5D51B63]
[G] c:\windows\system32\firewall.cpl [PX5: 44081F4E009A7AB73A23010E4F09FF00AD0C2889]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimempeg.qtx [PX5: 68335FCC0001D22130AC07CF6D88D80035F00DA5]
[G] c:\windows\system32\spmsg.dll [PX5: 717C3DA1784EADB34903008796834400795854FA]
[G] c:\windows\winhlp32.exe [PX5: CB15CDA800F27638609204B01E536100C35644E0]
[G] c:\windows\system32\photowiz.dll [PX5: 685B593500D1D48DA06C0236372DBB00410B5B88]
[G] c:\archivos de programa\codec pack de elisoft\wma\msaud32.acm [PX5: 8B6DCB9450FBB072723D04571B7B5600D6A3043C]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimemusic.qtx [PX5: 42F4666000FA975AD0ED0747C7A2FA0073A1685E]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimeeffects.qtx [PX5: ADFC755400519C4AD0BA088408D97E00D065A7B5]
[G] c:\archivos de programa\hp\digital imaging\hpqssupply.exe [PX5: 1DB9D19A00C3A87C60CC06299D5F90000528D2C0]
[G] c:\windows\system32\accwiz.exe [PX5: BA2D179C00B936BDE0FD02975AAA1F00D18F0E17]
[G] c:\archivos de programa\codec pack de elisoft\xvid\xvid.dll [PX5: BEDF8B1600B3AA4A806F06EED1055D00A9DD6A8E]
[G] c:\archivos de programa\codec pack de elisoft\m3jpegv3\m3jpeg32.dll [PX5: AAB605E9006256D4E660033174AEBF00291CCDBC]
[G] c:\archivos de programa\quicktime\qtsystem\corevideo.qtx [PX5: 356718AF00804CF3F03E0475ECDFFA009DE42E04]
[G] c:\windows\system32\javaws.exe [PX5: 7BF5055398E9BD66458B02D05EBF5400D7C6573A]
[G] c:\windows\system32\shell.dll [PX5: CE2E2C35000BF1E3147B0046192BB900FA35E49E]
[G] c:\archivos de programa\hp\memories disc\hpod.exe [PX5: 58EC318C002ACE7DD0E0000C21A08400CC03A7C7]
[G] c:\archivos de programa\archivos comunes\microsoft shared\grphflt\pictim32.flt [PX5: 55D8C2B8807552990333018219988B00D009C32F]
[GP] c:\archivos de programa\codec pack de elisoft\semiac3\ds3dconf.exe [PX5: 771027A40078036114F3007C2EF195001CAF8C2B]
[G] c:\archivos de programa\archivos comunes\magix shared\upnpservice\upnpservice.exe [PX5: 9E9FCFD100CA3BF7507B082414EF68002D6CC4B3]
[G] c:\windows\system32\drivers\nwrdr.sys [PX5: 83E10CED0073D0907FCD02CE4498B500A105309E]
[G] c:\archivos de programa\quicktime\qtsystem\exportcontrollerps.dll [PX5: 684C63540083B68AF0EA004A6BAE040049128E20]
[G] c:\windows\system32\drivers\rdpwd.sys [PX5: F059F0E3086A11EC2111023C258C8900CFC29C24]
[GP] c:\archivos de programa\codec pack de elisoft\wm8gui\wm8encfrontend.exe [PX5: 979ADC6000646396902002D05CC87F00340D4C74]
[G] c:\windows\system32\sndrec32.exe [PX5: 1C3B7D3400489F45065202C54884590006CCF58E]
[G] c:\archivos de programa\codec pack de elisoft\lcljp\avizlib.dll [PX5: CE3F5C30000095B0C029010A3FA6C800B7715B27]
[G] c:\windows\system32\hticons.dll [PX5: A389C0CC00D81271AEFB00748B6909001C69000D]
[G] c:\archivos de programa\ti education\derive 6 - evaluación\unwise.exe [PX5: F5727F6700885CFE56280297A0F939003474908A]
[G] c:\windows\system32\javaw.exe [PX5: 7C2E436C98F39DEF354302C0FFF46D00E7905AB8]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimeessentials.qt x [PX5: AAA6AD9D00A06F97F06504E52AE32C00695F3CCB]
[G] c:\archivos de programa\codec pack de elisoft\utilinfo\gspot20.exe [PX5: 7FCE45260061FECCB01E02BA6AEC7B0019000030]
[G] c:\windows\system32\mshearts.exe [PX5: 3A3AFFC700435440F47E0185465A0900472FF7FD]
[G] c:\windows\system32\vga.drv [PX5: 8D38D13480CC42FA089200F6F3895F00B79BCD14]
[G] c:\archivos de programa\installshield installation information\{98032d6f-3ee6-4646-b68c-40bf012ac89b}\setup.exe [PX5: 08E3BCC2E8AF21C5D8C3010DBF23FE00CD33D086]
[G] c:\archivos de programa\codec pack de elisoft\vobsub\subresync.exe [PX5: B1BCBB4E00A206A5803401BFFC0F0E00995BFDC6]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimewebhelper.qtx [PX5: 8910331200D0CDE0708304C1932E16006FE67176]
[G] c:\archivos de programa\codec pack de elisoft\divx\config.exe [PX5: 15701F27003316B5002D0169632D0E003ABED229]
[G] c:\windows\system32\vssvc.exe [PX5: BFF63640006746AE7C9C04ADE2180F002C785371]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimempeg4.qtx [PX5: F0F869DC003D465750CC05190BDC450070D4553E]
[G] c:\archivos de programa\adobe\reader 9.0\reader\pdfprevhndlr.dll [PX5: 2710D5A76803E98035820160B139A90030EE7939]
[G] c:\windows\system32\graftabl.com [PX5: 0FE61FD6007A5D06668800223CE43900F602940D]
[G] c:\archivos de programa\quicktime\qtsystem\appleproresdecoder.qtx [PX5: 635D1B600068D07CB6EF04CA285361005396DBD5]
[G] c:\archivos de programa\codec pack de elisoft\vobsub\submux.exe [PX5: E15D1205008B9714F0FE008A23434A00B3043D8E]
[G] c:\windows\system32\sound.drv [PX5: E70CAE91D00DCE52067C00647C846400B79BCD14]
[G] c:\archivos de programa\quicktime\qtsystem\quicktime3gpp.qtx [PX5: 5590CF09006F8295603D05B8D3051A009A26B90F]
[G] c:\archivos de programa\quicktime\qtsystem\quicktime3gppauthoring .qtx [PX5: C60D8FFB00036E20A0750706093BB8002E8BCB02]
[G] c:\windows\system32\jsproxy.dll [PX5: 47064C840012CADF6C3400917536710016550EAE]
[G] c:\archivos de programa\nokia\nokia pc suite 7\connectionmanager.cpl [PX5: BC3935B600233B6468D10075EAAF3600135ECF82]
[G] c:\archivos de programa\codec pack de elisoft\cpe-pcf.exe [PX5: F9CB9BF49E22152FAB440082FA769F009FB7EA70]
[G] c:\windows\regedit.exe [PX5: FCFDB97C005E087C52080210F294BD000D216ACB]
[G] c:\windows\system32\mouse.drv [PX5: D9EA0CB2F0FB384407BE00D28D0C0C00B79BCD14]
[G] c:\windows\system32\remotepg.dll [PX5: ABC8BC1D00EB6CECF057001A176CB1004A8C03FE]
[G] c:\windows\system32\dssec.dll [PX5: E933EE6300D9180DCC3B00DB4CAD4900DD4C1431]
[G] c:\archivos de programa\codec pack de elisoft\mmswitch\mmaviinf.exe [PX5: E6794620005F14EE8021002E195D3F0042A8B031]
[G] c:\windows\system32\java.exe [PX5: AC00CF8A98272C5C354D0282D60CB1002F9C8CF6]
[G] c:\windows\system32\timer.drv [PX5: 70C39ED42089DF6110D900E6D660C40023BDCB8B]
[G] c:\windows\system32\wscui.cpl [PX5: A1DF2445002914E6444A02D12581480094857445]
[GP] c:\archivos de programa\codec pack de elisoft\utilinfo\tellmeaboutdivx015.exe [PX5: 5ED46D7600485491180C02BF5C5497003361C13E]
[G] c:\archivos de programa\codec pack de elisoft\mcdv\mcdvd_32.dll [PX5: 8A83029A009C0AD6FE2403290B03B700D71B25C4]
[G] c:\windows\system32\keyboard.drv [PX5: 159F7A82D0C5E0D3077700FE801B1000B79BCD14]
[GP] c:\archivos de programa\codec pack de elisoft\xvid\statsreader.exe [PX5: CEC5C53B00637153306400881DA42B00F17ABC88]
[G] c:\windows\system32\wshext.dll [PX5: DEE15A940045E4F800BE0104F649E900DE8E9CFE]
[G] c:\windows\system32\wiaacmgr.exe [PX5: 5A10A7A300C5BCC6A4C506AB3C288600954FBFF7]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimempeg4authorin g.qtx [PX5: 10F8A26C00497504E0950892A0981700D1C825DA]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimecapture.qtx [PX5: ABB533B90055BB73F0C2049BE9FA8200C985D37A]
[G] c:\archivos de programa\codec pack de elisoft\utilinfo\dxman110.exe [PX5: 9337626E04F86EB26CC901BB08D2770007E0D17E]
[G] c:\archivos de programa\codec pack de elisoft\tools\regdrop32.exe [PX5: 2851D755000BEF2EE004019D9A837200295AA6FE]
[G] c:\archivos de programa\archivos comunes\microsoft shared\grphflt\cdrimp32.flt [PX5: D9EC399480CCEA44E9DD06A420151C007DF01A4A]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimeimage.qtx [PX5: 731115D700BA66E900E90F8EBD8B1C0075B3D3E8]
[G] c:\windows\system32\quicktime.qts [PX5: 0CE653DB00AAF9AAE03B00C8F50CD200FA2EA912]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimeupdatehelper. exe [PX5: C68996B300F6E49670FD02B7AF9D0000826D3FDC]
[G] c:\archivos de programa\hp\digital imaging\unload\hpqphunl.exe [PX5: 0179724500B20FE7A0FB05CE6D5DD200781C147A]
[G] c:\archivos de programa\nero\nero 7\nero imagedrive\imagedrive.exe [PX5: 3C3E8158000AA105407A10DBF4CFAF00039B9A34]
[G] c:\windows\system32\drivers\imagesrv.sys [PX5: 3AE6FD8C0077A269F23F01BAA2ECA40083866402]
[G] c:\windows\microsoft.net\framework\v2.0.50727\msco rdacwks.dll [PX5: E2013C5B089BFF1A8CEF0C4A6B2DEC00D18DCB05]
[G] c:\windows\system32\mscories.dll [PX5: A1E5D46000077E234AFE018627387200E6C886DB]
[G] c:\archivos de programa\ati technologies\ati control panel\atiprbxx.exe [PX5: C2E151EA006060C8704901DD8C413C0026FD71CA]
[G] c:\windows\system32\ieakui.dll [PX5: 1BFFF7DC00FE7FA4789D02527D962800CC250E6B]
[G] c:\windows\isuninst.exe [PX5: E4A984D4009E6674AE60043BB74BCC00D1649AF5]
[G] c:\windows\system32\drivers\rmcast.sys [PX5: F0EFD8530065062918F703DE11911200D2169441]
[G] c:\windows\system32\deploytk.dll [PX5: 148D2EED68B7A6B645E006A2BEB7DA00124C3323]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimeinternetextra s.qtx [PX5: C25B46E10040280EB0EF0C068E6A5900097AF108]
[G] c:\windows\system32\logon.scr [PX5: 572EA3FA00114C175E1803F3B4819D002308B1D1]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimestreaming.qtx [PX5: 6A175F5F00D58169501C0DC413D10800452BBF3A]
[G] c:\archivos de programa\magix\common\database\bin\fbserver.exe [PX5: 24E844D55CF042CA50401741263D8300310CC5B6]
[G] c:\windows\system32\mstime.dll [PX5: 29D37B3300B9E5F23E930AC5D4020E00C7342078]
[G] c:\archivos de programa\internet explorer\connection wizard\icwconn1.exe [PX5: 14C8875C00CDD4F25436039E8D72E600AA57EF71]
[G] c:\archivos de programa\nero\nero 7\nero toolkit\cdspeed.exe [PX5: CDD8B53F00EE89F980DF1E6AAFDDB7009E056B63]
[GP] c:\windows\clement.exe [PX5: 66F0C6E73EF62155F06101E1D90ABA005E48661E]
[G] c:\archivos de programa\nero\nero 7\nero waveeditor\waveedit.exe [PX5: E34B023B00DC0D9FF0190B2DDDE82A00C867519A]
[G] c:\archivos de programa\archivos comunes\ahead\lib\neroscoutoptions.exe [PX5: 882C91AA00DB4138505F0E4D347AE100AE19E013]
[G] c:\archivos de programa\archivos comunes\microsoft shared\textconv\html32.cnv [PX5: 54707638803422C1EB2B0406C665C1003F9808E6]
[GP] c:\archivos de programa\lavalys\everest ultimate edition\everest.exe [PX5: 03C4C41A60DFAECF2EA31F83792E93000AB789AB]
[G] c:\archivos de programa\nero\nero 7\nero toolkit\neroburnrights.exe [PX5: 88949DBC00D8D1E8F0660DC64DCBA6006444016E]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimevr.qtx [PX5: C16B15B70021DA00803B0DBE09BC1C00E027CA3E]
[G] c:\windows\system32\spider.exe [PX5: 98F8C6C400841EF03A4508FFE3BEA9008FBC5104]
[G] c:\archivos de programa\nero\nero 7\nero toolkit\infotool.exe [PX5: 239233FF00FB9650C06820E6F5A20C00BBFC54D4]
[G] c:\archivos de programa\microsoft office\office11\olkfstub.dll [PX5: 45DDCDC18072875E9B8103CC7586F30039682555]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimevrauthoring.q tx [PX5: ED2B2261004CBB49605E0BE526D34700E7729F19]
[G] c:\windows\system32\drivers\tcpip6.sys [PX5: 5EBD2ECB800BF9E772A003D3A1F0C0008DD42830]
[G] c:\archivos de programa\codec pack de elisoft\picvideo\pvljpg20.dll [PX5: 1630A06E0097AD96E04302FCFB2F570075795D56]
[G] c:\windows\system32\krnl386.exe [PX5: 7AD5106740880E4B69860122AA50960087621EBC]
[G] c:\windows\system32\mmsystem.dll [PX5: 452E0299908EFD7713F901C8EB6DD700346D261A]
[G] c:\windows\winhelp.exe [PX5: CE4758B5701C062CF4DB03A3DFB12500D9B1FE75]
[G] c:\windows\system32\ieakeng.dll [PX5: 80F6268600AB3295569C02D086A81500F18E1E46]
[G] c:\archivos de programa\windows media player\wmpnetwk.exe [PX5: AF2881470070FC52FCAF0DFACB168500EEEEC7D6]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimeauthoring.qtx [PX5: EE10CD1F001FB3BF807822F64940FC00A4E99048]
[T] c:\windows\isun040a.exe [PX5: E4A984D4005D9991FE38043BB74BCC0003770633]
[G] c:\archivos de programa\windows nt\pinball\pinball.exe [PX5: 4287E1FE004D243E56BF040846BBFD00ED554BA2]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimeh264.qtx [PX5: C5874A9600B9ABC7600F373379859D00742E0766]
[G] c:\archivos de programa\codec pack de elisoft\ffvfw\ffvfw.dll [PX5: 1B05324200E15AF81007028561322700BBB68335]
[G] c:\windows\system32\drivers\bthport.sys [PX5: ADE8AA1880E8EAFB2808041C63F4410083FC00E1]
[G] c:\archivos de programa\malwarebytes' anti-malware\unins000.exe [PX5: 7CABF2D39064C37182CF0A561A0FFB008E88A0B2]
[G] c:\archivos de programa\archivos comunes\system\msmapi\3082\msmapi32.dll [PX5: 88CFAB2E081B8AB1CE6F151ADBD97200439B9BE5]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimemusicalinstru ments.qtx [PX5: E3E12CDD00B8524188611E3B3C2E0700FF6C5CD0]
[G] c:\archivos de programa\quicktime\qtsystem\qtjnative.dll [PX5: 26F02B680019360090560A0B9F8D0E00CB9F2CB3]
[G] c:\windows\system32\drivers\nabtsfec.sys [PX5: 37E661E8803A144B4DFD01732787D600D94FD14F]
[G] c:\archivos de programa\codec pack de elisoft\utilinfo\movieidw.exe [PX5: AD6DBEA700F1B5FB009901EE9F4D74000A69E641]
[G] c:\windows\system32\usmt\migwiz.exe [PX5: C6BEBB4C00ED60F2C21F03E2D2F62A00BEE4E3DD]
[G] c:\archivos de programa\hp\digital imaging\{0fabd3d7-3036-4e78-b29d-58957adb0a12}\setup\hpzscr01.exe [PX5: 42E255B00009DDBC805E1449B7A62C00AF39D8D4]
[G] c:\archivos de programa\quicktime\qtsystem\quicktimeaudiosupport. qtx [PX5: F7AAA33E00FA7AF86031327061F5B500784136C0]
[G] c:\archivos de programa\hp\digital imaging\help\cuetour\start.exe [PX5: BF7A0B85944CF172202E0D20735B5B00AB0B1B2F]
[G] c:\archivos de programa\avrack\rtlrack.exe [PX5: B2378E4500ABED18A0F13768CDD614008B003F81]
[G] c:\windows\network diagnostic\xpnetdiag.exe [PX5: 6E52CD7800F62BCA82480884AE41CB00F32ECB92]
[G] c:\windows\system32\ie4uinit.exe [PX5: F764EB4C006B753B140901425FEA5D00B7778398]
[G] c:\archivos de programa\windows nt\accesorios\wordpad.exe [PX5: 37E3C09700806242546F03954F6187007FC07230]
[G] c:\archivos de programa\codec pack de elisoft\tools\divxcalc.exe [PX5: 4C8005470093AC6960B805D685BA410048D5559B]
[G] c:\archivos de programa\nero\nero 7\nero toolkit\drivespeed.exe [PX5: 82E98C3400C9F87EF0E9130AE664E500331E7FB9]
[G] c:\archivos de programa\quicktime\qtsystem\quicktime.cpl [PX5: 54F751AE0014EA67E05F16834FB74B00D292A37B]
[G] c:\windows\system32\dfshim.dll [PX5: 5D816A89F88B3539795201C0903C31004ADCA8C6]
[G] c:\archivos de programa\hp\digital imaging\diagnostics\hpsysdig.exe [PX5: 29F0584400499E0350F1058CB7D3D60008F3CE0E]
[G] c:\archivos de programa\pc connectivity solution\servicelayer.exe [PX5: 3C36499000FF8555C881089FC8A080000404250C]
[G] c:\archivos de programa\installshield installation information\{cf9e33ad-bb0e-48e5-b8a2-410a2ea31941}\setup.exe [PX5: 1563C82600BCBE74921F02968BAF6500A43E5A0C]
[G] c:\archivos de programa\nokia\nokia pc suite 7\pcsuite.exe [PX5: D6DAECF500BA72F928D011D83ABE0400F45A10F7]
[G] c:\archivos de programa\nero\nero 7\nero backitup\nbservice.exe [PX5: BD54238E0006922BD02A0BEF608EBC00DA1273F2]
[G] c:\windows\system32\drivers\pcam800.sys [PX5: 827AD5DE68380230370003C719D2DC00BAA4E037]
[G] c:\archivos de programa\lavalys\everest ultimate edition\unins000.exe [PX5: FF964314C87DBE354FD10A1BD02E4200FD6A4F44]
[G] c:\windows\unnerobackitup.exe [PX5: F09F9A5200676CEAC05F0E8F51A78700451F6449]
[G] c:\windows\unrecode.exe [PX5: F09F9A5200676CEAC05F0E8F51A78700451F6449]
[G] c:\windows\unnerovision.exe [PX5: F09F9A5200676CEAC05F0E8F51A78700451F6449]
[G] c:\windows\unneroshowtime.exe [PX5: F09F9A5200676CEAC05F0E8F51A78700451F6449]
[G] c:\archivos de programa\codec pack de elisoft\oggvorbis\vorbis.acm [PX5: 4EBE022700ECF49DC0C213C079C9BA0030755AE5]
[G] c:\windows\system32\ieframe.dll.mui [PX5: 1FB80A0C006D7FAFE0CC0F5A0647ED0072F42BA9]
[G] c:\archivos de programa\archivos comunes\microsoft shared\grphflt\wpgimp32.flt [PX5: 905DC0BF8097672A179502F27F53EB00D68E69E0]
[G] c:\windows\system32\fontext.dll [PX5: B5E22C4100F12D2EE054050CD7DB5C0065597A5B]
[T] c:\archivos de programa\msn\msncorefiles\install\msnsusii.exe [PX5: D554F35DD830739ED8810D68D20F5D0043A2F93D]
[G] c:\archivos de programa\codec pack de elisoft\on2vp3\vp31vfw.dll [PX5: AC792089008ECE56D029063913C8BC00F4090BC9]
[G] c:\documents and settings\daniel\configuración local\temp\pxinstall94.exe [PX5: 3FBBB7F23829381956FE3FD6DA407C00AB2D9B1E]
[G] c:\archivos de programa\prevx\prevx.exe [PX5: 3FBBB7F23829381956FE3FD6DA407C00AB2D9B1E]
[G] c:\archivos de programa\quicktime\qtsystem\qtmlclient.dll [PX5: E304F21600022C8C00B7057BCCF3B50042C48981]
[G] c:\windows\system32\drivers\wdf01000.sys [PX5: 3F2CEB17E015BE6B81170798A6F9CE00B2E12A31]
[S] c:\windows\alcupd.exe [PX5: BC41757900DA0D6C30F1037C32E914008BB9ADC7]
[G] c:\windows\select.exe [PX5: 0BB2FAB13260E855F0711F72272D8B00F890EB64]
[G] c:\archivos de programa\cyberlink\powerdvd\powerdvd.exe [PX5: 94F844E000D1425AE0C703147F11CB00E79B543A]
[G] c:\archivos de programa\codec pack de elisoft\picvideo\pvwv220.dll [PX5: E2A41D61007363E9E0D4043DCE64AF00CAE6FFA3]
[G] c:\windows\system32\drivers\classpnp.sys [PX5: 61280642007AE0BEC20400D8EC4D8200079FF3CE]
[G] c:\archivos de programa\codec pack de elisoft\divx3\divxc32.dll [PX5: A4E698B24004DB7052540615355FB900652732BD]
[G] c:\archivos de programa\nero\nero 7\nero soundtrax\soundtrax.exe [PX5: 4B11EAD100F43A8730373068F0813E008EB84A8D]
[G] c:\windows\system32\drivers\disk.sys [PX5: 61E4E34300C80A908E6D00C10934AF006F571071]
[G] c:\windows\system32\drivers\cdfs.sys [PX5: 0225C13D004CC9CDF93000922132D000BA57D976]
[G] c:\windows\system32\ntbackup.exe [PX5: DEF8418700447FE0D0811263D9B2250059091970]
[G] c:\windows\system32\drivers\dmio.sys [PX5: 33A7916180B2EE7E5AC702A49AA6DC00ACE79123]
[G] c:\archivos de programa\nero\nero 7\nero home\nerohome.exe [PX5: 0B96D5B900E818CF30C20ABC5F88C800F5BCC7A6]
[G] c:\windows\system32\drivers\wmilib.sys [PX5: 7A1B707D0098974111DB00C8E2E10C00FCC422B3]
[GP] c:\documents and settings\daniel\escritorio\prevxedgefree.exe [PX5: 97461D613893ED7F38B60D341820190050B5426D]
[G] c:\archivos de programa\nero\nero 7\nero photosnap\photosnap.exe [PX5: FFAEFB5200A5711DD0892DDA41EA44004E264282]
[G] c:\windows\system32\msnsspc.dll [PX5: 3F69F8F20033419F70FD0421F62A4B0075B037E2]
[G] c:\archivos de programa\hp\digital imaging\{20b30dc1-e423-4939-b51d-05c58b0f9bbb}\setup\hpzscr01.exe [PX5: B0F1969158C8F99CE52E1092F27CD400110E6258]
[G] c:\windows\system32\tourstart.exe [PX5: 3136F80100B36A754C1C055787256F002AD7DC37]
[G] c:\windows\system32\syncui.dll [PX5: 2034C3FA00C5300AFA8C02DBAD08F6009441F11E]
[G] c:\archivos de programa\emule\linkcreator.exe [PX5: 382A414300E4F897206F04CBEA253100413B0320]
[G] c:\windows\system32\drivers\oprghdlr.sys [PX5: 691E96B980EF4DD30D2300DD63265E00B79BCD14]
[G] c:\archivos de programa\codec pack de elisoft\mpeg4\mpg4c32.dll [PX5: 6391B567407A613B50FB0615355FB9009477864E]
[G] c:\archivos de programa\codec pack de elisoft\mp3lame\lameacm.acm [PX5: DF6798C3008973FA105605B8B52867007E838AA6]
[G] c:\archivos de programa\archivos comunes\microsoft shared\grphflt\epsimp32.flt [PX5: 5BF32337808C68F099B2062F0E984D00C455BE61]
[G] c:\archivos de programa\screamer radio\screamer.exe [PX5: 5B0120BF00B786FB00F40A944F342E000DF681F6]
[G] c:\archivos de programa\codec pack de elisoft\divx412\divx.dll [PX5: 85209583005D12C4B05C0813A7D79C0075BF8FB5]
[GP] c:\documents and settings\daniel\escritorio\14462ee2b487485c8b88.ex e [PX5: 630ACB8B38FFACDD38AF0D2FE0D48F0017D52872]
[G] c:\archivos de programa\archivos comunes\ahead\nero web\setupx.exe [PX5: F50A499E005896EF602C1A6AA61AA000B4699601]
[G] c:\archivos de programa\nero\nero 7\nero photosnap\photosnapviewer.exe [PX5: 1A9188990027D8BCA0212AAF030FCF00E6317041]
[G] c:\archivos de programa\quicktime\qtsystem\exportcontroller.exe [PX5: F72E584C0026B20FA0BC023BFDC6F000E2200E31]
[G] c:\archivos de programa\archivos comunes\microsoft shared\grphflt\cgmimp32.flt [PX5: 9E7372A1804D002369A10461642CC900FC3F8546]
[G] c:\archivos de programa\movie maker\moviemk.exe [PX5: 86C667A7005D402140CF360D39A3FE00B0B5BC19]
[G] c:\archivos de programa\codec pack de elisoft\wma\divxa32.acm [PX5: 8B6DCB9400FBB072643D04571B7B5600EAB4338B]
[G] c:\windows\system32\mstsc.exe [PX5: 17F7547C002B1C2C3EF2060FAD866E0099EF2EF9]
[G] c:\windows\system32\drivers\atapi.sys [PX5: 9D6081B280209DE174C2011395153C00E47C5A8D]
[G] c:\windows\system32\drivers\acpi.sys [PX5: 6EB7D724801F4D96E2A8029EF0BB700089054FAA]
[G] c:\windows\system32\iedkcs32.dll [PX5: DA138B740069415EDEA505B63E56BD00789F9DE9]
[G] c:\windows\system32\drivers\battc.sys [PX5: EB6F1BAC00003DE437C500D2CB8267002617D2AD]
[GP] c:\archivos de programa\divx\divx codec\divx ekg.exe [PX5: 3E0A4A4B0037E57F36C9058C2BCAED007B640969]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\safedisk.exe [PX5: 96136219300DE0AD02040CC7DAB14000FD31A5B3]
[G] c:\windows\system32\diskcopy.dll [PX5: 14C9B1D400E890D3ECCA16837C6CB600B9507D4A]
[G] c:\archivos de programa\nero\nero 7\nero toolkit\neroburnrights.cpl [PX5: F810470F0002DB0E405709A737D1DA003F8472D2]
[G] c:\archivos de programa\nero\nero 7\nero mediahome\neromediahome.exe [PX5: 47D4097200F059FAF0D33F691BAFF7004990BEA5]
[G] c:\archivos de programa\archivos comunes\microsoft shared\grphflt\gifimp32.flt [PX5: 46D64618801D5766630903F3CBA76400BEECE142]
[G] c:\documents and settings\daniel\escritorio\mbam-setup.exe [PX5: 14A6205A384CA605E5652B7FD347C700B66A258D]
[G] c:\archivos de programa\malwarebytes' anti-malware\mbam.exe [PX5: 318AC76E902E7FA06E2813D23A35C9008FA61A99]
[G] c:\archivos de programa\codec pack de elisoft\pmmjpeg\pmmjpeg.dll [PX5: 175B1F8B107DBC90A37C024FF857F5006513898B]
[G] c:\windows\system32\drivers\fltmgr.sys [PX5: DD494D2180C4BB98F7F901405AA62900817D3A94]
[G] c:\archivos de programa\nero\nero 7\nero vision\nerovision.exe [PX5: 42382E3D00195DFA4AC70FA4C76C720045BC44DB]
[G] c:\windows\system32\drivers\dmload.sys [PX5: FC216AA0003B46A9171D00359F9C1600E909FEB4]
[G] c:\windows\system32\drivers\ftdisk.sys [PX5: D543638200F1FAF5ECA30154BD3E7700E14F423C]
[GP] c:\archivos de programa\divx\divx player\divx player.exe [PX5: 44CCA42400D1CADC662A181027A1950092E08FC8]
[G] c:\archivos de programa\codec pack de elisoft\aware\icmw_32.dll [PX5: FB908868002A2CCED0FF040A00D80300ECD9123C]
[G] c:\windows\system32\javacpl.cpl [PX5: 44498A330034D53B2014012307AEA20031AD2DA8]
[G] c:\windows\system32\drivers\compbatt.sys [PX5: E36FE59D80DA9ACD24410031217DCA008249322A]
[G] c:\archivos de programa\microsoft office\office11\msqry32.exe [PX5: E0F41B0B60352DA7E5F90902585417006761A6F8]
[G] c:\windows\system32\drivers\acpiec.sys [PX5: F21BE3DC000E8A0A2F3C009238A73C000AD561D2]
[G] c:\archivos de programa\archivos comunes\microsoft shared\grphflt\png32.flt [PX5: D8CEC01B80295FA22BAE032D94E9A9001AF912E1]
[G] c:\archivos de programa\archivos comunes\hp\memories disc\2.0\leadtools\lcodccmp.dll [PX5: 726A6197004ADC22C0F3055A2CB3D800D96C30A1]
[G] c:\archivos de programa\archivos comunes\microsoft shared\grphflt\jpegim32.flt [PX5: 4275BF3980065F038D2B024B2BA059005AAB6E47]
[G] c:\archivos de programa\quicktime\qtsystem\qtjavanative.dll [PX5: 870B0D0900298C36207507B5B87B2600C6D203BD]
[G] c:\windows\system32\drivers\enecbpth.sys [PX5: F5FCD37080A841881B4600BAD2737E0097ACFE37]
[G] c:\archivos de programa\adobe\reader 9.0\reader\pdfprevhndlrshim.exe [PX5: DA0194A28099802DC57901689C3C4D00B7D3DB48]
[G] c:\archivos de programa\divx\divx converter\converter.exe [PX5: 85FC6EE60012B05AC0FE14A0F8D99800F1EE09F0]
[G] c:\windows\system32\drivers\agp440.sys [PX5: 92796BB0806349F8A56F00F55D76CD00994ACF2C]
[G] c:\windows\system32\drivers\cdrom.sys [PX5: B3CE44DD80DABE80C1400031E25C450069663A5F]
[G] c:\windows\system32\drivers\kbdclass.sys [PX5: 11013D51001BA498620F00A282D06D00E6E74E17]
[G] c:\windows\system32\drivers\isapnp.sys [PX5: 8A87001A0002BFB48E1F0066402D8A0020019DE3]
[G] c:\windows\system32\drivers\mrxdav.sys [PX5: 614867E18023D003BDFE0234E558A700F3D6C8CF]
[G] c:\windows\system32\drivers\usbd.sys [PX5: F328D8568037A02F12FA00A0B0E095005A1BACA9]
[G] c:\windows\system32\drivers\mountmgr.sys [PX5: 7309084F00AE944FA5B9001585E15200FF872CDC]
[G] c:\windows\system32\drivers\ndiswan.sys [PX5: 304E26E9803B344266FF0104DAA0B500E6B358BD]
[G] c:\windows\system32\drivers\pxhelp20.sys [PX5: CEED5A5408FE9DE2AA3300585AD0A300BEEAAC3B]
[G] c:\windows\system32\drivers\ati2mtag.sys [PX5: 016E7AC900440B1342340A855B8121000053799B]
[G] c:\windows\system32\drivers\ksecdd.sys [PX5: 774C935980F76922670D01959D71E6009D9267E6]
[G] c:\windows\system32\drivers\audstub.sys [PX5: C910D030000E35B30CDC00441BDEF300B79BCD14]
[G] c:\windows\system32\drivers\wudfpf.sys [PX5: 36AA88DB0089F0502B3E0152E1D2DD00614F0BA1]
[G] c:\windows\system32\drivers\drmk.sys [PX5: 73B664558055CFD9EB9800CC44976A00031F37A9]
[G] c:\windows\system32\drivers\parport.sys [PX5: 4A82394D8019443A393C017F618C1500826A644D]
[G] c:\windows\system32\drivers\mrxsmb.sys [PX5: 02C6C2B500A95DA3ECE90621EACC5600CC7BC1C9]
[G] c:\windows\system32\drivers\netbios.sys [PX5: 6F5EDA40008AE18787EB007972CAB100F174D35C]
[G] c:\windows\system32\drivers\partmgr.sys [PX5: CD5C0D6C00BC0D35496D00DCA66DE800E5B26EF9]
[G] c:\windows\system32\drivers\beep.sys [PX5: F62FA4F780D77A5110B2005CD7507900637E04C1]
[G] c:\windows\system32\drivers\fs_rec.sys [PX5: 2E3179C900CB71741FBA004F645EEB00865149D3]
[G] c:\windows\system32\drivers\imapi.sys [PX5: A6DE19768012C7FDA37F00B5535D7900050612BF]
[G] c:\windows\system32\drivers\sfloppy.sys [PX5: 6884E1AE807AAB872CD300DC197E0C00B015D834]
[G] c:\windows\system32\drivers\ndis.sys [PX5: D3D6286080F2E0F0CA7A02249DEC7F001D734284]
[G] c:\windows\system32\drivers\npfs.sys [PX5: 20DA5FD280719B5A789A008E44C90300CCA72CD2]
[G] c:\windows\system32\drivers\usbuhci.sys [PX5: 4756F37D00016D8B5030004DF844F10054C11836]
[G] c:\windows\system32\drivers\msgpc.sys [PX5: A6DC8C520088C979894600B57B2B1A00363C4157]
[G] c:\windows\system32\drivers\mouclass.sys [PX5: 7E80CA6A0038C59C5C6F0047F0E3550033A62B62]
[G] c:\windows\system32\drivers\rasirda.sys [PX5: 8CCCA2B7808E55A34CD8006092BBF6006631AD45]
[G] c:\windows\system32\drivers\usbehci.sys [PX5: 42E57CAC00DC4FAF684000867EE93C003087E4F7]
[G] c:\windows\system32\drivers\modem.sys [PX5: F22F2ACE8067686F7617004AA04CD4002F000DA9]
[G] c:\windows\system32\drivers\rdbss.sys [PX5: EE21D17900972EBEAA93023D87A14E0013D2E867]
[G] c:\windows\system32\drivers\nic1394.sys [PX5: 720917AF800A6EE8F12400F5E9C6E000F750E215]
[G] c:\windows\system32\drivers\pciidex.sys [PX5: DD4713DB00668128625F00A6F0879B00FA781103]
[G] c:\archivos de programa\ti education\derive 6 - evaluación\derive6.exe [PX5: 89F2298E00EA40D1304438BF818B910017C60836]
[G] c:\windows\system32\drivers\intelide.sys [PX5: 13577194003FCB8816F90068ABEFAF00D98D1703]
[G] c:\windows\system32\drivers\serscan.sys [PX5: F8B9EAE000E4960B1BCC003C51FDAD00D162901A]
[G] c:\windows\system32\drivers\irenum.sys [PX5: 42D7DCAC001BE9A12C7B00EF915041002AED16BC]
[G] c:\windows\system32\drivers\manycam.sys [PX5: F686DA8380D91504541C002692D60400DB9E72DD]
[G] c:\windows\system32\drivers\afs2k.sys [PX5: 5DF3DDB098E1BD79AA33003EE314CE004862E478]
[G] c:\windows\system32\drivers\1394bus.sys [PX5: A01D29000095FDD3D05B00D74275E7003170E933]
[G] c:\windows\system32\drivers\stream.sys [PX5: E9758E5F00F11219BE3300252F112F00F38A6C5B]
[G] c:\windows\system32\drivers\raspppoe.sys [PX5: A8F2C94800B2E031A21A00F0EC682E009B5794D5]
[G] c:\windows\system32\drivers\swenum.sys [PX5: FDB253C8004ADC8E110200CB82EF3C003BACCEF1]
[G] c:\windows\system32\drivers\volsnap.sys [PX5: AC3AFD0E00294768D03200EE1153E4000537FDF1]
[G] c:\windows\system32\drivers\smcirda.sys [PX5: 741D53D2496CEC218C3A00A08EFBFB0014412C6F]
[G] c:\windows\system32\drivers\pcmcia.sys [PX5: 1E5E2DAE80A234A7D5E1011E8065A7000638B921]
[G] c:\windows\system32\drivers\rasl2tp.sys [PX5: C15C1546804EC8E6C8410037F34FAD00B1FBF6DF]
[G] c:\windows\system32\drivers\w22n51.sys [PX5: 9A28EF16804AC1E320011993D1100C002090D3B2]
[G] c:\windows\system32\drivers\raspptp.sys [PX5: F406FA260016D348BD2800EFDBDF52003203F53C]
[G] c:\windows\system32\drivers\srv.sys [PX5: 42F0A8DD80C5D258154105FB84647400AF81085F]
[G] c:\windows\system32\drivers\intelppm.sys [PX5: 308DA7E080DC5FE09D58006BABC91A009DD1C65E]
[G] c:\windows\system32\drivers\redbook.sys [PX5: AEF2FC7D004F986FE5C7004FF2D91D005927D18B]
[G] c:\windows\system32\drivers\cmbatt.sys [PX5: 91BBA2540094CF733705005E75072E008A264A98]
[G] c:\windows\system32\drivers\ptilink.sys [PX5: F96F182D805891FA452B007EBD870E004C25BA07]
[G] c:\windows\system32\drivers\wbsd.sys [PX5: FC342E6100AF1789655D00DF867CAD007914237F]
[G] c:\windows\system32\drivers\videoprt.sys [PX5: BBE87C52808D55E2379801ACFA738900C0632DEC]
[G] c:\windows\system32\drivers\ntfs.sys [PX5: F6D2D4BD008F0B21C44F08EC65529C002F16FA15]
[G] c:\windows\system32\drivers\dkbfltr.sys [PX5: F2488F928059D6CF407D00B42804E4001C0A935C]
[G] c:\windows\system32\drivers\psched.sys [PX5: C7C1320E008655110E77011715C66E0009C5AE75]
[G] c:\windows\system32\drivers\null.sys [PX5: 7047032880E19D2B0B4300F23A496700B79BCD14]
[G] c:\windows\system32\drivers\ndistapi.sys [PX5: 25AEC9EA809D4D4825A500A2A9E22F00CCB1FFC8]
[G] c:\windows\system32\drivers\pciide.sys [PX5: 826808EE80CFD8500D55002AE8E7E200B79BCD14]
[G] c:\windows\system32\drivers\alcxwdm.sys [PX5: 4D2761BD6C634FBA43A808CB2097E8008BC97179]
[G] c:\windows\system32\drivers\msfs.sys [PX5: 075BA4B3803111464A9700E6E20263008B5F85A4]
[G] c:\windows\system32\drivers\mup.sys [PX5: 488AE40380446D0EA57D014A890CCF00C681450A]
[G] c:\windows\system32\drivers\ohci1394.sys [PX5: 4A6E8F7F8033FF34EE4200E871B4F300047CEC38]
[G] c:\windows\system32\drivers\pavdrv51.sys [PX5: 38BBE762B84054D4462B014221AF54009D42E17D]
[G] c:\windows\system32\drivers\ks.sys [PX5: 78D9F49380D52F3B2603022FFE8CE100B4CA1585]
[G] c:\windows\system32\drivers\tdi.sys [PX5: D2E197368059988748C500010EF1F2006AC8B3D9]
[G] c:\archivos de programa\nero\nero 7\nero startsmart\nerostartsmart.exe [PX5: 4C14DFA1008ADC9C10696CB0415991009C3DE23E]
[G] c:\windows\system32\drivers\mssmbios.sys [PX5: 5C75220680F731D03C3D001BD399CC00D7DBED29]
[G] c:\windows\system32\drivers\usbport.sys [PX5: A1EF174180FC34972E3902AA15903200854523B2]
[G] c:\windows\system32\drivers\pci.sys [PX5: 9DA3602E807459480D5D01595A9184003FA0709C]
[G] c:\windows\system32\drivers\sr.sys [PX5: 4D90659E80D8A4771F1A013E6E421F00DDDBB832]
[G] c:\archivos de programa\nero\nero 7\nero showtime\showtime.exe [PX5: 233C46B80042290E708E4E8AF1D47A000DEF478B]
[G] c:\windows\system32\drivers\portcls.sys [PX5: AD607B188079CDEF39B802DAB6A7B200F599BD35]
[G] c:\windows\system32\drivers\i8042prt.sys [PX5: 5176B379005D75ECD2900002BF9BC200EF480110]
[G] c:\windows\system32\drivers\rtlnic51.sys [PX5: 0744DEDF80F9735E0F7901076EEFAD004523B9A2]
[G] c:\windows\system32\drivers\raspti.sys [PX5: 506F10F380FEE57C406900BE351741009F00F0DE]
[G] c:\windows\system32\drivers\rdpcdd.sys [PX5: 14FCFAAE80A686EB103300CFAE183900CB624D74]
[G] c:\windows\system32\drivers\shldrv51.sys [PX5: 659194093839DA7A980E00981778CE00883A4F88]
[G] c:\windows\system32\drivers\update.sys [PX5: DB815C1080BD5D598E3605C672D6A20096A59C7E]
[G] c:\windows\system32\drivers\afd.sys [PX5: B192E05B8012D5191C4902CE288BCC00CCBBE490]
[G] c:\windows\system32\drivers\arp1394.sys [PX5: E79B803D809043E9ED9C00655C5EAE00E1E46E49]
[G] c:\windows\system32\drivers\alcxsens.sys [PX5: 6A91AE54000A53A2F9BB055C6FEE280018076A7B]
[G] c:\windows\system32\drivers\cdaudio.sys [PX5: 7D0D30B9001A5352491B006D9C79D000079079B1]
[G] c:\windows\system32\drivers\dsaflt.sys [PX5: 875F3838386E6B15C84F003F1421FB0099113AB9]
[G] c:\archivos de programa\collins\master dictionary\collins.exe [PX5: C94AC1E20063897D40E99922DF1AA100BF8359AE]
[G] c:\windows\system32\drivers\appflt.sys [PX5: 1F579774381BBB8C182D019390500D00DD1391AF]
[G] c:\windows\system32\drivers\fnetmon.sys [PX5: 05EDBF0338E4CDB4560C00B173BE73006F2A7B6A]
[G] c:\windows\system32\autochk.exe [PX5: 38890F3300760B778686096430A56A007EAEB07F]
[G] c:\windows\fonts\vgafix.fon [PX5: 91E18BC7F0A0037314FB006B55157F001FC9364C]
[G] c:\windows\system32\advapi32.dll [PX5: 92B7F38700BB58A972CD0A00ECE7FD00147A8534]
[G] c:\windows\system32\drivers\ipsec.sys [PX5: 84ED89D600412A2C245201A3F8A740006B772EC6]
[G] c:\windows\system32\drivers\termdd.sys [PX5: 3111E3EA882052CE9F39002D38F46900A7415306]
[G] c:\windows\system32\drivers\fips.sys [PX5: 1007D8C50089CEC889D600EFFDE6B8006AE0FF16]
[G] c:\windows\system32\drivers\smsflt.sys [PX5: 1F2E1C60B8F6093B912B00C3DA1134009DF6916C]
[G] c:\windows\system32\drivers\ndproxy.sys [PX5: FB8873A080F72F00942D005DFF5068001A60ED1C]
[G] c:\archivos de programa\nero\nero 7\nero coverdesigner\coverdes.exe [PX5: A8BDA03A00C83B6530DF4FC2F6A5BB000FA7EF53]
[G] c:\windows\system32\lsass.exe [PX5: E1BF18E300AF6D2D3445003B3C2E07009C0B4E33]
[G] c:\windows\system32\drivers\wnmflt.sys [PX5: FD732BBCB8132FC477F1008B0ACC1500A3BF88A4]
[G] c:\windows\system32\drivers\rasacd.sys [PX5: EF519CA180B540A42200002C4F06E3005372DD33]
[G] c:\windows\system32\drivers\flpydisk.sys [PX5: 60E1171000EEA79E50BF00391F7EE000F2860CEC]
[G] c:\windows\fonts\vgasys.fon [PX5: 374F9840707DD0451C8100F3EB938400C3FB24D8]
[G] c:\windows\system32\drivers\agrsm.sys [PX5: A53C1F5BAC43CC16411E12F292448B00685C3EC7]
[G] c:\windows\system32\drivers\idsflt.sys [PX5: 6278ADFDB8486D2EEC26024CEFE1A300749AB729]
[G] c:\windows\system32\drivers\usbhub.sys [PX5: 1972CD35009EF197E1E10053A918EE0090181966]
[G] c:\windows\system32\drivers\mnmdd.sys [PX5: 33A41DEC8064684210700001C4EA1400320E2D4F]
[G] c:\windows\system32\drivers\netfltdi.sys [PX5: 1F699038380422D2072802372638CE004066E4D8]
[G] c:\windows\system32\watchdog.sys [PX5: A5490EC7005C2AF84570001E79455E0011553B7B]
[G] c:\windows\system32\drivers\tcpip.sys [PX5: 35D097E5805166447F920504E1D34A0019F31459]
[G] c:\windows\system32\drivers\dxg.sys [PX5: 3F54B7A780F0ED98157C011AE18D4A00EE6485EB]
[G] c:\windows\system32\drivers\dxapi.sys [PX5: D0E069F50027643C29470029619BD400B7B7054A]
[G] c:\windows\system32\drivers\netbt.sys [PX5: 7D3B6A2A0069D5737CDE020A47DE6F00F472D659]
[G] c:\windows\system32\drivers\netimflt.sys [PX5: 84B0814130057D222BF902172B438300E34E702F]
[G] c:\windows\system32\svchost.exe [PX5: F40E2DC500616549387D0095555BE30053E82E7D]
[G] c:\windows\system32\drivers\ipnat.sys [PX5: 16BC903800541BF40F8E02F0609797000CA3B3FE]
[G] c:\windows\system32\drivers\ws2ifsl.sys [PX5: E3FE23AC0026FAFE2FF10052E88519002DA1A545]
[G] c:\windows\system32\drivers\vga.sys [PX5: 14B18202007EA0B752C8003693833D00BCED634F]
[G] c:\windows\system32\drivers\wanarp.sys [PX5: D61BDDFF00BF41D487E5002B87E94900EE92AF43]
[G] c:\windows\system32\drivers\fdc.sys [PX5: 030113CC009ED3836B77000B64308F0030511E66]
[G] c:\windows\system32\drivers\rdpdr.sys [PX5: 02477783007980B5019E03607F7E03003B692115]
[G] c:\windows\system32\drivers\dxgthk.sys [PX5: 0164AB8900598A330DE900E4FEF37900B79BCD14]
[G] c:\windows\system32\services.exe [PX5: 636BAF710083E585A8B8011373392400CF35825E]
[G] c:\windows\system32\drivers\mdc8021x.sys [PX5: 06C94928D5D4F5E636CE005F1202A000019198C1]
[G] c:\windows\system32\lmhsvc.dll [PX5: 519D73180015AAE33629000A173BF5004A27C266]
[G] c:\windows\system32\dllhost.exe [PX5: 5A125B490079397C140F00B4A32FF200EBA45335]
[G] c:\windows\system32\shsvcs.dll [PX5: 593617FD0028BAC30E8502553039DB0056ABAB29]
[G] c:\windows\system32\drivers\s24trans.sys [PX5: 2AB195A3FAD17E202B7500449DBBAC00F169B97F]
[G] c:\windows\system32\drivers\cpoint.sys [PX5: 3C6A6032B8828CEE60890083BCC41500E80FE4DD]
[G] c:\windows\system32\wshtcpip.dll [PX5: 522AC66D001B6D5A4E8E00D8A0AEF0009FA0D342]
[G] c:\windows\system32\irmon.dll [PX5: AAECB28C00EF83356EEA008210CDAA005416710D]
[G] c:\windows\system32\w32time.dll [PX5: 0C401E810001F969B24A022F16FE9C00A98BD203]
[G] c:\windows\system32\drivers\ndisuio.sys [PX5: 0BF3AB388038D73732EB00A9A855ED006D3C0384]
[G] c:\windows\system32\wshirda.dll [PX5: 50C15837008D07A62013003B3C2E070081AC8340]
[G] c:\windows\system32\drivers\acedrv09.sys [PX5: 57436564E09F331DAED501FC94C4F0008AFC766E]
[G] c:\windows\system32\drivers\drmkaud.sys [PX5: FA93CCC9802BA0DD0B8800D3A4C66500B79BCD14]
[G] c:\windows\system32\win32k.sys [PX5: 372455D680E618DB2C6F1CFF908286007B61CECC]
[G] c:\windows\system32\drivers\parvdm.sys [PX5: D78233F280E873FD1B40001BF0D2FD00A1C3EFC2]
[G] c:\windows\system32\ntvdm.exe [PX5: 3845F20200018F016C4F06473E7EAA007D257F39]
[G] c:\windows\system32\crypt32.dll [PX5: 7D1091460033BBFB3683098709F8D400823BE6E8]
[G] c:\windows\system32\notepad.exe [PX5: D5B2A5710094FF11128201E40FA1440034CB73C1]
[G] c:\windows\system32\appmgmts.dll [PX5: 681989690065B7EDAC840228F23E3C00EA7A7DF0]
[G] c:\windows\system32\wuauserv.dll [PX5: 31D20C1B00FECDF21A7C00068A66AC0007B4B4F9]
[G] c:\windows\system32\wlnotify.dll [PX5: 809D2C86008AD1456E990109A1971000DB23584E]
[G] c:\windows\system32\wbem\wmisvc.dll [PX5: 01C16C8500E36B5F38100284CD010F007B7FA768]
[G] c:\windows\system32\schedsvc.dll [PX5: 3FD17CB000327598EE11025F3DE67B00D5827C86]
[G] c:\windows\system32\shell32.dll [PX5: 0F132D6000F21F94BEF381DEF6C32B0008C1A2A4]
[G] c:\windows\system32\msfeedssync.exe [PX5: FA0E4E60004D610F30FB00727688CF008D2D9800]
[G] c:\windows\system32\cryptsvc.dll [PX5: 5E2D349800FF363CECB300E8D69F7300C1E5A3BA]
[G] c:\windows\system32\wudfsvc.dll [PX5: F6C5D2F000898E23D88C0044042EE500DEB7148F]
[G] c:\windows\system32\wzcsvc.dll [PX5: 1ECEE84700996C8B80470562CED5140041E7201C]
[G] c:\windows\system32\ati2evxx.exe [PX5: E2F56C7700B16CF3108A06B23B067C00B0C163D7]
[G] c:\windows\system32\mswsock.dll [PX5: AC74B86E0095287CCA3503E49D2B19009C808E29]
[G] c:\windows\system32\rasmans.dll [PX5: 6AC5343500463BCBC43C0233B05755001EA05D6C]
[G] c:\windows\system32\srsvc.dll [PX5: 97C6E27000BA7CC29C6202A16DDB550094C1C7CB]
[G] c:\windows\system32\tapisrv.dll [PX5: A527D8AF009453B6CED703DEF536DF00DD0989BD]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\tpsrv.exe [PX5: A7F163FB30348B472DCA06FA9EA6BD00EB51E236]
[G] c:\windows\system32\avldr.dll [PX5: AB3624CE307DE7EAC6C9002C603A4E0022DB3163]
[G] c:\windows\system32\userinit.exe [PX5: 2568306F001DA1EB620B00510674AE008437B873]
[G] c:\windows\system32\dnsrslvr.dll [PX5: 77439A66003F67F5B20B001603CC7D006083EE91]
[G] c:\windows\system32\qmgr.dll [PX5: B796B068007A862ED69105B7EB85F8007FEE40D4]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\pavsrv51.exe [PX5: 9C7F22F73056C6DA43AE02FC46840F009DE5AE79]
[G] c:\windows\system32\scecli.dll [PX5: 062EE9A8006AE9B2D21E02E3126DBD00F1768449]
[G] c:\windows\system32\raschap.dll [PX5: B3FBF34300A4FEB310F101DE8C083F007F2CC7E3]
[G] c:\windows\system32\rpcss.dll [PX5: 27F0519E00F08DE512070643B0627F00C9B0729A]
[G] c:\windows\system32\spupdsvc.exe [PX5: 598605AF78DF141967FC0068A594810002BEBC08]
[G] c:\windows\system32\cscdll.dll [PX5: B8F517F90009157E909D017F19231E001A3DB797]
[G] c:\archivos de programa\adobe\reader 9.0\reader\reader_sl.exe [PX5: 1D08B98470CC4910870500CDE4DB45006EFCD5A4]
[G] c:\windows\system32\ati2mdxx.exe [PX5: 845650C000904F7370E70028AFB850006F8320D7]
[G] c:\windows\system32\logonui.exe [PX5: 782814560083D65DDE0B0761A1341000CD383092]
[G] c:\windows\system32\ipnathlp.dll [PX5: 0034B34C00F1555D121B05365588FD00B6D84789]
[G] c:\windows\system32\netman.dll [PX5: 65612A5600E1886F042503516394BA0028BC72E2]
[G] c:\windows\system32\drivers\splitter.sys [PX5: 249A00630095166C194E008C6AC35800063B57CE]
[G] c:\windows\system32\upnphost.dll [PX5: F13CBC3D00769C5FD4FD02D1B932FE00D54B6CB9]
[G] c:\archivos de programa\hp\digital imaging\bin\hpslpsvc32.dll [PX5: 8378C34C00935F7A20670ABF45CB9B001A34638A]
[G] c:\windows\system32\winspool.drv [PX5: CEB94E04005EB50A3E7C021FD0F2D200C30B1F54]
[G] c:\windows\system32\ntmssvc.dll [PX5: 5F5C312B004AB6A3AE15068749EAD4000BEA201B]
[G] c:\archivos de programa\hp\digital imaging\bin\hpqpse.exe [PX5: 70A928E5A019C237F592002DDDE82A00D661EDF6]
[G] c:\windows\system32\es.dll [PX5: F72B067B005890E9E03903E616B55000BA73E5B0]
[G] c:\archivos de programa\hp\digital imaging\bin\hpqcxs08.dll [PX5: B784EFA60005500750F5032B2C96E800F1E2574F]
[G] c:\windows\system32\wiaservc.dll [PX5: CB774A9400E3620B1A9605C7816C4B007CB968D5]
[G] c:\windows\system32\drivers\irda.sys [PX5: 8E3E330D80498C3355E4015E39491300BFC79D07]
[G] c:\windows\system32\wbem\wmiapsrv.exe [PX5: 1707F13C007C19C1EE9501FD1D3158009A550310]
[G] c:\archivos de programa\apple software update\softwareupdate.exe [PX5: 50233A2A40E0F0FBA51D0862681CF10036EF0AC6]
[G] c:\archivos de programa\hp\hp software update\hpwucli.exe [PX5: 766B2B1C30A1F28D85FD0A62D67ED5005AB86409]
[G] c:\windows\system32\sndvol32.exe [PX5: A0E7261E006E7A81202602D8A8714400AD33D6DB]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\psimsvc.exe [PX5: F966B82830A466FFA80C01856879C5000E5528D0]
[G] c:\windows\system32\spoolsv.exe [PX5: 1DCDB07A00179F65E28700A02CD4BA00B29C7A8B]
[G] c:\archivos de programa\google\googletoolbarnotifier\googletoolba rnotifier.exe [PX5: E63AEB0AF802D21F0C5B015CDCEDA80008569A7F]
[G] c:\windows\inf\unregmp2.exe [PX5: 62D1ABBC006680A4E03104F3FD5F6600528F3182]
[G] c:\archivos de programa\adobe\reader 9.0\reader\acrord32.exe [PX5: B0EDF6CA68740A08551205D794CDC20003D1F39C]
[G] c:\windows\system32\drwtsn32.exe [PX5: 4BBF6662002B6CDFB8AF005912C3470054325488]
[G] c:\program files\real\realplayer\rpshell.dll [PX5: CA799796289C6919F69B0065638DCA0095202CA6]
[G] c:\windows\system32\msiexec.exe [PX5: 2199A4A600D88009341401C8D9AE0A004C78202A]
[G] c:\archivos de programa\java\jre6\bin\jqs.exe [PX5: AC88018398630B1955DE0269EA21F200F904B269]
[G] c:\windows\explorer.exe [PX5: 5F224AD100F73BC6CEBA0FDC56B8E400B2D71066]
[G] c:\program files\real\realplayer\realplay.exe [PX5: D01A9E9508C8236E46FA037472940900AAB49BA1]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\firewall\pshost.exe [PX5: C6123016300994DC76930303D4A5CA00D93BA45D]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\avlite.exe [PX5: B8F143E9304ED68FAF0F07C2B37DC0007757BBB4]
[GP] c:\archivos de programa\hp\digital imaging\bin\hpqgalry.exe [PX5: A99C9450002C31B8F0BC074A871C66009F384C6A]
[G] c:\windows\system32\appwiz.cpl [PX5: 88BC7DC100E1330672AF08041BC78D006FA3C10F]
[G] c:\archivos de programa\hp\digital imaging\bin\hpqthb08.exe [PX5: 6FD1D57A0049A405D0DC00135B9F4800E1406937]
[G] c:\windows\system32\termsrv.dll [PX5: 2ABDAEEE00455609887204B1BEF38600F021F53F]
[G] c:\archivos de programa\intel\prosetwireless\ncs\proset\proset.ex e [PX5: FEF958383DA44778B0C50D216E8598002904C28F]
[G] c:\windows\system32\ctfmon.exe [PX5: 9304CE1600E5509F3C0D00F14B5A5100C21E7D21]
[G] c:\windows\system32\shimgvw.dll [PX5: DAFF532F00780C4CB8F506A813E21300C791899B]
[G] c:\windows\system32\s24evmon.exe [PX5: A73C7EE643F03569C0F404A89D1AEF008A73A98F]
[G] c:\archivos de programa\winrar\winrar.exe [PX5: 98BC9E4D00F15ED3C0D90C737F19C800CD5DFCF9]
[G] c:\windows\system32\dmserver.dll [PX5: 7360755C000B9F155E610037E22ABC004C63AFF5]
[G] c:\archivos de programa\archivos comunes\panda software\pavshld\pavprsrv.exe [PX5: E3D5ABF530A1C024F6DB00972C68360098140173]
[G] c:\archivos de programa\quicktime\qttask.exe [PX5: 5003E43B0082A76A50CC06A4E0658900F686DB6B]
[G] c:\windows\resources\themes\luna\luna.msstyles [PX5: 51FC2B90900B94F7F08D3FFB772E82009ED3D63C]
[GP] c:\windows\system32\divx.dll [PX5: 79B8AC1E00623CAD70C10A1C32A413004CB7E2A0]
[G] c:\windows\system32\imapi.exe [PX5: FA55DBBD009BDDD14A8402202B1E5300AFCCDE6D]
[G] c:\archivos de programa\hp\digital imaging\bin\hpqsrmon.exe [PX5: 1B2FC1C70030F1FE3CBD0164A53F2500069AD1BA]
[G] c:\archivos de programa\archivos comunes\ahead\lib\nmindexingservice.exe [PX5: 27FD51C300B33365100C047D8D182100575AE27D]
[G] c:\windows\system32\ersvc.dll [PX5: A9DCDFEF006257925A3B00E01F4D2400CA25474F]
[G] c:\windows\system32\audiosrv.dll [PX5: CF2042D9000122A1A6A80092373D1800A43EB50B]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\pavfnsvr.exe [PX5: 5AD106CC30A8AF2EA54002D09000D4006B65D919]
[G] c:\windows\system32\dhcpcsvc.dll [PX5: 6B31A5B6003DEA2AB413012609A1630070C345B7]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\psctrls.exe [PX5: 6007B99530162213952A022D3F1D140010E04B3B]
[G] c:\windows\system32\alg.exe [PX5: 54E5732D00A84BB2AEC200E087F3A200495FBB03]
[G] c:\windows\system32\mspaint.exe [PX5: 3BE234DC00AD5EE84AD205207C533200A5429033]
[G] c:\windows\system32\lgnotify.dll [PX5: 0001DECF00A33D8CB03001783EF82E00B78673E9]
[G] c:\archivos de programa\archivos comunes\real\update_ob\realsched.exe [PX5: A67AB29D104A1E55D6D90282BDCACF00E101C49F]
[G] c:\windows\system32\regsrvc.exe [PX5: BF9B401400C16734E0860195DEB9F200E2125951]
[G] c:\archivos de programa\hp\hpcoretech\hpcmpmgr.exe [PX5: 63F1E4EF00EE4EA3B09603BB79B8BE00D24F9201]
[G] c:\windows\system32\cscui.dll [PX5: 6060D178006500C1148E05B6248B9200586AE657]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\patch.tmp [PX5: F758035300F7E1F8D0CE0054B5F0780072B7A8A4]
[G] c:\archivos de programa\google\google updater\googleupdater.exe [PX5: 308A074FF0586473771E0264BA949F0006FF13C8]
[G] c:\windows\system32\rastls.dll [PX5: 13891E8200F37A69B87E01DB8E69680072E4BB23]
[G] c:\windows\system32\rundll32.exe [PX5: F6E472FC007174E38209003396ABA600B117037C]
[G] c:\windows\system32\drivers\aspi32.sys [PX5: 40F67EB18015532A5D0C009121A5EF0074987298]
[G] c:\windows\system32\drivers\kmixer.sys [PX5: 1C3250A68067C4B7A11302D8512D99006E8A628F]
[G] c:\windows\system32\wkssvc.dll [PX5: F785B0520050629F0457028102F0DA0020D974A1]
[G] c:\archivos de programa\veoh networks\veoh\veohclient.exe [PX5: B1D1DCDB3050E27BBC723667EADA8800A4FB7A57]
[G] c:\windows\agrsmmsg.exe [PX5: 9925C32E2BE3F0415910011D3F440400E22F63FA]
[G] c:\archivos de programa\windows media player\wmplayer.exe [PX5: 3F8CE510004F3C32FA0B00EFD191E5002E90DEBC]
[G] c:\windows\system32\drivers\wdmaud.sys [PX5: 1A706C8200C406CF446E0184AD924B00FE330A09]
[G] c:\archivos de programa\hp\digital imaging\bin\hpqddsvc.dll [PX5: 745837DC0079C8C120C0027C28173100753FCAF7]
[G] c:\archivos de programa\hp\digital imaging\bin\hpqdirec.exe [PX5: 2579E4BF0077B6FFE0CC0FDF6D5EB500108201E3]
[G] c:\windows\system32\drivers\dmusic.sys [PX5: 64B493018066E6FACEE6008D21636D008F236B03]
[G] c:\windows\system32\inetcpl.cpl [PX5: A200AC7F006B3FBFF2A61B29A256E10006045728]
[G] c:\archivos de programa\gadwin systems\printscreen\printscreen.exe [PX5: 5D1558B100684535902807570FEDE2002F063287]
[G] c:\windows\system32\drivers\aec.sys [PX5: E884BE24808C5EEB2C92028B464629005484ED65]
[G] c:\windows\system32\drivers\sysaudio.sys [PX5: 23CF2276806778A5EDCF00D9512FDE00BB195FEF]
[G] c:\windows\soundman.exe [PX5: 2F8F582D00F649E2FE9D005DCF8A8600107302B9]
[G] c:\archivos de programa\intel\prosetwireless\ncs\proset\pronomgr. exe [PX5: 5A813F6000806CC6509601F7156849007041CBDE]
[G] c:\windows\system32\webclnt.dll [PX5: E1681388009120760AF401792C3D1400AE2DFBA3]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\apvxdwin.exe [PX5: E176DE7E30EB54E2F58206F59FE2540027224A0E]
[G] c:\archivos de programa\archivos comunes\microsoft shared\vs7debug\mdm.exe [PX5: 2E5BA9D3480CBAE9EA2A04C9F6D7FB00F945EC88]
[G] c:\windows\system32\drivers\swmidi.sys [PX5: D73823E800EBA9D4D48400057CBBEE004EA1E5C8]
[G] c:\archivos de programa\hp\digital imaging\bin\hpqwrg.exe [PX5: BB40867350EBB02E955A0A5F2A496D00265FD283]
[G] c:\windows\system32\mstask.dll [PX5: 24014662002DC24444000406A28FE900D031884B]
[G] c:\archivos de programa\ezbutton\cplbcl50.exe [PX5: F5B9D0C500062C7E207E06E4B60B3B003A05912B]
[G] c:\archivos de programa\internet explorer\iexplore.exe [PX5: D0519300A8C3C667AC930990A6A5100012E5A659]
[G] c:\archivos de programa\archivos comunes\adobe\calibration\adobe gamma loader.exe [PX5: 2239093A00DFACBBBCB7015C24E82F009061170A]
[G] c:\windows\pchealth\helpctr\binaries\pchsvc.dll [PX5: 3CF2E7B30028818F98B300E973AA5500599D5946]
[G] c:\archivos de programa\hp\digital imaging\bin\hpqtra08.exe [PX5: 233A301458988B3B455E03BCE23A6600FD2451F4]
[G] c:\archivos de programa\windows live\messenger\msnmsgr.exe [PX5: 1F73A31560D3A39D49C33B357F71DF006160D21D]
[G] c:\archivos de programa\archivos comunes\microsoft shared\source engine\ose.exe [PX5: F61B8D0330B79FF65C6601A611B00C00EFE13B0C]
[G] c:\windows\system32\mmc.exe [PX5: 78597B2D00915CDD74820CD0EB0CF800754BAAC6]
[G] c:\archivos de programa\ltmoh\ltmoh.exe [PX5: 122BA21F0050CA59D0590292168977006E83E980]
[G] c:\windows\system32\drivers\serial.sys [PX5: 84269A0C80DA4AE9020E01315B9942000E12B449]
[G] c:\archivos de programa\archivos comunes\ahead\lib\nerocheck.exe [PX5: 3497EEA9000E5F80604C02B7535389000D301EB8]
[G] c:\windows\system32\cmd.exe [PX5: A0F3FEC70044C14C261406F23AA7F30038ACF0DA]
[G] c:\archivos de programa\java\jre6\bin\jusched.exe [PX5: 5E4E6F6B98EFDFA115F102E6A8B0A600A53A3ED0]
[G] c:\windows\system32\netfxperf.dll [PX5: 1A2876B000187B0F80C400FED64B1900FAFC4C7F]
[G] c:\archivos de programa\pdf24\pdffrontend.exe [PX5: E9AC89DC00EAD4F9943909D00CF5E0008C56EFB7]
[G] c:\windows\system32\trkwks.dll [PX5: 3D9F3940007C9B5A621D011F493B83002401C516]
[G] c:\windows\system32\srvsvc.dll [PX5: 0BFF5A6200F821CA7A0401E40DD65500509E62C2]
[G] c:\windows\system32\hpzipm12.dll [PX5: A3CC866F00845644D250006C1C88270060229EF3]
[G] c:\windows\system32\browser.dll [PX5: 44291310005D0D9D2E6201C807EC76007FE7A11E]
[G] c:\windows\system32\hpzinw12.dll [PX5: 6AA454F1001929E9AA70008FD1CB41007F6AE920]
[G] c:\windows\system32\drivers\pavproc.sys [PX5: 840B5E61B88BA98CBA37026227D7630005DDE515]
[G] c:\windows\system32\wscsvc.dll [PX5: D352F7CF0000407D3ECF01C9975351004232AF03]
[G] c:\windows\system32\sens.dll [PX5: 61C8FD1E009E881E985200C35941D400D0B5C828]
[G] c:\windows\system32\seclogon.dll [PX5: 693C8D1C0079FF4A4A5A00BCBF858D009FB2F4ED]
[G] c:\windows\system32\regsvc.dll [PX5: 964793A10092146CEAE600DC41696F00167932CB]
[G] c:\archivos de programa\ccleaner\uninst.exe [PX5: 6F68B2EC945BE6A0C5940185E64EAB00BA728891]
[G] c:\windows\microsoft.net\framework\v2.0.50727\aspn et_perf.dll [PX5: D02390E008FB20CA826900411A055A001971C16C]
[G] c:\archivos de programa\spotify\spotify.exe [PX5: 69FAE58B803B53876B35261C77156C0064AE5A3A]
[G] c:\archivos de programa\google\google toolbar\component\fastsearch_219b3e1547538286.dll [PX5: 4AC25772F0EF2EA9F75E077789BCC9001685917E]
[G] c:\archivos de programa\microsoft office\office11\msohev.dll [PX5: 9A454C88383E02BC06ED01134822DA00C01DA356]
[G] c:\archivos de programa\archivos comunes\adobe\acrobat\activex\acroiehelpershim.dll [PX5: 532A0C4078FCB42D252B01D612903B00A52DAA2C]
[G] c:\windows\system32\drivers\http.sys [PX5: 1A572A9180D9F92E022704747529EC0016C1652C]
[G] c:\windows\system32\msfeeds.dll [PX5: ABAE827600EF3ABD028807D849555100B95B74F4]
[G] c:\archivos de programa\octoshape streaming services\daniel\octoshapeclient.exe [PX5: 650794BC781E8B6D466603B34A4F42002B01D07E]
[G] c:\archivos de programa\java\jre6\bin\jp2ssv.dll [PX5: 3B34065200523E81884C006580EBFF00982B5D34]
[G] c:\windows\microsoft.net\framework\v1.1.4322\aspne t_isapi.dll [PX5: 68F54D71008E0F61F0FF0363D9DC6C000D0BDC3D]
[G] c:\windows\system32\msdtcuiu.dll [PX5: C31D43E5008A204C76C80274A0D33200AD147401]
[G] c:\windows\system32\cryptnet.dll [PX5: D3F91DFF00A507EDF8EF0072A0BBE3008A7D391A]
[G] c:\archivos de programa\java\jre6\bin\ssv.dll [PX5: F4477A109852F5E8E55F0492B87A5900CD4970E7]
[G] c:\archivos de programa\java\jre6\bin\regutils.dll [PX5: FD4DB1430097A5A600AA0486B1735E001B1E0468]
[G] c:\archivos de programa\google\google toolbar\googletoolbar.dll [PX5: 370A8ABC70895D8CD6C60302C5A3DC0052BF58F9]
[G] c:\archivos de programa\hp\digital imaging\smart web printing\hpswp_printenhancer.dll [PX5: 76272C8E4076947EEDEB043AAA7BD60025AD71E9]
[G] c:\windows\system32\msh261.drv [PX5: 1355BC0A004DDB10E0D70249548EE500E11A2533]
[G] c:\windows\system32\ir41_32.ax [PX5: 8869BE5A008D6DE1F2890CA2AE39D700C689A861]
[G] c:\windows\system32\msgsm32.acm [PX5: 7270DE4A001187FB4E2600F1330C1F0018BC39CD]
[G] c:\windows\system32\msg711.acm [PX5: 27072EF500B210EA242A0012D62AF3004BD75D77]
[G] c:\archivos de programa\archivos comunes\microsoft shared\web folders\msonsext.dll [PX5: 073BE487D0FEC602BA1813A9CC42E600B4CC277E]
[G] c:\windows\system32\wiashext.dll [PX5: B1BDC89500CEC5C90A63098BE2F36B009E5D72DC]
[G] c:\archivos de programa\microsoft office\office12\wordcnvpxy.cnv [PX5: 866A893D1893730D69BA00B5F7B862005D0684E8]
[G] c:\windows\system32\query.dll [PX5: 59992EC9006A16C8FA1E15C90EE9930053DBC5C4]
[G] c:\windows\system32\ieapfltr.dll [PX5: 132EF98500FA43ADDA7F05DC467B8A000B1072EE]
[G] c:\windows\system32\msadp32.acm [PX5: B05AEAC8003A7B4A3AD60060A7657B000D35BA3C]
[G] c:\windows\system32\iyuv_32.dll [PX5: E2546DD1008A4354BAC200CBD4A56600A02FE937]
[G] c:\windows\system32\msh263.drv [PX5: 58939A4A0096B477807904BF22E37C005E44F16E]
[G] c:\windows\system32\pngfilt.dll [PX5: 22F1B04A00D6D836AE9C00D6C5587F00AE6E70B6]
[G] c:\windows\system32\msg723.acm [PX5: DB05A40A00067E48D0C20193A3BB11003B3CA2DF]
[G] c:\windows\system32\drivers\usbstor.sys [PX5: 6135CAAA80509344675C002A218295006093CEAA]
[G] c:\windows\system32\mucltui.dll.mui [PX5: 69684FB468DFC0126B0600A21ADC4B00D3F77B39]
[G] c:\windows\system32\imaadp32.acm [PX5: C11662C60026726C40EF00A0C67DDA000BECE114]
[G] c:\windows\system32\ir32_32.dll [PX5: 66A4839100FCF8D30A09034E72F30000BCB783A0]
[G] c:\windows\system32\msyuv.dll [PX5: 0476AEB8000BF6AE44020032008D99007280457F]
[G] c:\windows\system32\sirenacm.dll [PX5: A75CB877605EAC49C192002D5C5661005585AB2E]
[G] c:\windows\system32\wpdshext.dll [PX5: 260936F700D6CD55B83A276215529800C0FDB145]
[G] c:\windows\system32\msvidc32.dll [PX5: E70F40C200CF1982649F00614663C800BE99E57D]
[G] c:\windows\system32\dxtmsft.dll [PX5: C7744AA1008756AB4C6C0568F6590900F08DCFC8]
[G] c:\windows\system32\mshtmled.dll [PX5: 77D4D71F00C348484ABE0786A76D2700E1A327C4]
[G] c:\windows\system32\iccvid.dll [PX5: 4737D64500C39B2E3ACA014F30D6270096CF3696]
[G] c:\archivos de programa\ccleaner\ccleaner.exe [PX5: AB0463BCF0D531AA745F1622D69F0300EECC2520]
[G] c:\windows\system32\tssoft32.acm [PX5: 7A21C7C10001817520F80065A2BF6D00DEC5376A]
[G] c:\windows\system32\msrle32.dll [PX5: 6AF0072C00CB75A52C3400ED2EFA8B0009F9EF97]
[G] c:\windows\system32\dxtrans.dll [PX5: 34A59DE1007AB21A469F03FAEA0F7E00E1442BE2]
[G] c:\archivos de programa\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dl l [PX5: 51B5E68F007E2D29200C01FA89A25F0073BC74B0]
[G] c:\archivos de programa\hp\digital imaging\smart web printing\hpswp_bho.dll [PX5: 445861DC40D597D14565087BFD100A000946F153]
[G] c:\windows\system32\restore\rstrui.exe [PX5: E89B8EB300B3E1A4D86D05DAA56C7F0085E761D2]
[G] c:\windows\system32\tsbyuv.dll [PX5: BEA6B84E00FDE11120B400B4BB4D900098BA493E]
[G] c:\windows\system32\audiodev.dll [PX5: 4BE217500087C5F13A360430E7958900806DA483]
[G] c:\windows\system32\sendmail.dll [PX5: 9CE2319200FF63E5D871006300669300FD964DAC]
[G] c:\windows\system32\l3codeca.acm [PX5: D2B717D0006D8F05968C04C745C5C50026DF63AD]
[G] c:\windows\system32\msaud32.acm [PX5: 255C079D0033B54280BB0415FD57880022CEFE0E]
[G] c:\archivos de programa\skype\toolbars\internet explorer\skypeieplugin.dll [PX5: 24771F6F2875E3479B0310AD65BE18005C94C7F1]
[G] c:\documents and settings\daniel\configuración local\temp\pxinstall275.exe [PX5: 3FBBB7F23829381956FE3FD6DA407C006596522F]
[G] c:\windows\system32\pschdprf.dll [PX5: 78A42AFC004DE2A42A02003B039D1D00BE4E91B5]
[G] c:\windows\system32\mpg4c32.dll [PX5: 455AB90B90B2E3D769720615355FB9006D2AC8ED]
[G] c:\archivos de programa\archivos comunes\system\ole db\oledb32.dll [PX5: DD73C66400A04BA67060072C8B55DF00C7EFC968]
[G] c:\archivos de programa\archivos comunes\real\update_ob\r1puninst.exe [PX5: 05ADE0F50060B5F1F035024EC19FFD00E13345D4]
[G] c:\windows\system32\rsvpperf.dll [PX5: E519F07D00EFCBBC26D2003B3C2E07004AF31D15]
[G] c:\windows\system32\perfdisk.dll [PX5: 40E1C9E6008108AA6A0000305332E400A4E0D19E]
[G] c:\archivos de programa\codec pack de elisoft\utilvid\avic.exe [PX5: E054F05B00ABBEF0185700B7B460B500D17F096E]
[G] c:\windows\system32\sl_anet.acm [PX5: 08A29A3100DF2B8550CE0170BDC327008286E212]
[G] c:\archivos de programa\codec pack de elisoft\utilvid\filemerger.exe [PX5: D7C0751E0001CAD7201501A62ED2C0006AC5D5EF]
[G] c:\windows\system32\iac25_32.ax [PX5: D144BA1500E5B34B0C900331C780B100DCD1DB88]
[G] c:\windows\system32\perfts.dll [PX5: E09A798A0083749F30E0004AEAD243007558042A]
[G] c:\windows\system32\zipfldr.dll [PX5: 7B2B427E0029FCE930710546B4B87800C37A3953]
[G] c:\archivos de programa\archivos comunes\microsoft shared\textconv\wpft632.cnv [PX5: 7A2681AC80B62455753C03C186EAC10090E7C8F6]
[G] c:\archivos de programa\archivos comunes\microsoft shared\textconv\wpft532.cnv [PX5: 5E058B488045AD24E3750214979C0C00E7FB28E7]
[G] c:\archivos de programa\panda security\panda antivirus + firewall 2008\shelltit.dll [PX5: 1FF0D1AC3058DDE8E66901F51D218B002A30126C]
[G] c:\windows\system32\rasppp.dll [PX5: 5A2D15B4006C9615260A03317439500046FE0C80]
[G] c:\archivos de programa\nero\nero 7\nero coverdesigner\coveredextension.dll [PX5: 9425D51C00BE9207D06B1D32D0E4B1001384F4A4]
[G] c:\windows\system32\perfnet.dll [PX5: 56B1074C00E0257E445C0050715FE700D8AC7349]
[G] c:\archivos de programa\archivos comunes\microsoft shared\textconv\mswrd832.cnv [PX5: 06F35CBD80DFE62F5D3C03943C185800B2E08B11]
[G] c:\windows\system32\ssdpsrv.dll [PX5: 95862E050072CCE218E201A90823060070B1768B]
[G] c:\windows\system32\rasctrs.dll [PX5: 421145AF00CC7ADA3209003B3C2E07008AB9AA51]
[G] c:\windows\system32\msfeedsbs.dll [PX5: 94330E5400D20590CC960052C6C6F4007EAFC339]
[G] c:\windows\system32\drivers\fastfat.sys [PX5: 1E68B78D00BA4E2F30E102605EF38B00BED2E67D]
[G] c:\archivos de programa\archivos comunes\microsoft shared\textconv\works632.cnv [PX5: E463410B08DE8A64449F01223E9C5D008661BD78]
[G] c:\windows\system32\printui.dll [PX5: 225C8B5000331E10C68C08062B62D70017F700B1]
[G] c:\archivos de programa\emule\emule.exe [PX5: 9FD5426D00B72228A09453491BF40D00498692C1]
[G] c:\windows\system32\pvmjpg21.dll [PX5: 6AA0AD0600DCB6E4806504A01FE32A00B4FDFB8F]
[G] c:\archivos de programa\nero\nero 7\nero backitup\nbshell.dll [PX5: F09A8ABC0033F9A42013017A4A068C0074A5BB4F]
[G] c:\windows\system32\mmsys.cpl [PX5: E119E1F70058901B9029097D872A9300AD1BC781]
[G] c:\archivos de programa\codec pack de elisoft\graphedit\graphedt.exe [PX5: CFF8EEFA00D133E15EE7026E9E182C007FEB7FD8]
[G] c:\windows\system32\ir50_32.dll [PX5: 1B87676D0028CFD386180B5E6EB60200257490EC]
[G] c:\archivos de programa\messenger\msmsgs.exe [PX5: 937DB9BC008B29B4DA13198C306CAF00327E8384]
[G] c:\archivos de programa\codec pack de elisoft\graphedit\sysenum.exe [PX5: D0B8EB860015FC0E60A3008ABDE9B300835A34C1]
[G] c:\windows\system32\wbem\wmiaprpl.dll [PX5: 406055FF003D76945C22011234E0C300C7188244]
[G] c:\windows\system32\perfctrs.dll [PX5: 62CC232400E8C893A4E600A4CBDA9B00DFAC6630]
[G] c:\windows\system32\perfos.dll [PX5: CF1A89D80065CB81665700438671EA00B1631AF1]
[G] c:\windows\system32\perfproc.dll [PX5: 9CE777B10066DEE38AA000AFA43194002C920844]
[G] c:\windows\system32\extmgr.dll [PX5: 58FDC7FA00B5DEDF08D802C577BB8A00BBFB47BF]
[G] c:\windows\system32\tapiperf.dll [PX5: EC99045600C78E6B16F300E0CFEC7F000745B3E4]
[G] c:\windows\system32\dskquota.dll [PX5: 18F6555800E3ABF26CBD012FC1808F009362F340]
[G] c:\archivos de programa\winrar\rarext.dll [PX5: E8B9127C0084547ED85201B5D39073004E163CCE]
[G] c:\windows\system32\url.dll [PX5: 64148D8A004103DC9E02015CCC77CE00F87EAA8E]
[G] c:\windows\system32\occache.dll [PX5: 2C24C762009DAB2A92DE01985E72F000F25A5D78]
[G] c:\windows\system32\msrating.dll [PX5: C99E707800A9E26EF22602F8C34AEF00842CF015]
[G] c:\windows\system32\ieaksie.dll [PX5: 8F9F899A00BFCD2C84100384BC697A0017D48704]
[G] c:\windows\system32\iernonce.dll [PX5: 8E1D975C00A62E27AEC7002092B55B005BA265D7]


End of Prevx Scan Log - http://www.prevx.com
  post #6  
Antiguo 15/03/09, 19:12:37
Avatar de Blottedisk
Usuario Habitual
  
Registrado: ene 2009
Ubicación: Argentina
Mensajes: 1.013
Re: Win32.TrojanDownloader.Agent
Saludos Zhong. Muchas gracias por lo del enlace al OTMoveit3, ya lo corrijo. Mientras tanto, ¿Como va tu sistema?


Apaga Restaurar Sistema (Solo en Windows Me XP y Vista).


Descargate OTMoveIt3 y lo guardas en el Escritorio.
  • Haz un doble clic sobre OTMoveIt.exe para ejecutarlo.
  • Asegurate que este marcado "Unregister Dll's and Ocx's".
  • Copia el texto que se encuentra en el cuadrado más abajo (no se incluye la palabra código), y pega el texto en el marco de izquierdo de OTMoveIt2 nombrado Paste List of Files / Folders to be Moved.

Código:
:files
C:\Documents and Settings\Daniel\Mis documentos\Trabajos Dani\Programas Descargados\Hacha\Hacha_3.5__Hjsplit__Hacha_Pro_2. 5_y_Hacha_pro_3.rar
C:\MSd1CD.vbs

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify]

:commands
[EmptyTemp]
[Purity]
[Reboot]
  • Haz clic en MoveIt! Para lanzar la supresión.
  • Cuando el resultado aparece en el marco Results, hace clic en Exit.
  • Reinicia el PC (Este paso es fundamental).


Envía el informe (reporte) de OTMoveIt3 situado sobre C: \ _ OTMoveIt\MovedFiles.
Última edición por Blottedisk fecha: 15/03/09 a las 19:15:03.
  post #7  
Antiguo 15/03/09, 21:14:20
Usuario
  
Registrado: mar 2009
Ubicación: España
Mensajes: 22
Re: Win32.TrojanDownloader.Agent
¡Hola de nuevo! Parece que el sistema va mejor. En mi opinión ha mejorado la velocidad de inicio (aunque ligeramente) y parece incluso que la navegación web es más rapida. He hecho lo que me has dicho y el resultado mayoritario ha sido "not found". La verdad es que los resultados de malwarebytes y de dr web cure-it los he eliminado por tanto es normal que sea "not found" y en el caso de del archivo Hacha, creo que se debe a que hay una separación en el código para el 2.5 que no existe en el archivo real, el cual he podido ver (sin ejecutar por supuesto!!). Bueno de nuevo adelantándome a los acontecimientos y comentando algo de lo que tú eres experto, no yo. Añadiendo también información decir que normalmente me aparecían mensajes de error sobre que debe cerrarse, enviar y no enviar, la pantalla de error típico de windows XP pero no recuerdo exacamente el qué. Hoy ya no ha aparecido, aunque puede ser casualidad. Si vuelve a aparecer o lo recuerdo, te comento. Y al apagar el ordenador, aparecía y sigue apareciendo un mensaje de finalizando programa "FormsParkingWindows" o algo similar además de uno que yo emparejo con HP, ya que su nombre es HP(algo)08.exe, y además tengo una impresora de esa marca. Seguramente no tendrá nada que ver con esto, pero yo lo comento por si acaso. Valores de Uso de CPU: 2%-20% y de Uso de PF 549 Mb con adware y Panda activados como protección (lo indico porque supongo que influirá en esos datos) De nuevo, gracias y perdón por tanto rollo.

Reporte Otmoveit

========== FILES ==========
File/Folder C:\Documents and Settings\Daniel\Mis documentos\Trabajos Dani\Programas Descargados\Hacha\Hacha_3.5__Hjsplit__Hacha_Pro_2. 5_y_Hacha_pro_3.rar not found.
File/Folder C:\MSd1CD.vbs not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify\\ not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Daniel\CONFIG~1\Temp\~DFBF98.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_350.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03162009_014414

Files moved on Reboot...
File C:\DOCUME~1\Daniel\CONFIG~1\Temp\~DFBF98.tmp not found!
File C:\WINDOWS\temp\Perflib_Perfdata_350.dat not found!
  post #8  
Antiguo 15/03/09, 22:20:27
Avatar de Blottedisk
Usuario Habitual
  
Registrado: ene 2009
Ubicación: Argentina
Mensajes: 1.013
Re: Win32.TrojanDownloader.Agent
Saludos Zhong. Vamos por partes, como dice Jack el destripador


A menos que hayas pasado nuevamente Malwarebyte´s, no has eliminado nada con este al final, si te fijas el reporte dice "No action taken". Los virus que pudieron haber cambiado estos valores en el registro ya fueron eliminados con DrWeb, así que nos queda solucionar el problemita manualmente:


Vas a inicio/ejecutar y escribes regedit


Te diriges a la siguiente clave en el panel izquierdo:


Código:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center

Y dentro de esa carpeta, en el panel derecho buscas los valores AntiVirusDisableNotify, FirewallDisableNotify y UpdatesDisableNotify. A todos, uno por uno, les haces doble click y les cambias los valores a 1.

----------------------------------------------------------------------------------------------


En verdad es cierto lo que dices del hacha, ese espacio cambia todo. Eres muy perceptivo


Para que la eliminación sea total, debes hacer nuevamente el proceso con OTMoveit3 pero copias la ruta directa del archivo, de otra manera seguirás con este virus en tu sistema Lo mejor es que tu mismo verifiques cual es la ruta del archivo, fijandose en sus propiedades y la copias como se indica en el panel "Folder to be moved". Debería quedar una cosa así:


Código:
:files
C:\Documents and Settings\Daniel\Mis documentos\Trabajos Dani\Programas Descargados\Hacha\Hacha_3.5__Hjsplit__Hacha_Pro_2.5_y_Hacha_pro_3.rar
C:\MSd1CD.vbs

:commands
[Reboot]


Luego puedes descargar hacha nuevamente desde un sitio más seguro


En cuanto al resto, una vez que solucionemos esto, vemos en este mismo thread esos problemas de los que comentas, así que me comentas estos resultados
  post #9  
Antiguo 16/03/09, 13:51:19
Usuario
  
Registrado: mar 2009
Ubicación: España
Mensajes: 22
Re: Win32.TrojanDownloader.Agent
Te traigo novedades. He cambiado los valores a 1 de esas entradas de registro y he pasado el OtmoveIt de nuevo con el siguiente reporte:

========== FILES ==========
C:\Documents and Settings\Daniel\Mis documentos\Trabajos Dani\Programas Descargados\Hacha\Hacha_3.5__Hjsplit__Hacha_Pro_2. 5_y_Hacha_pro_3.rar moved successfully.
File/Folder C:\MSd1CD.vbs not found.
========== COMMANDS ==========

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03162009_182507

Pero hay un pequeño problema. He comprobado por casualidad que al hacer doble click en mi disco duro para entrar me aparece un mensaje de error sobre que falta ese archivo de comandos que justamente intentamos eliminar y que MoveIt no encuentra. Aquí está la imagen:



Sin embargo si hacemos botón derecho > abrir sí que podemos entrar.

Otro apunte, el archivo de hacha se encuentra movido en una carpeta de moveit en C:, ya me contarás eso . Mientras tanto me encuentro a la espera de las siguientes instrucciones. Respecto al otro caso, gracias por preocuparte también. Estoy intentando hacer capturas de los paneles de error, así que cuando acabemos con este problema comenzamos si quieres con el otro... ¡si es que soy todo un caso! De verdad, muchísimas gracias, porque es increíble el empeño, interés y tiempo que invertís en esto. Mi más sincero agradecimiento! :)
  post #10  
Antiguo 18/03/09, 09:35:15
Usuario
  
Registrado: mar 2009
Ubicación: España
Mensajes: 22
Re: Win32.TrojanDownloader.Agent
!Hola!

¿Nuevas instrucciones? Lo digo porque han pasado ya 2 días y no me gustaría llegar al 3º y que me cerraran el post por inactividad.

Una cosilla, he metido mi pen en un ordenador de la facultad, después el de una amiga, pero Norton nos ha avisado que tenia un troyano en autorun.inf y lo ha mandado a cuarentena. ¿Es posible que al estar ya mi pen conectado se haya también transferido a él? Todavía no lo he metido en mi ordenador por si acaso, y para evitar complicar las cosas con mi troyano ocupa. Necesito con urgencia unos archivos que me he pasado de su pen, o conseguirlos de internet (todavía no pongo claves por si anda el troyano recogiendo información...).

Ayuda por favor...un saludo y gracias!
Tema Cerrado
Página 1 de 5 1 2345

« Tema Anterior | Próximo Tema »
Herramientas

Reglas del foro
No puedes crear nuevos temas
No puedes responder temas
No puedes subir adjuntos
No puedes editar tus mensajes
BB code is activado
Las caritas están activado
Código [IMG] está activado
Código HTML está desactivado
Trackbacks are desactivado
Pingbacks are activado
Refbacks are activado




Todas las horas son GMT -4. La hora es 23:10:25.

Sobre Infospyware - Contáctanos - Políticas del Foro - Staff - Archivo - Blog  

Powered by: InfoSpyware, Versión 3.8.4
Copyright © 2004 - 2009, ForoSpyware.com
© Copyright 2005 - 2009 InfoSpyware ® Todos los derechos reservados.
InfoSpyware es miembro de ASAP - Alliance of Security Analysis Professionals

 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31