Solucionado explorer consume cpu 100%

Estado
Cerrado para nuevas respuestas.
B

benata

Guest
Resulta que cuando entro en las carpetas de mi disco duro y empiezo a moverme por ellas al rato noto como la cpu alcanza el 100%, y al mismo tiempo la barra donde aparece la ruta actual, empieza un el progreso de color verde y se me bloquea el movimiento de carpetas.

Durante ese tiempo ya no puedo hacer nada con las carpetas. Es por ello que me gustaría saber que puede pasar.

Tengo el Windows vista

Aqui os dejo el Log HijackThis

Código:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:16:11, on 20/01/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Users\Antonio\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\AnalogX\MaxMem\maxmem.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\SYSTEM32\Taskmgr.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 1\firefox.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugin-container.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Users\Antonio\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://es.rd.yahoo.com/customize/ycomp/defaults/sp/*http://es.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://es.es.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://es.es.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://es.rd.yahoo.com/customize/ycomp/defaults/su/*http://es.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: FileServeManager - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - C:\Program Files\FileServe Manager\FileServeBHO.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and vídeo formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: Agregar al componente Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Anexar destino de vínculo a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Descargar con IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Descargar con IDM todos los enlaces  - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Download with FileServe Manager - C:\Program Files\FileServe Manager\GetUrl.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enlace de descarga usando Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Teclado virtual - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Compro&bar direcciones URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: acaptuser32.dllenethook.dllenethook.dllenethook.dllc:\progra~1\kasper~1\kasper~1\kloehk.dll c:\progra~1\bandoo\bndhook.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\Windows\SYSTEM32\astsrv.exe
O23 - Service: Servicio Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\Program Files\Bandoo\Bandoo.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\system32\bgsvcgen.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Windows\system32\NMSAccessU.exe
O23 - Service: Programador de LiveUpdate automático - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
 

viru

Ex- Mod
Miembro
Hola benata, bienvenid@ al foro.

Realiza los siguientes pasos y nos pasas los resultados:

Actualiza tu sistema Aquí (Utiliza el I. Explorer)

Borra todas las cookies y limpia el registro con CCleaner

Vete a Inicio- Panel de Control--> Java (si usas Java) y elimina todos los archivos temporales.

Borrar archivos temporales--> Desde Inicio, Ejecutar, escribe %TEMP%, pulsa Enter y elimina todo el contenido.

Pásale el Malwarebytes Antimalware. (Actualizalo, y al acabar el Scaneo elije la opción eliminar, después guarda el report y lo pegas) Si tienes algúna duda, aquí tienes un Manual de Malwarebytes Antimalware

Ademas, haz un scan on line: Los mejores antivirus online
* Debes usar el Internet Explorer y aceptar los ActiveX
* Le pones que elimine lo que te detecte.

Nos copias ese reporte, el del Malwarebytes Antimalware y un nuevo log del hijackthis.

Saludos.
 
B

benata

Guest
muchas gracias intentare dar los pasos, y os comento las soluciones
 
B

benata

Guest
Bueno pues una vez realizados todos los pasos que se me indicaron, a continuacion os dejo un reporte del Bit Defender Online Scanner, otro del Malwarebytes Anti-Malware y otro reporte del log del HijackThis

Reporte Bit Defender Online Scanner
Código:
QuickScan 32-bit v0.9.9.103
---------------------------
Fecha de Análisis: Fri Jan 20 14:15:35 2012
ID de la Máquina: A470D8AE

C:\Windows\system32\ivireg.ivr - No ha podido ser analizado


No se han encontrado infecciones.
---------------------------------



Procesos
--------
            Acer eAudio                              1368    C:\Acer\Empowering Technology\eAudio\eAudio.exe
            Acer eLock Management                     992    C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
            Acer Empowering Techonology Framework L  5500    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
            Acer eNet Management                     1848    C:\Acer\Empowering Technology\eNet\eNet Service.exe
            Acer ePower Management                   5192    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
            Acer ePower Management                   2780    C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
            Acer eRecovery Management                5712    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
            Alps Pointing-device Driver              1444    C:\Program Files\Apoint2K\Apoint.exe
            Alps Pointing-device Driver for Windows  6056    C:\Program Files\Apoint2K\ApntEx.exe
            ApMsgFwd                                 5692    C:\Program Files\Apoint2K\ApMsgFwd.exe
            Bandoo                                   2596    C:\Program Files\Bandoo\Bandoo.exe
            bgsvcgen.exe                             2012    C:\Windows\System32\bgsvcgen.exe
            BlueSoleil                               2044    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
            BlueSoleil                                448    C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
            BlueSoleil                                428    C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
            Bluetooth Stack for Windows by TOSHIBA   2424    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
            eDataSecurity                            3616    C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
            eDataSecurity Management                  616    C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
            eRecoveryService                         2632    C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
            Flash® Player Installer/Uninstaller      4988    C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe
            HD Audio Control Panel                   3604    C:\Windows\RtHDVCpl.exe
            IEMonitor Application                    2196    C:\Program Files\Internet Download Manager\IEMonitor.exe
            Intel(R) Common User Interface           1996    C:\Windows\System32\hkcmd.exe
            Intel(R) Common User Interface           2212    C:\Windows\System32\igfxpers.exe
            Intel(R) Common User Interface           4608    C:\Windows\System32\igfxsrvc.exe
            Intel(R) Common User Interface           1308    C:\Windows\System32\igfxtray.exe
            Internet Download Manager (IDM)          4544    C:\Program Files\Internet Download Manager\IDMan.exe
            Kaspersky Anti-Virus                     3588    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
            Kaspersky Anti-Virus                     1972    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
            Kaspersky Anti-Virus                     4052    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
            Kaspersky Anti-Virus                     5580    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
            LightScribe                              2120    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
            Microsoft® CoReXT                        2528    C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
            Microsoft® CoReXT                        2656    C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
            Microsoft® Windows® Operating System      608    C:\Windows\System32\smss.exe
            Microsoft® Windows® Operating System     2984    C:\Windows\System32\wbem\unsecapp.exe
            Microsoft® Windows® Operating System     2940    C:\Windows\System32\wbem\WmiPrvSE.exe
            Microsoft® Windows® Operating System     3232    C:\Windows\System32\wbem\WmiPrvSE.exe
            MobilityService.exe                      2140    C:\Acer\Mobility Center\MobilityService.exe
            Nalpeiron License Management             1944    C:\Windows\System32\ASTSRV.EXE
            Nalpeiron License Management             2248    C:\Windows\System32\nlssrv32.exe
            NMSAccessU.exe                           2264    C:\Windows\System32\NMSAccessU.exe
            RAID Monitor                             2064    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
            Realtek HD Audio Data Rerouter           5152    C:\Users\Antonio\AppData\Local\Temp\RtkBtMnt.exe
            RichVideo Module                         2332    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
            RocketDock.exe                           4160    C:\Program Files\RocketDock\RocketDock.exe
            Service                                  2720    C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
            Sistema operativo Microsoft® Windows®    2208    C:\Program Files\Windows Sidebar\sidebar.exe
            Sistema operativo Microsoft® Windows®    3416    C:\Windows\explorer.exe
            Sistema operativo Microsoft® Windows®     732    C:\Windows\System32\csrss.exe
            Sistema operativo Microsoft® Windows®     680    C:\Windows\System32\csrss.exe
            Sistema operativo Microsoft® Windows®     768    C:\Windows\System32\services.exe
            Sistema operativo Microsoft® Windows®    1400    C:\Windows\System32\SLsvc.exe
            Sistema operativo Microsoft® Windows®    1780    C:\Windows\System32\spoolsv.exe
            Sistema operativo Microsoft® Windows®    3480    C:\Windows\System32\taskeng.exe
            Sistema operativo Microsoft® Windows®    3400    C:\Windows\System32\taskeng.exe
            Sistema operativo Microsoft® Windows®    5976    C:\Windows\System32\taskmgr.exe
            Sistema operativo Microsoft® Windows®     724    C:\Windows\System32\wininit.exe
            Sistema operativo Microsoft® Windows®     884    C:\Windows\System32\winlogon.exe
            SoftK56 Modem Driver                     2572    C:\Windows\System32\drivers\XAudio.exe
            TomTom HOME                              2404    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
            Windows Live Messenger Companion         6680    C:\Program Files\Windows Live\Companion\companionuser.exe
            Windows® Internet Explorer               2996    C:\Program Files\Internet Explorer\iexplore.exe
            Windows® Internet Explorer               6672    C:\Program Files\Internet Explorer\iexplore.exe
            Windows® Internet Explorer               7312    C:\Program Files\Internet Explorer\iexplore.exe
(verificado) Microsoft® Windows® Operating System     4692    C:\Windows\ehome\ehmsas.exe
(verificado) Microsoft® Windows® Operating System     4100    C:\Windows\ehome\ehtray.exe
(verificado) Sistema operativo Microsoft® Windows®    5284    C:\Program Files\Windows Media Player\wmpnetwk.exe
(verificado) Sistema operativo Microsoft® Windows®    5112    C:\Program Files\Windows Media Player\wmpnscfg.exe
(verificado) Sistema operativo Microsoft® Windows®    8160    C:\Windows\servicing\TrustedInstaller.exe
(verificado) Sistema operativo Microsoft® Windows®    3360    C:\Windows\System32\dwm.exe
(verificado) Sistema operativo Microsoft® Windows®     780    C:\Windows\System32\lsass.exe
(verificado) Sistema operativo Microsoft® Windows®     788    C:\Windows\System32\lsm.exe
(verificado) Sistema operativo Microsoft® Windows®    1048    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®     984    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    2316    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    2476    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    1808    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    1600    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    1448    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    1384    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    1196    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    2376    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    1180    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    1148    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    1088    C:\Windows\System32\svchost.exe
(verificado) Sistema operativo Microsoft® Windows®    5336    C:\Windows\System32\svchost.exe


Actividad de red
----------------
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.231
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.231
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 66.135.204.19
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 66.135.204.19
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 209.85.229.95
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 209.85.229.95
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 209.85.229.95
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 74.125.230.163
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.217
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 74.125.230.163
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.217
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.56
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.56
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 74.125.230.167
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 74.125.230.167
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 173.194.34.229
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 173.194.34.229
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 74.125.230.191
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 74.125.230.191
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 209.85.229.95
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 209.85.229.95
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 74.86.64.162
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 74.86.64.162
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 2.16.113.55
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 2.16.113.55
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.176
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.176
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.176
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.176
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.176
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.176
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 74.125.230.163
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 74.125.230.163
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 184.85.191.139
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 74.125.230.167
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 74.125.230.167
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 173.194.34.229
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 173.194.34.229
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 74.125.230.191
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 74.125.230.191
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 66.220.158.18
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 66.220.158.18
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 66.220.158.18
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 2.16.113.55
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 2.16.113.55
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.153
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.153
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.153
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.153
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 46.33.75.169
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.153
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 213.248.113.153
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 46.33.75.169
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 46.33.75.169
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 46.33.75.169
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 46.33.75.169
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 46.33.75.169
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 184.85.189.177
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 184.85.189.177
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 199.68.156.31
Proceso avp.exe (1972) conectado en el puerto 443 (HTTP over SSL) --> 173.194.34.249
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.249
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.250
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.250
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 205.251.205.51
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 205.251.205.51
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 184.85.188.20
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 184.85.188.20
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.231
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 173.194.34.231
Proceso avp.exe (1972) conectado en el puerto 80 (HTTP) --> 91.199.104.31

Proceso wininit.exe (724) escuchar en puertos: 49152 (RPC)
Proceso services.exe (768) escuchar en puertos: 49161 (RPC)
Proceso lsass.exe (780) escuchar en puertos: 49156 (RPC)
Proceso svchost.exe (1048) escuchar en puertos: 135 (RPC)
Proceso svchost.exe (1148) escuchar en puertos: 49153 (RPC)
Proceso svchost.exe (1196) escuchar en puertos: 49154 (RPC)
Proceso avp.exe (1972) escuchar en puertos: 1110
Proceso svchost.exe (2316) escuchar en puertos: 49155 (RPC)
Proceso wmpnetwk.exe (5284) escuchar en puertos: 554 (RTSP)


Autoruns y archivos críticos
----------------------------
            Acer eAudio                              C:\Acer\Empowering Technology\eAudio\eAudio.exe
            Acer Tour Reminder                       C:\Acer\AcerTour\Reminder.exe
            Alps Pointing-device Driver              C:\Program Files\Apoint2K\Apoint.exe
            CameraMonitor Application                C:\Windows\vsnpstd.exe
            eDataSecurity                            C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
            Facebook Update                          C:\Users\Antonio\AppData\Local\Facebook\Update\FacebookUpdate.exe
            HD Audio Control Panel                   C:\Windows\RtHDVCpl.exe
            Intel(R) Common User Interface           C:\Windows\System32\hkcmd.exe
            Intel(R) Common User Interface           C:\Windows\system32\igfxdev.dll
            Intel(R) Common User Interface           C:\Windows\System32\igfxpers.exe
            Intel(R) Common User Interface           C:\Windows\System32\igfxtray.exe
            Internet Download Manager (IDM)          C:\Program Files\Internet Download Manager\IDMan.exe
            Kaspersky Anti-Virus                     C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
            Kaspersky Anti-Virus                     C:\Windows\system32\klogon.dll
            RocketDock.exe                           C:\Program Files\RocketDock\RocketDock.exe
            Sistema operativo Microsoft® Windows®    C:\Program Files\Windows Sidebar\sidebar.exe
            Sistema operativo Microsoft® Windows®    C:\Windows\system32\Aurora.scr
            Sistema operativo Microsoft® Windows®    C:\Windows\system32\BROWSEUI.dll
            Windows® Internet Explorer               c:\windows\system32\webcheck.dll
(verificado) Google Update                            C:\Program Files\Google\Update\GoogleUpdate.exe
(verificado) Microsoft® Windows® Operating System     C:\Windows\ehome\ehtray.exe
(verificado) Sistema operativo Microsoft® Windows®    c:\windows\system32\userinit.exe


Plugins del Navegador
---------------------
            Adobe PDF Toolbar for IE                 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
            BitDefender QuickScan                    C:\Windows\Downloaded Program Files\qsax.dll
            DivX VOD Helper Plug-in                  C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
            DivX Web Player                          C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
            eDStoolbar Module                        c:\windows\system32\edstoolbar.dll
            Epson Easy Photo Print (TBL)             c:\program files\epson software\easy photo print\eptbl.dll
            FFPlugin.dll                             C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\pws4sm6q.default\extensions\ffox@bandoo.com\components\FFPlugin.dll
            ffpluginv5.dll                           C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\pws4sm6q.default\extensions\ffox@bandoo.com\components\ffpluginv5.dll
            ffpluginv6.dll                           C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\pws4sm6q.default\extensions\ffox@bandoo.com\components\ffpluginv6.dll
            FileServe Manager                        C:\Program Files\FileServe Manager\FileServeBHO.dll
            Foxit PhantomPDF Plugin for Mozilla      C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
            Google Update                            C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
            InstallShield Update Service             C:\Windows\Downloaded Program Files\isusweb.dll
            Internet Download Manager Module         C:\Program Files\Internet Download Manager\IDMIECC.dll
            Java Deployment Toolkit 6.0.240.7        C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins\npdeployJava1.dll
            Java(TM) Platform SE 6 U26               C:\Program Files\Java\jre6\bin\jp2ssv.dll
            Java(TM) Platform SE 6 U26               C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
            Kaspersky Anti-Virus                     C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
            Kaspersky Anti-Virus                     C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
            Mega Manager IE Click Catcher            C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
            Microsoft® CoReXT                        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
            Microsoft® Windows® Operating System     C:\Windows\system32\wshbth.dll
            Mozilla Default Plug-in                  C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins\npnul32.dll
            NPSWF32.dll                              C:\Windows\system32\Macromed\Flash\NPSWF32.dll
            Photodex Presenter Plugin                C:\Program Files\Photodex Presenter\npPxPlay.dll
            Shockwave for Director                   C:\Windows\system32\Adobe\Director\np32dsw.dll
            Silverlight Plug-In                      C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
            Skype Toolbars                           C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
            Windows Live Messenger Companion         C:\Program Files\Windows Live\Companion\companioncore.dll
            Windows Live™ Photo Gallery              C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
            Windows Presentation Foundation          C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
            Windows® Internet Explorer               C:\Windows\system32\ieframe.dll
(verificado) AcroIEHelperShim Library                 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
(verificado) InstallShield Update Service             C:\Windows\Downloaded Program Files\dwusplay.dll
(verificado) InstallShield Update Service             C:\Windows\Downloaded Program Files\dwusplay.exe
(verificado) Microsoft® Windows® Operating System     C:\Windows\System32\nlaapi.dll
(verificado) Microsoft® Windows® Operating System     C:\Windows\System32\winrnr.dll
(verificado) Sistema operativo Microsoft® Windows®    C:\Windows\system32\mswsock.dll
(verificado) Sistema operativo Microsoft® Windows®    C:\Windows\system32\napinsp.dll
(verificado) Sistema operativo Microsoft® Windows®    C:\Windows\system32\pnrpnsp.dll


Archivos perdidos
-----------------
Archivo no encontrado: acaptuser32.dllenethook.dllenethook.dllenethook.dllc:\progra~1\kasper~1\kasper~1\kloehk.dll c:\progra~1\bandoo\bndhook.dll
  --> HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\"AppInit_DLLs"


Analizar
--------
MD5: 8abc91fcd511fe7a9367aa3286d8facf  C:\Acer\AcerTour\Reminder.exe
MD5: 4cd3dca5f48d7dce9a3ee90df83a1223  C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
MD5: 1b05cfdbf6e769028703b6368e91ba8d  C:\Acer\Empowering Technology\Acer.Empowering.Framework.Host.dll
MD5: 363ec83893477e492c2ea52fa95253dc  C:\Acer\Empowering Technology\Acer.Empowering.Framework.Interface.dll
MD5: 8092bc19097a8d5b07a44e49d3aa239d  C:\Acer\Empowering Technology\Acer.Empowering.Framework.LaunchBarView.dll
MD5: 50413b53240d067eadf1e7bd6a38d0f2  C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
MD5: 13a8cec1d544c448f974912690277b7e  C:\Acer\Empowering Technology\Acer.Empowering.Framework.Presenter.dll
MD5: b044d50a56fe16fc9f3d5445e9bf106f  C:\Acer\Empowering Technology\Acer.Empowering.Framework.Shared.dll
MD5: 39cbe2e778299f468bbd5b45cfb90a70  C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
MD5: 6d0db7b8895bbbd610a8d6af9672431a  C:\Acer\Empowering Technology\Acer.Empowering.Shared.UI.dll
MD5: 72a2a89cfe8eceebe84efbe5cbbc1dd7  C:\Acer\Empowering Technology\Acer.Empowering.Windows.Forms.dll
MD5: 5fa8cd3fd1988b7b85c4e17f51b68990  C:\Acer\Empowering Technology\eAudio\AcrRtAud.dll
MD5: 4e1c6072459a93b4b7a765b93403a8ec  C:\Acer\Empowering Technology\eAudio\eAudio.exe
MD5: 4dd4c7eed53653ba5b5a7fd21dd82a99  C:\Acer\Empowering Technology\eAudio\eAudioUI.dll
MD5: 2c79b6bb8aa811c41104bf0623d7d708  C:\Acer\Empowering Technology\eAudio\es\eAudioUI.resources.dll
MD5: a6d0bf5b17e83b9ddfa3794af6477d77  C:\Acer\Empowering Technology\eAudio\Lang.dll
MD5: 3f5caa647802df8b585bc7c93458fc0c  C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
MD5: 95eaae42e97e921a20327dc7bad3801b  C:\Acer\Empowering Technology\eDataSecurity\eDSplugin.dll
MD5: 83599212a2b5cded676a9d09d9856171  C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
MD5: 503a72d3b29427a80c610c92163830e7  C:\Acer\Empowering Technology\eLock.Serv.Interface.dll
MD5: 490001cc1c1a5b2e120199480ba6adff  C:\Acer\Empowering Technology\eLock\eLock.Client.dll
MD5: 59870aba7eab51ebd56f21d90fbd456b  C:\Acer\Empowering Technology\eLock\eLockCTL.dll
MD5: a4c49a99754cedeb820389f1bda6109d  C:\Acer\Empowering Technology\eLock\es\eLockCTL.resources.dll
MD5: 503a72d3b29427a80c610c92163830e7  C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Interface.dll
MD5: 9c37157e995c4f14112b437fbc445b88  C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Library.dll
MD5: 741ff64fc61769c18b949e86fd96cd82  C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Main.dll
MD5: fb5383bfd4dec6792aaef76c9343ecff  C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
MD5: ee377c3d1805558677c7c5fe2f7b3006  C:\Acer\Empowering Technology\eNet\eNet Service.exe
MD5: 7886024654ca8f3657f257f42b243d6c  C:\Acer\Empowering Technology\eNet\eNet.dll
MD5: af23dd6014dfd348b828fe6e2cc82b2c  C:\Acer\Empowering Technology\eNet\eNetPlugin.dll
MD5: 7fb73486adbb1f3e748b04019b8042de  C:\Acer\Empowering Technology\eNet\eNetServiceInterface.dll
MD5: 6ae97b934738f0c5d7120f262a1fcd6e  C:\Acer\Empowering Technology\eNet\eNMIPCmm.dll
MD5: e71b331fa449637b96892395666c4026  C:\Acer\Empowering Technology\eNet\MultiLang.dll
MD5: b77464db203fcb273f9f6137b9dcf1dd  C:\Acer\Empowering Technology\eNet\Network.dll
MD5: 3a279d6beaf2db8abfff6acd005442de  C:\Acer\Empowering Technology\eNet\NetworkCardMgr.dll
MD5: 72a2a89cfe8eceebe84efbe5cbbc1dd7  C:\Acer\Empowering Technology\EPOWER\Acer.Empowering.Windows.Forms.dll
MD5: 0f0e9ebe47a7b2bd7444424473fa3962  C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
MD5: e75999892cec703b3e1b5221b5bac92a  C:\Acer\Empowering Technology\ePower\ePower_UI.dll
MD5: ee80ac462a171dbf06eeb2058b5d3bc6  C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
MD5: 634f9b1e392af9f9be28c19f87caa3f5  C:\Acer\Empowering Technology\ePower\es\ePower_UI.resources.dll
MD5: dbebe0c451f1ee6ed9028d116e77495b  C:\Acer\Empowering Technology\EPOWER\SysHook.dll
MD5: 442e9fbbeebd916519d8381bc2f71ea9  C:\Acer\Empowering Technology\ePower\WMIInterface.dll
MD5: e09f72b19d45906ceb2115e55005bfc5  C:\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll
MD5: 0b9795c65690cd570e5d8e92155834e1  C:\Acer\Empowering Technology\ePresentation\es\ePresentationCTL.resources.dll
MD5: 4f779ad993a2975d945ee6985cac0fea  C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
MD5: 3d184410ef5ee017e186ac96181b3ff8  C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
MD5: 4f0d42339259d4ab955b565845bbe583  C:\Acer\Empowering Technology\eRecovery\eRecoveryUI.dll
MD5: 2caf3f6d917650725f79955450b9ae5e  C:\Acer\Empowering Technology\eRecovery\es\eRecoveryUI.resources.dll
MD5: dadad303dc0871591997a05caab891ae  C:\Acer\Empowering Technology\eRecovery\IERYETF.dll
MD5: 9d64201c9e5ac8d1f088762ba00ff3ab  C:\Acer\Empowering Technology\eRecovery\int15.sys
MD5: 6b46e837ec3ff448a0665dc86c5208dc  C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll
MD5: 5273c62d409370c7b3f18a209f41f30f  C:\Acer\Empowering Technology\es\Acer.Empowering.Framework.LaunchBarView.resources.dll
MD5: aa6b27692b551811ec2f4e0d0d886197  C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
MD5: 26094d2e7ad3cdadfed4e664337ebeb4  C:\Acer\Empowering Technology\eSettings\es\eSettings.Plugin.resources.dll
MD5: 071df6990fc1301705ae51dfde9c46af  C:\Acer\Empowering Technology\eSettings\es\eSettings.Presenter.resources.dll
MD5: a2906f5e57e6787e5c47ba0948c99c29  C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
MD5: 9beee0b1ef8904f69f36710a4382fa39  C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
MD5: 06d9e19a9ab02a26b8a9e553f6893b0c  C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
MD5: cf2584cdf90da24d3044021aaad5dbab  C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
MD5: d5258948ff159510d16d55fd4cf7a41b  C:\Acer\Empowering Technology\eSettings\Service\CPUID.dll
MD5: 8746b3414581b8ada2b7b309e024094f  C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Computer.dll
MD5: aa6b27692b551811ec2f4e0d0d886197  C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.ComputerInterfaces.dll
MD5: bc7373bd61ccc341487212b1986a6895  C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Library.dll
MD5: 5f3bd963f02108c36592b5728fa725c5  C:\Acer\Empowering Technology\eSettings\Service\log4net.dll
MD5: 5f3bd963f02108c36592b5728fa725c5  C:\Acer\Empowering Technology\log4net.dll
MD5: 30a8c2fbe6a8585a4a7151edf1f61f79  C:\Acer\Mobility Center\MobilityInterface.dll
MD5: 842684e0df20a59e293da1c6f0dfe261  C:\Acer\Mobility Center\MobilityService.exe
MD5: e91a1b50d762a66a3c37449cfa5e4420  C:\Acer\Mobility Center\msvcm80d.dll
MD5: df6196c462db303990460379850cd19d  C:\Acer\Mobility Center\MSVCR80D.dll
MD5: 95151d7903fef5f221a3b5be603e69bf  C:\Program Files\7-Zip\7-zip.dll
MD5: 8098180b3f6c430a4e60333bc036f936  C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
MD5: 510325e830bc5f2a2d93a11924989de0  C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll
MD5: c11dd4129407d080dcf59ef2d6aed895  C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.esp
MD5: d5af0dc896fca06270f3dd6b13b69bbf  C:\Program Files\Apoint2K\ApMsgFwd.exe
MD5: 99a7b10500920e5cc79b700927b18bc1  C:\Program Files\Apoint2K\ApntEx.exe
MD5: d82bb836e6066d4cae2e6a94979500d4  C:\Program Files\Apoint2K\Apoint.DLL
MD5: dacd58a6264261901cee21776f2e057a  C:\Program Files\Apoint2K\Apoint.exe
MD5: d77adb3a374b48c8bf2009c4f4230b5d  C:\Program Files\Apoint2K\ApResSP.dll
MD5: 4afb0f5533405bf53f26423bf8726ba9  C:\Program Files\Apoint2K\EzAuto.dll
MD5: 9312f6f1ec1d71526cc6cd285cc5bbe6  C:\Program Files\Apoint2K\EzLaunch.DLL
MD5: c5e3d9d13f7d68f3d93890a2aeb97e1b  C:\Program Files\Bandoo\Bandoo.exe
MD5: a7c8e3a8f60e85feeb679832755b60f7  C:\Program Files\Bandoo\CrashRpt.dll
MD5: 4ae327c9c375d985ff2a2aab92765218  C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
MD5: f2dcb030fbdd320f858871515c18c5d1  C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
MD5: 839772d521bcd444a3d958c8eee2e5f5  C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.ESP
MD5: 648ab52693d42c015d6062583b48d786  C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: f577910a133a592234ebaad3f3afa258  C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MD5: 35f57598f0589feb3c3abc1621bf329f  C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
MD5: 0ee266a90d43e82a07cf33755d6de1cc  C:\Program Files\Common Files\LightScribe\LSLog.dll
MD5: d7eb32b51b7472fbee86bfa47b3c4bc5  C:\Program Files\Common Files\LightScribe\LSSProxy.dll
MD5: 793ff718477345cd5d232c50bed1e452  C:\Program Files\Common Files\LightScribe\LSSrvc.exe
MD5: cf39a105cd553eed31e2255aff4c6742  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
MD5: 45406ffd87f6ba4345b018e303a64ff1  C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
MD5: fb01d4ae207b9efdbabfc55dc95c7e31  C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
MD5: c649f293b8b047a2694f3c615d09bf17  C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
MD5: a6a7ad767bf5141665f5c675f671b3e1  C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
MD5: c1c132455200ad4704142442c89d0fa4  C:\Program Files\CyberLink\Shared Files\RichVideo.exe
MD5: 605473fd8d50ccdfd5ea357f72683410  C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
MD5: 805a6ccebb8cc41c79b2e66f519e6be3  C:\Program Files\DivX\DivX Plus Web Player\libxml2.dll
MD5: b4be4dae164bf1c6630f0d32fed0eca9  C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
MD5: 5ffe5587f9d3a2ec7fa1a39456e49737  C:\Program Files\Epson Software\Easy Photo Print\EPPShell.dll
MD5: ea3329e06d7c794b788ceada90ab7000  c:\program files\epson software\easy photo print\eptbl.dll
MD5: 9ff5e0ef45935fb157abd2f4c71d678a  C:\Program Files\FileServe Manager\FileServeBHO.dll
MD5: 3bfe402c04e9d2dff134d8cc5f811604  C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x86.dll
MD5: fa6d376471b8e771ff8ed5b1e0ab60ee  C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\FoxitRMSShellExtension.dll
MD5: eab8fb1e1be519757bc982d9d672df0e  C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
MD5: 8c2044169be2224c8a7cb8e81e7581af  C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
MD5: ae38a12f79a4980ddb88f36514f8a1da  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
MD5: a800036d0e071cbe08c144e110a71a35  C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
MD5: 140a9d67f1bafe14b798c71139de5601  C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
MD5: 0195d8e7523ddd7f514ad6f6636caf40  C:\Program Files\Internet Download Manager\IDMan.exe
MD5: ea1a320b897268bd6accfeddb31b9cab  C:\Program Files\Internet Download Manager\idmftype.dll
MD5: 175ada08e2bb07097ab4700dfc17172f  C:\Program Files\Internet Download Manager\IDMIECC.dll
MD5: 706dd70fe7ea8b4362e7a4817ff6baf8  C:\Program Files\Internet Download Manager\idmmkb.dll
MD5: a90074dabd937b6fa95c71dd2420e69a  C:\Program Files\Internet Download Manager\IDMNetMon.DLL
MD5: 7232b8747e3884f8715290187eb6611e  C:\Program Files\Internet Download Manager\IDMShellExt.dll
MD5: a1659e4d08fe8d0f0bc61960d8c0369e  C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 4d0bad6e0b9a5e650fe37a05f33bf288  C:\Program Files\Internet Explorer\IEShims.dll
MD5: 904e13ba41af2e353a32cf351ca53639  C:\Program Files\Internet Explorer\iexplore.exe
MD5: 93319221158b175a9cd05595200d979b  C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
MD5: 212d9ef2e9f2c844019f04ebb9a2fbad  C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
MD5: 73ae49d633f0665e04dae66b79a5a31e  C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
MD5: 4f26303becbb7cc5ca8ff39593124cf2  C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
MD5: ca7b96dbba03d7039e9920e0ed0d04cc  C:\Program Files\IVT Corporation\BlueSoleil\Mobile\BaseLib.dll
MD5: e8335d896decd1c1b7ad583411ec9f5d  C:\Program Files\IVT Corporation\BlueSoleil\Mobile\cscvt.dll
MD5: f57c943abd0fbef55e8c669993723b81  C:\Program Files\IVT Corporation\BlueSoleil\Mobile\ExtraLib.dll
MD5: b67881022ed560bfc4e21ea3d329836b  C:\Program Files\IVT Corporation\BlueSoleil\Mobile\svrpack.dll
MD5: e7d55e121ff1951cb86c7e0dc6a33877  C:\Program Files\Java\jre6\bin\jp2ssv.dll
MD5: 1040bd9bf3ddab7cda2346f8375480a2  C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: b2b3fcba37671c853879df7dde8a839a  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
MD5: bc6792a5049b918d3a4d3f6c5b0c147d  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\eka_meta.dll
MD5: 3936312618a1b4e8b79231dc53c326e7  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
MD5: e3815a45efebe78a402e315f30186b56  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kltbar.dll
MD5: 888a8c956207a88036571e8ae2356c46  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
MD5: 8f61efdaa7b7cbf4dceaddbcace6468e  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbcl.dll
MD5: 4525ce589248e44c239d8dca452b6bfb  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblc.dll
MD5: 69a022af566272f9ba43bbe8adb0478c  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
MD5: 5020512b5c77e775863b31d9506d76c6  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\params.ppl
MD5: f8195ed1ae2066dd521ae6f7b55b6bd3  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\prloader.dll
MD5: 6033fda443b52bca899bb89c979f3dd5  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\prremote.dll
MD5: dee8f0f27cd370e4e9c69121625c3583  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\pxstub.ppl
MD5: 10916851e780c12a9ace9b7764ac507a  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\service.dll
MD5: e269c2c2b6277004c18bd8e1cc667e6e  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\shellex.dll
MD5: 8bb3d1bf424d298ff6a2609b39bd8822  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\winreg.ppl
MD5: fdb2e1a958561d247bcb9c8e0f7f0ebb  C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
MD5: ed5a21d6b3e091f20cd6381d16ccc43e  C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
MD5: ce6db25ffa35fd051c503f11db745862  C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
MD5: 9d35e12b661581b83dd74eb910ea9e6d  C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins\npdeployJava1.dll
MD5: 0bfe041b7f5230739fb642a08deaa66a  C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins\npnul32.dll
MD5: 7d3903af48e6c1dc2704eafcb608d031  C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
MD5: bb7a779ba392503e05a1c38f5f8af8d8  C:\Program Files\Photodex Presenter\npPxPlay.dll
MD5: 958e956e119eb7b9aba142afed1b5ff4  C:\Program Files\Photodex\1ProShowProducer\ScsiAccess.exe
MD5: 8d1f80445b70cc96cf145d9b926cae5d  C:\Program Files\RocketDock\Docklets\MasterVolume by sisx\MasterVolumeDocklet.dll
MD5: 4a2a05b25df4385f5aec6f07b1c1e93d  C:\Program Files\RocketDock\RocketDock.dll
MD5: 7dfccc67990b6de7f30f553a4e4612a4  C:\Program Files\RocketDock\RocketDock.exe
MD5: bad6a333613786540454044d8cd94524  C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
MD5: 6e564585a63a81b0d76f3dc556947d55  C:\Program Files\Skype\Toolbars\Shared\SkypeBrowserOptions.dll
MD5: 3f5fb4450b22f1cf8be3e52bbb1afc04  C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll
MD5: 5cf4fbb63f1d393034d9f189dea95075  C:\Program Files\TagRename\TRshell.dll
MD5: efef22b9577e5051057fde1ae381b50c  C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
MD5: 76148c3159718b701252f87b067904a6  C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
MD5: 3c37627aa14b5acb0d81f6a902a332fb  C:\Program Files\Total Video Converter\TVCShellExt.dll
MD5: 9be889f1f912eab27ac5af2882b62bf9  C:\Program Files\TotalAudioConverter\axTotalConverter.dll
MD5: 4871d582ac62422594b46f79a8243029  C:\Program Files\UltraISO\drivers\ISODrive.sys
MD5: da66ceaf1def4da337f1542e0308483d  C:\Program Files\Unlocker\UnlockerCOM.dll
MD5: 4847639d852763ee39415c929470f672  C:\Program Files\Unlocker\UnlockerDriver5.sys
MD5: 7d1f2afe12bafc4c18c5a0e3c6866e38  c:\program files\windows defender\mprtplug.dll
MD5: 0ee505f20817f13dea0c6907a94469d2  C:\Program Files\Windows Live\Companion\companioncore.dll
MD5: 4219ebc472e3a69e9cab3d537003722b  C:\Program Files\Windows Live\Companion\companionuser.exe
MD5: 40cdfad174b3d5e80f95dda003c0b97f  C:\Program Files\Windows Live\Family Safety\fsssvc.exe
MD5: 758169cb9276c5529a234a1593a47120  C:\Program Files\Windows Live\Installer\wlshim.dll
MD5: 6067acef367e79914af628fa1e9b5330  C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
MD5: 0a1ff0b674e2f268799442a434a63bb3  C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
MD5: 2bec36546e074184660203e51682ba58  C:\Program Files\Windows Live\Shared\UXCalendar.dll
MD5: 4a2cf4297e29be80512cc61cb46e0b96  C:\Program Files\Windows Live\Shared\uxcontacts.dll
MD5: 950f3dcbe3005a83879ce8465877ac94  C:\Program Files\Windows Live\Shared\UXCore.dll
MD5: 5589384704dc13598208a36d77d77902  C:\Program Files\Windows Live\Shared\WLDCore.dll
MD5: f11fe030158f8ef14a56a3ea9e9bd47d  C:\Program Files\WinRAR\rarext.dll
MD5: 9e4212517ac0590a7a00365e2cab938c  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7893418-76C2-4BF4-9BAC-973FB0908165}\mpengine.dll
MD5: 5c918d413f5837e67a85775c9873775e  C:\PROGRA~1\LAUNCH~1\DPortIO.sys
MD5: fcc7c432fbf465c38fd5d940580ef9b7  C:\Users\Antonio\AppData\Local\Facebook\Update\FacebookUpdate.exe
MD5: ee91d9228d93a2d652f1caa83c830f3d  C:\Users\Antonio\AppData\Local\Temp\9BD1.tmp
MD5: 5ef87457ab8a58694ebe35e55d093d04  C:\Users\Antonio\AppData\Local\Temp\RtkBtMnt.exe
MD5: 9fac446ee45cbdc68958a9011cd8e40c  C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\pws4sm6q.default\extensions\ffox@bandoo.com\components\FFPlugin.dll
MD5: 357ee483cba1dc305a8e06d84d315660  C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\pws4sm6q.default\extensions\ffox@bandoo.com\components\ffpluginv5.dll
MD5: dd298f0774d8eca2484ba0e9480f99b8  C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\pws4sm6q.default\extensions\ffox@bandoo.com\components\ffpluginv6.dll
MD5: d6804f089cbb6749e95124e7c4d80900  C:\Windows\AppPatch\AcLayers.DLL
MD5: 2834737d3328b7fa23e8d0f52d479fb2  C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll
MD5: f5333381dcdadbb8f577b5d2810d5cee  C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MD5: ce45722a3393b63843de48f314cf6b3f  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MD5: 25bc19b5a84e52a6d669c874ed9a537c  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MD5: d709af78422f6f0ef09cd0b79cfe743f  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MD5: 602cbe17e7858342cf99cae79fc04b16  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MD5: 162751e95337f07bbc9b277d197de757  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MD5: 7908201a7aca9fd242039301bb5cf9eb  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8645de531003807d00822e03986a075d\System.ServiceProcess.ni.dll
MD5: 800fa392f143a8f9e723bcf5c3317fda  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a1f88ca90ad038aea7d5db3f3b8c5b3d\System.Web.ni.dll
MD5: a9bb8332bef887a0f4adc3c88cc35bfc  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MD5: 28a295aa6abd45f4557b6c00d0f8c5b1  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MD5: 8c70a2b884ffbbae50bbd21fb962a846  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MD5: 0c78701c6f42345dff2b2b6c3c3d01ef  C:\Windows\Downloaded Program Files\isusweb.dll
MD5: b8f613ac24cc3c706029e602e2d5ddbf  C:\Windows\Downloaded Program Files\qsax.dll
MD5: 6717ae12e326dd1e39f6ee183a37dc0f  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: ee59d3cdfab2e808551084165c7887bf  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 35a936c7c029a5b705d3ffd40518d660  C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67  C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: f5df6846f30e9f54ea60ccaeb3fb2055  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: ee4fb1bb6757675625699a32e0f80e20  C:\Windows\RtHDVCpl.exe
MD5: f6dfdfd5bc950275de3b285e108cb974  C:\Windows\servicing\CbsApi.dll
MD5: 9605f168a30e4b6b7cc18c875b2d44bd  C:\Windows\system32\ADMIN_CLASS_LIB.dll
MD5: 5cb2c74f632f47f39071ad7487b0f825  C:\Windows\system32\Adobe\Director\np32dsw.dll
MD5: d65db1c24e27acd169971552c6fc9e2f  C:\Windows\System32\AdobePDF.dll
MD5: e9b9c1b98c8d6d48407e1c1203eac659  C:\Windows\System32\adsldpc.dll
MD5: 031da76a5a7dc13f015dd3491394865e  C:\Windows\system32\advpack.dll
MD5: 0c83fc56707bf68db04947052a8188b1  C:\Windows\System32\ASTSRV.EXE
MD5: f240b31da00632718cc2392a4d193313  C:\Windows\system32\Aurora.scr
MD5: f31eebc1a1c81fd04005489cc3dcdfe7  C:\Windows\system32\basesrv.dll
MD5: d1225f5423a313f2714b360383eb0853  C:\Windows\system32\BatchCrypto.dll
MD5: acc9c8c560c567fad6f79c977ab2ea09  C:\Windows\System32\bgsvcgen.exe
MD5: f21f255b91ca4f04e4250decd2067cbb  c:\windows\system32\bitsperf.dll
MD5: 02f0be91b0f2b1c30f6f48334f47d625  C:\Windows\system32\BlackBox.dll
MD5: 2ab5503885f884b167a44d0915624101  C:\Windows\System32\Bs2Res.dll
MD5: bde6463f52fbd5524ec56dc0a53c2c3b  C:\Windows\System32\BsCommon.dll
MD5: fd6651f7237970b29e277e32a75a2c51  C:\Windows\system32\BsHelpCSps.dll
MD5: 797f0479f586bd69b806dadb9e1f9ddc  C:\Windows\System32\BsMobileSDK.dll
MD5: c171cde82c4ae06196b3a4384a98432c  C:\Windows\System32\BsMonSvr.dll
MD5: ff26aabbcc893be803791c1aefdfa65e  C:\Windows\System32\BsSDK.dll
MD5: 038469f692bc2474287ab29aaf513f64  C:\Windows\system32\BsTrace.dll
MD5: d333058925ce305e39de8d5ad2b52a46  C:\Windows\system32\CLUSAPI.DLL
MD5: 74f26fc01b180d4a99a168ed69c30a53  C:\Windows\SYSTEM32\cmd.exe
MD5: 7f15b4953378c8b5161d65c26d5fed4d  C:\Windows\system32\cngaudit.dll
MD5: 93e317d7ad783d8eaee2e3500bfe889d  C:\Windows\System32\credui.dll
MD5: df53b8bd2c2d86e8cfeb4bb488b5ea37  C:\Windows\system32\CryptoAPI.dll
MD5: 187076dd5d8d4d5d23079d0741195ead  C:\Windows\system32\CSRSRV.dll
MD5: abca209eba02cb59233614db83b4f50d  C:\Windows\System32\csrss.exe
MD5: 3dfeec45e5f22993216083fb777719d5  C:\Windows\system32\d2d1.dll
MD5: 8b02d2ecc7ef6e1f6af08459e3f741f6  C:\Windows\system32\d3d10.dll
MD5: 29e4ea31c6debe5efb384eefa4f1ef63  C:\Windows\system32\d3d10_1.dll
MD5: 556f1cbe9ba19e2ccd6f8d9af71af5c7  C:\Windows\system32\d3d10_1core.dll
MD5: 9c7094f537782a82b6a29b4a7172e180  C:\Windows\system32\d3d10core.dll
MD5: 33ebf5dcd45f878b3622ad82ab37af3a  C:\Windows\system32\D3D10Warp.dll
MD5: 85e861d0b88db2b54acb0839654c09f7  C:\Windows\system32\DNSAPI.dll
MD5: 57d762f6f5974af0da2be88a3349baaa  c:\windows\system32\dnsrslvr.dll
MD5: 4ebdd20afc19aaecba2893d128dd5ecd  C:\Windows\system32\dpx.dll
MD5: 3911b972b55fea0478476b2e777b29fa  C:\Windows\system32\drivers\afd.sys
MD5: 18bff317bdb10c64a35e1ca85f1ec051  C:\Windows\system32\DRIVERS\Apfiltr.sys
MD5: 0b92ccf7bfcbe2b33838434f2f50cb61  C:\Windows\system32\DRIVERS\b57nd60x.sys
MD5: 35f376253f687bde63976ccb3f2108ca  C:\Windows\system32\DRIVERS\bowser.sys
MD5: cd4113699ce34fe4b63c99aaa13f10c1  C:\Windows\System32\Drivers\btcusb.sys
MD5: ac2e61482a57ea50730f8c2679f37040  C:\Windows\System32\Drivers\BtHidBus.sys
MD5: 4a74bbb2b6761789f42a6613479bdb1d  C:\Windows\System32\Drivers\BTHport.sys
MD5: 1a407f9b707a06f55aa150f9aa072b09  C:\Windows\System32\Drivers\BTHUSB.sys
MD5: 6783c5c81bfb640469468a80dfa1ccb3  C:\Windows\System32\Drivers\btnetBus.sys
MD5: 33a331bd56aeaef290e175e926d52c57  C:\Windows\system32\DRIVERS\btnetdrv.sys
MD5: 622c41a07ca7e6dd91770f50d532cb6c  C:\Windows\System32\Drivers\dfsc.sys
MD5: 73baf270d24fe726b9cd7f80bb17a23d  C:\Windows\system32\DRIVERS\DKbFltr.sys
MD5: c68ac676b0ef30cfbb1080adce49eb1f  C:\Windows\System32\drivers\dxgkrnl.sys
MD5: 29dcaeb81dde6f154aa4d36b18ecbb1f  C:\Windows\system32\DRIVERS\enecir.sys
MD5: d909075fa72c090f27aa926c32cb4612  C:\Windows\system32\DRIVERS\fssfltr.sys
MD5: d8df3722d5e961baa1292aa2f12827e2  C:\Windows\system32\DRIVERS\hidir.sys
MD5: 5a77ac34a0ffb70ce8b35b524fede9ba  C:\Windows\system32\DRIVERS\HSX_CNXT.sys
MD5: 7bc42c65b5c6281777c1a7605b253ba8  C:\Windows\system32\DRIVERS\HSX_DPV.sys
MD5: 9ebf2d102ccbb6bcdfbf1b7922f8ba2e  C:\Windows\system32\DRIVERS\HSXHWAZL.sys
MD5: 997e8f5939f2d12cd9f2e6b395724c16  C:\Windows\system32\drivers\iastor.sys
MD5: 2714bb9e5c05bebf8488207a1b5a5f62  C:\Windows\system32\DRIVERS\idmwfp.sys
MD5: a9221d13d8f1f772010ee293ba9baeb7  C:\Windows\system32\DRIVERS\igdkmd32.sys
MD5: 97469037714070e45194ed318d636401  C:\Windows\system32\drivers\intelide.sys
MD5: 01cbb39001afda1152f3fce15ab646ea  C:\Windows\System32\Drivers\IvtBtBus.sys
MD5: 94d67d49bd9503bb1d838405d80f2058  C:\Windows\system32\DRIVERS\kl1.sys
MD5: 713576569667ac9e0f8556076004a96b  C:\Windows\system32\DRIVERS\kl2.sys
MD5: 39920d69eaedb51757527aa54fe25216  C:\Windows\system32\DRIVERS\klif.sys
MD5: cf88b4985d957eee45c9939092e87c92  C:\Windows\system32\DRIVERS\klim6.sys
MD5: 3de1771c135328420315e21dde229bba  C:\Windows\system32\DRIVERS\klmouflt.sys
MD5: 0db7527db188c7d967a37bb51bbf3963  C:\Windows\system32\drivers\mbamswissarmy.sys
MD5: 1e94971c4b446ab2290deb71d01cf0c2  C:\Windows\system32\DRIVERS\mrxsmb.sys
MD5: 4fccb34d793b116423209c0f8b7a3b03  C:\Windows\system32\DRIVERS\mrxsmb10.sys
MD5: c3cb1b40ad4a0124d617a1199b0b9d7c  C:\Windows\system32\DRIVERS\mrxsmb20.sys
MD5: 1d73499a6664b4da05d750ff83fdb274  C:\Windows\system32\DRIVERS\NETw4v32.sys
MD5: 7f1c1f78d709c4a54cbb46ede7e0b48d  C:\Windows\system32\DRIVERS\NTIDrvr.sys
MD5: fd2041e9ba03db7764b2248f02475079  C:\Windows\system32\DRIVERS\pccsmcfd.sys
MD5: 1636d43f10416aeb483bc6001097b26c  C:\Windows\system32\DRIVERS\pciide.sys
MD5: 9aed513c256e49bd3485190f4db0dcd1  C:\Windows\system32\DRIVERS\psdfilter.sys
MD5: aa7c6ff04fe84674959bcc9762f400a3  C:\Windows\system32\drivers\PSDNServ.sys
MD5: d0ab5a590ff8ec49241fafc3cf29f49d  C:\Windows\system32\drivers\psdvdisk.sys
MD5: 001b4278407f4303efc902a2b16f2453  C:\Windows\system32\drivers\regi.sys
MD5: 355aac141b214bef1dbc1483afd9bd50  C:\Windows\system32\DRIVERS\rimmptsk.sys
MD5: a4216c71dd4f60b26418ccfd99cd0815  C:\Windows\system32\DRIVERS\rimsptsk.sys
MD5: d231b577024aa324af13a42f3a807d10  C:\Windows\system32\DRIVERS\rixdptsk.sys
MD5: 5d854cbac8b7b4b964406f9808c95fae  C:\Windows\system32\drivers\RTKVHDA.sys
MD5: 103b79418da647736ee95645f305f68a  C:\Windows\system32\drivers\sffdisk.sys
MD5: 9cfa05fcfcb7124e69cfc812b72f9614  C:\Windows\system32\drivers\sffp_sd.sys
MD5: 53d1e2ecbf26b313ffdd2b8ba3d2f66e  C:\Windows\system32\DRIVERS\snp2uvc.sys
MD5: d08d19ee68cb88ab1bc5da3081505847  C:\Windows\system32\DRIVERS\snpstd.sys
MD5: 1c63fe706ab797bc3c24813ff969b4de  C:\Windows\system32\DRIVERS\Spyder3.sys
MD5: 41987f9fc0e61adf54f581e15029ad91  C:\Windows\System32\DRIVERS\srv.sys
MD5: ff33aff99564b1aa534f58868cbe41ef  C:\Windows\System32\DRIVERS\srv2.sys
MD5: 7605c0e1d01a08f3ecd743f38b834a44  C:\Windows\System32\DRIVERS\srvnet.sys
MD5: b2063ce662af3ab20045121a5b716df6  C:\Windows\system32\DRIVERS\sscebus.sys
MD5: 66799dc0afe3dcaf8368cae17394a762  C:\Windows\system32\DRIVERS\sscemdfl.sys
MD5: cbf03ffc08f8db547bab2f79aa663d16  C:\Windows\system32\DRIVERS\sscemdm.sys
MD5: 814a1c66fbd4e1b310a517221f1456bf  C:\Windows\System32\drivers\tcpip.sys
MD5: e362d54fd394999c4178936396664e57  C:\Windows\system32\drivers\Toshidpt.sys
MD5: 8d624d3bd1f2d78bd1c01a2d4e954b4e  C:\Windows\system32\DRIVERS\tosporte.sys
MD5: a594dbd80ca5426e2e558bf79195a110  C:\Windows\system32\DRIVERS\tosrfbd.sys
MD5: 90c8525bc578aaffe87c2d0ed4379e9e  C:\Windows\System32\Drivers\tosrfbnp.sys
MD5: 5ba1ca3b3cddb1ddc67df473f05d1ec2  C:\Windows\System32\Drivers\tosrfcom.sys
MD5: 28099a4e52148319afa685d93a2244d0  C:\Windows\system32\DRIVERS\Tosrfhid.sys
MD5: c52fd27b9adf3a1f22cb90e6bcf9b0cb  C:\Windows\system32\DRIVERS\tosrfnds.sys
MD5: 7c0999169ef696f10761bf8275027330  C:\Windows\system32\drivers\tosrfsnd.sys
MD5: 20cc46c5d3326122e1a0a8c9dad00e0d  C:\Windows\system32\DRIVERS\tosrfusb.sys
MD5: 32c068eaf37c92d7194eee1faa1e7853  C:\Windows\system32\DRIVERS\usbccid.sys
MD5: cc861da7c724f1da4f5eaf4c734fac35  C:\Windows\system32\drivers\vad.sys
MD5: 025c2a8cba0ab595d3461d278eff5793  C:\Windows\system32\DRIVERS\VComm.sys
MD5: 95ddf14292354887d7d8c8a0881c7485  C:\Windows\System32\Drivers\VcommMgr.sys
MD5: 15a317674a08df26be65164d959e9203  C:\Windows\System32\drivers\XAudio.exe
MD5: 88af537264f2b818da15479ceeaf5d7c  C:\Windows\system32\DRIVERS\xaudio.sys
MD5: 6843926aff733d46a04f9d4e1c1a6b14  C:\Windows\system32\DWrite.dll
MD5: aaae543c535ed596ecad2ab8761c2c6f  C:\Windows\system32\dxgi.dll
MD5: 4312debdacbe338f0b90e7f08e7672be  C:\Windows\system32\Dxtmsft.dll
MD5: ca493a92da9880b6f1a89c3dbd54ba5b  C:\Windows\system32\Dxtrans.dll
MD5: f5a677c8d7f32803cac89befbe3c2e37  C:\Windows\System32\E_FLM9IE.DLL
MD5: 3003e2cc465aad3ba935b62c7585cccc  C:\Windows\system32\eDSshellExt.dll
MD5: b91a01de60e429745a2a24bfd3285466  c:\windows\system32\edstoolbar.dll
MD5: abaeaee763e287bdd39094c4165e1f3f  C:\Windows\system32\fdproxy.dll
MD5: 8ce364388c8eca59b14b539179276d44  c:\windows\system32\fntcache.dll
MD5: 67bb7141f7f5f37411f796943b3418b6  C:\Windows\system32\framedynos.dll
MD5: b89484f5b66fb49f9981704ae43aa7ae  C:\Windows\System32\hccutils.DLL
MD5: b4b59ac042ee3733a862f26cbc0b17fc  C:\Windows\system32\hidphone.tsp
MD5: 63ffa18e782debbe8cc62195ad3783ca  C:\Windows\System32\hkcmd.exe
MD5: 0c84b6affa7486422235584110d7176f  c:\windows\system32\ICAAPI.dll
MD5: ee9d715af1b928982f417238b9914484  C:\Windows\system32\ieapfltr.dll
MD5: 691e93028b8723e05b4a637be77380dd  C:\Windows\system32\ieframe.dll
MD5: 1416ab557be700fa117323b6b8f32882  C:\Windows\system32\iertutil.dll
MD5: 274e38af453fa9e079b1d5a85f5f0921  C:\Windows\system32\IEUI.dll
MD5: 0ff4adc942a9353c4aeb1d06eb22b34f  C:\Windows\system32\igdumd32.dll
MD5: 67cf6b23bdade026acfbebbe24148738  C:\Windows\system32\igdumdx32.dll
MD5: f4c2a48c1f8b76217b2b6bffe52ef695  C:\Windows\system32\igfxdev.dll
MD5: bbf84f08a343374bed5687aa6c5797b8  C:\Windows\System32\igfxpers.exe
MD5: 2440c98072202ea01cf69985c045e9ad  C:\Windows\system32\igfxrESP.lrc
MD5: 15921a65f208e1a4beadd9ab1625680b  C:\Windows\System32\igfxress.dll
MD5: 96a309796ee5a2382c78fd9eafaaaec1  C:\Windows\system32\igfxsrvc.dll
MD5: c5c241a18788eed88e6c276d04b7d6ab  C:\Windows\System32\igfxsrvc.exe
MD5: 40104ffe9d38e05ca836814cfc47d258  C:\Windows\system32\igfxTMM.dll
MD5: 48a9d4961dd0c0e4decd99da597ae7b7  C:\Windows\System32\igfxtray.exe
MD5: 68563ac389f92ee79f1c714288ba1dce  C:\Windows\system32\ImgUtil.dll
MD5: 82586704868e3abb382cae303b41e8b7  C:\Windows\System32\jscript9.dll
MD5: 574b473facaa0e91702b86578440b525  C:\Windows\system32\kernel32.dll
MD5: 74c2f29cc612b2b34231bebd824d2fb2  C:\Windows\system32\keyiso.dll
MD5: 69a6f66e921ae6a6814f021f7e9fa1d0  C:\Windows\system32\keyManager.dll
MD5: d3ce4ed253a1ea6aa85a5a8b481b836e  C:\Windows\system32\klogon.dll
MD5: 953193a9dea40348c1086d171f6440ae  C:\Windows\system32\kmddsp.tsp
MD5: ca0b849566776a17f35f0339be17dfd9  c:\windows\system32\ktmw32.dll
MD5: 19ffad68a02af1bf0bc336ee26cd6767  c:\windows\system32\l2gpstore.dll
MD5: 35d40113e4a5b961b6ce5c5857702518  c:\windows\system32\lmhsvc.dll
MD5: 9c54f2cc2301599d698399d7e49c7321  C:\Windows\system32\Macromed\Flash\Flash10l.ocx
MD5: ee91d9228d93a2d652f1caa83c830f3d  C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.dll
MD5: 711fd53e441255983c0ab014e2f107f4  C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe
MD5: 21a67095edc11a528f5434d28bb0ef3c  C:\Windows\system32\Macromed\Flash\NPSWF32.dll
MD5: 67d16247c56c26a4f0d79d1a7f272b8f  C:\Windows\system32\MF.dll
MD5: ef24642d5fb52a1eef56de9e47cbb993  C:\Windows\system32\mfc42.dll
MD5: bf142d4f8c61ed3629a9cdd7ba867900  C:\Windows\system32\MFPlat.DLL
MD5: b4f5de3dad8e6b97272f45db97674878  C:\Windows\System32\mgmtapi.dll
MD5: 2e837f3d406224df131c34bc8f71621e  C:\Windows\system32\modemui.dll
MD5: 56e315acfb08a177b4d01e42b9044db5  C:\Windows\System32\MPRAPI.dll
MD5: 66c0aee61d1c5c35bf1b4642a153b114  C:\Windows\system32\MSHTML.dll
MD5: 35aae2e841aa1a949775168e119482c9  C:\Windows\system32\msls31.dll
MD5: 81adb60c39decb86676d1c6f9578e68b  C:\Windows\system32\MsnChatHook.dll
MD5: 5e41139ec6efbcaffd96d46925e544ab  c:\windows\system32\mspatcha.dll
MD5: abe9eea1eabea0711610a637a7b1c25d  C:\Windows\system32\msprivs.dll
MD5: ff41e1ac301f51e16f61ad7c0f45467c  C:\Windows\System32\msshsq.dll
MD5: 2fa16465f64db54b1f7f511395eb4fd7  C:\Windows\system32\NCObjAPI.DLL
MD5: f4d9ed6bd74ad7cc0bec83c43a1cb76b  c:\windows\system32\ncsi.dll
MD5: 2f6776acefe41ee889c464ea407918f2  C:\Windows\system32\ndptsp.tsp
MD5: 6bc5fcef351e4cb5a269c1e84b5a06da  C:\Windows\system32\netcfgx.dll
MD5: 95daecf0fb120a7b5da679cc54e37dde  C:\Windows\system32\netlogon.dll
MD5: 4bf053944e973c073339be841c9ecf28  C:\Windows\System32\NETRAP.dll
MD5: 3328610fa4de8ac8ab0a13020ddc5a13  C:\Windows\System32\NLSLexicons000a.dll
MD5: b1ef4686961986dffb7fe8f18e6fcb5b  C:\Windows\System32\nlssrv32.exe
MD5: b400ed9fa710f2e5fc3c1cb14d7947b0  C:\Windows\System32\NMSAccessU.exe
MD5: 8bb86f0c7eea2bded6fe095d0b4ca9bd  c:\windows\system32\nsisvc.dll
MD5: dda770bbd7c2ed024d6f50e279d90e5b  C:\Windows\system32\ntdll.dll
MD5: 862363973dcbcc31dd161ef41a69153c  C:\Windows\system32\ODBC32.dll
MD5: 9586e7cb2255a8b097a7e4538202585e  C:\Windows\system32\ole32.dll
MD5: dc15ab7168c0309d8f04fd95b6240422  C:\Windows\system32\OLEACC.dll
MD5: b218342214d9bba0f54ea12ba2e9278c  C:\Windows\system32\OLEAUT32.dll
MD5: 4a1feebf039b283258b0e479fa135dba  C:\Windows\System32\osbaseln.dll
MD5: f0062778f50838145ac46b384ffb4fa3  C:\Windows\system32\pcadm.dll
MD5: 7d1a10a1f3562cca1fd38e9bada8fec0  C:\Windows\SYSTEM32\perfos.dll
MD5: 21322832c99e8de85bd047689a2a69db  C:\Windows\system32\pnpts.dll
MD5: e340845c8e96d107c36420065d7a5733  C:\Windows\system32\printcom.dll
MD5: 124b2208299612b65c5cc00aad8ddcdd  C:\Windows\system32\PSDUtil.dll
MD5: 801f1e963f7eeffda3f9ef89db3ef133  C:\Windows\system32\radardt.dll
MD5: 2dd6af8e97f59c9d39329bbc2a81f13f  C:\Windows\System32\RASDLG.dll
MD5: 88225070dd2f7b0b2ed51e7935078641  C:\Windows\system32\RASQEC.DLL
MD5: b9f3ff52b84fd9e3cafb29b8ee385e5b  C:\Windows\system32\RESUTILS.DLL
MD5: ab530fdd34c67b497a20171d1234cfe9  C:\Windows\system32\RichEd32.Dll
MD5: 8efda5e4d177f3ccf5d620675909ed42  C:\Windows\system32\RtkAPO.dll
MD5: 2ab58991862153a248779174d4e4212b  C:\Windows\system32\schannel.dll
MD5: 1a58069db21d05eb2ab58ee5753ebe8d  c:\windows\system32\schedsvc.dll
MD5: 167ac31450c0c53a01fa1491e94d7678  C:\Windows\system32\SHDOCVW.dll
MD5: 33ae914c24f546aabf281ba7b138186d  C:\Windows\system32\SHELL32.dll
MD5: 9176285122b7b849fec2aa1b72a8f7a8  C:\Windows\system32\SHLWAPI.dll
MD5: 6259e1c5360a9eae4dfb4e9834033150  C:\Windows\system32\ShowErrMsg.dll
MD5: c7230fbee14437716701c15be02c27b8  C:\Windows\SYSTEM32\SHSVCS.dll
MD5: 8554097e5136c3bf9f69fe578a1b35f4  C:\Windows\System32\spoolsv.exe
MD5: 43aef7355d24090ca7c24c83846bd981  C:\Windows\system32\SPP.dll
MD5: bc8e5f6aaf447364a6f6a00d3f8faf29  C:\Windows\system32\SrClient.dll
MD5: 1bf5eebfd518dd7298434d8c862f825d  c:\windows\system32\srvsvc.dll
MD5: 452341e471d2d961229dfe0842957272  C:\Windows\system32\SSCORE.DLL
MD5: b5950df243837d8217f4e597919b224a  C:\Windows\system32\stobject.dll
MD5: 9f433f65d10043295f42dd015b189426  C:\Windows\system32\SxsStore.dll
MD5: a6c75550fdca0accb302ac74c9f8bbb2  C:\Windows\system32\sysenv.dll
MD5: 71f5a7104fdf16c0ac5283a6ce666553  C:\Windows\system32\SYSNTFY.dll
MD5: 2a6a2c09ecc2cb495628e45f1379ece8  C:\Windows\system32\taskcomp.dll
MD5: 3d50c4b10352367d5cb20ed1f50f8da2  C:\Windows\System32\taskeng.exe
MD5: 52e129522c1775dbb8cc252e7a0655c7  C:\Windows\system32\taskschd.dll
MD5: e662722d5c50ad1c0e201499e405fd73  C:\Windows\System32\tbtmon.dll
MD5: 61fb95b6f2a8715282e05c92e4527c5a  C:\Windows\System32\tbtmon98Language.dll
MD5: 5091452dc719281cf1dd69367e13b494  C:\Windows\System32\tcpmib.dll
MD5: 8a38b5e8493a9d103083b8620ac5f3a1  C:\Windows\System32\tdh.dll
MD5: 085f180f10bad13396cffadac5afb5d9  C:\Windows\System32\TosBdAPI.dll
MD5: e6e67f4b840fcd0bca5e1dadb5b575be  C:\Windows\System32\TosBtAPI.dll
MD5: de955d6a5097dc306af8c9f67e9a5f2d  C:\Windows\System32\TosBtHcrpAPI.dll
MD5: f8873d15018f411588bec02c1725bada  C:\Windows\system32\tspkg.dll
MD5: 1e780ae147da3ac2d3686a0a54fb264e  C:\Windows\System32\udcpm.dll
MD5: e45051c374f845edf3db02a35ba13193  C:\Windows\system32\umb.dll
MD5: 0b71899e60d1265229bf3d080eab573d  C:\Windows\system32\unimdmat.dll
MD5: dfbaadf1b624dc71e88d34d86b3595be  C:\Windows\system32\uniplat.dll
MD5: 814638f572f497d96b17bf254113d9a4  C:\Windows\system32\urlmon.dll
MD5: 0bf0bb276f17b6ad61a8694d2551ec28  C:\Windows\System32\usbmon.dll
MD5: 80fff14f1757b9af8be9d314fc1ae88b  C:\Windows\system32\USP10.dll
MD5: df1f51d2938a403bfe671b13a12fa434  C:\Windows\SYSTEM32\VDMDBG.dll
MD5: dc3ae9f1554dcd97f90983ddbdacd83d  C:\Windows\system32\vsstrace.dll
MD5: 5cc39a49069eea854d3d0546dc634599  C:\Windows\system32\VXDIF.DLL
MD5: f723422a11cd6fa13036746272200993  C:\Windows\system32\wbem\cimwin32.dll
MD5: 2c3b09e586bda2cc49a292be7badc589  C:\Windows\system32\wbem\wmiutils.dll
MD5: e7d0f91e44d9d3b2116fa549bdcdb756  c:\windows\system32\WDSCORE.dll
MD5: 5193de33f3284c447e0d31dafbf92570  c:\windows\system32\webcheck.dll
MD5: 0745d6ead386710110817fbec03f5161  C:\Windows\system32\wfapigp.dll
MD5: 73fe2e5fa55088a241aa2732f5d387d6  C:\Windows\system32\wiarpc.dll
MD5: 02f98b5c0e397ad06124d84428cf8f1a  C:\Windows\system32\WININET.dll
MD5: 101ba3ea053480bb5d957ef37c06b5ed  C:\Windows\System32\wininit.exe
MD5: 14ff750efe13b0c21e5a06507c3a97b1  c:\windows\system32\WINMM.dll
MD5: 5ec8fb83f31aa2d6f421f02c3f4f4475  C:\Windows\system32\WINSPOOL.DRV
MD5: d2293b069e4b63dc17b2f08d45e71124  C:\Windows\system32\winsrv.dll
MD5: 92283d9e33ec5f41ecc0b430b7459241  C:\Windows\SYSTEM32\wls0wndh.dll
MD5: f1ecec53b9ffc30e123d14e087c49111  C:\Windows\system32\wmdrmdev.dll
MD5: d571295b71c60a67f6f2ea987e5cc3b0  C:\Windows\system32\wmdrmnet.dll
MD5: bfe74095684093f14d24801c8c0d16e3  C:\Windows\system32\WMI.dll
MD5: 015e99a7634b93e8bb0380c70f3d2cc3  C:\Windows\system32\wmp.dll
MD5: 9441a231c0aa0712f7cf3b10d9cfcf76  C:\Windows\system32\wmploc.dll
MD5: 648ab74d9c104fb500b6c4eedc6a8772  C:\Windows\system32\wmpmde.dll
MD5: 617f9a5813e69f6e9ed94b811ec75396  C:\Windows\System32\wmpps.dll
MD5: f0321da5203f1e71917f3b7a13dc4912  C:\Windows\system32\WMsgAPI.dll
MD5: 83e354791cf2a6a74f077f79d2a2e40e  c:\windows\system32\WUDFPlatform.dll
MD5: 1908cc7673f72601affdca022689cedf  C:\Windows\system32\XmlLite.dll
MD5: d30fcc9632cf2eaae0a9e76f5d56016f  C:\Windows\vsnpstd.exe
MD5: a58374d1a487c3cf98355ba92c0188c0  C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cbscore.dll
MD5: 47071dd42f703390b205b33b11dab65c  C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\DrUpdate.dll
MD5: 971b711e37cf2cedce57b54384640e54  C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wcp.dll
MD5: e7d0f91e44d9d3b2116fa549bdcdb756  C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wdscore.dll
MD5: 380e6b396644edcdfa07e52d7d95ef99  C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wrpint.dll
MD5: d5e459bed3db9cf7fc6cc1455f177d2d  C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
MD5: 1d109ed0d660654ea7ff1574558031c4  C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc  C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4  C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: e2c48cd0132d4d1dc7d0df9a6bef686a  C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
MD5: d07aac2bc04602d886c3a925eb209d15  C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ESP.DLL
MD5: 58a14c45a5cd2528f10a889e7b0c3fc2  C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16  C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9  C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: 35acd5ea63d75e97dd0e9a1629e582b2  C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll
MD5: be3c082837866c4c291adaf163c10ea6  C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MD5: b5b09091b0e33c396ceec8995515bd41  C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll


Archivo no enviado

Scan finished - communication took 1 sec
Total traffic - 0.02 MB enviado, 1.95 KB recibido
Scanned 1039 files and modules - 75 seconds
==============================================================================


Reporte del MalwareBytes Anti-Malware

Código:
Malwarebytes Anti-Malware 1.60.0.1800
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Versión de la Base de Datos: v2012.01.20.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Antonio :: ANTONIO1 [administrador]

20/01/2012 11:17:56
mbam-log-2012-01-20 (11-17-56).txt

Tipos de Análisis: Análisis Completo
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 399563
Tiempo transcurrido: 2 hora(s), 40 minuto(s), 56 segundo(s)

Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)

Archivos Detectados: 1
C:\Program Files\Adobe\Adobe Photoshop CS3\PlugIns\patch.exe (PUP.Hacktool.Patcher) -> En cuarentena y eliminado con éxito.

fin)


Reporte Log del HijackThis

Código:
[SPOILER][CODE]Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:19:18, on 20/01/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Antonio\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\SYSTEM32\Taskmgr.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
C:\Program Files\Windows Live\Companion\companionuser.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! España
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! España
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! España
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! España
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Barra Yahoo! con bloqueador de ventanas emergentes - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: FileServeManager - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - C:\Program Files\FileServe Manager\FileServeBHO.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and vídeo formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: Agregar al componente Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Anexar destino de vínculo a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Descargar con IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Descargar con IDM todos los enlaces  - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Download with FileServe Manager - C:\Program Files\FileServe Manager\GetUrl.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enlace de descarga usando Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Teclado virtual - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Compro&bar direcciones URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: acaptuser32.dllenethook.dllenethook.dllenethook.dllc:\progra~1\kasper~1\kasper~1\kloehk.dll c:\progra~1\bandoo\bndhook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\Windows\SYSTEM32\astsrv.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Servicio Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\Program Files\Bandoo\Bandoo.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\system32\bgsvcgen.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Servicio Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Windows\system32\NMSAccessU.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Programador de LiveUpdate automático - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

Bueno espero que con esta cantidad de datos sea suficiente para su solucion.

Gracias de antemano por su generosidad
 

viru

Ex- Mod
Miembro
No tienes infecciones.
Alguna vez me ocurrió lo mismo que te está pasando a ti y si no recuerdo mal, la solución fue apartar uno a uno los archivos de la carpeta hasta encontrar al culpable. Es decir, sacaba un archivo de la carpeta y volvía a probar si aparecía el problema... si aparecía, volvía a meter ese archivo y quitaba otro, y así sucesivamente hasta encontrar al culpable del problema, en cuyo caso, al apartar ese archivo de la carpeta, para luego volver a revisar la carpeta comprobaba que ya no se producía el problema.
Si no recuerdo mal, en mi caso el archivo problemático era un archivo de video, así que yo te recomendaría empezar por estos.
Lo que no tengo claro es si esto te pasa al entrar a las carpetas de C:\ o es cuando entras a una carpeta la cual está en tu escritorio o dentro de tus documentos.
Que no se te olvide comentarnos que tal te ha ido ;)

Saludos.
 
B

benata

Guest
gracias por tu respuesta, yo suelo tener en el portatil el disco duro con dos particiones, una para el disco C: y otra como D: que lo uso de almacen, y es en este cuando me suele pasar.

gracias y un saludo
 

viru

Ex- Mod
Miembro
Pero te pasa en una carpeta específica o directamente al entrar en D:\ ?

Saludos.
 
B

benata

Guest
me suele pasar cuando empiezo a moverme entre las carpetas, y llevo un tiempo moviendome por ellas, entro en una, doy un paso atras, entro en otra, y asi. No siempre algúnas veces.
 

viru

Ex- Mod
Miembro
Descarga la utilidad ComboFix
Combofix.exe

Desactiva temporalmente el Antivirus y/o Antispyware.
Cierra todas las ventanas abiertas.

*Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
*Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

-Ejecuta ComboFix.exe para iniciar el programa.

-Se abrirá la ventana del programa en modo MS-DOS. Pulsa inmediatamente la tecla "Y" (Yes) y después sobre ENTER para iniciar el proceso de detección y limpieza.

-Los iconos del Escritorio desaparecerán (esto es normal) y aparecerá el mensaje "Performing a scan of your machine".

- A continuación, aparecerá el mensaje "Preparing a log report" "This takes a while. So, please be patient".

-Seguidamente, aparecerán los mensajes "Almost done..." "A report of Combofix's actions would be produced at C:\Combofix.txt".

-Se paciente y espera a que la ventana del programa se cierre sola y se muestre el archivo C:\Combofix.txt. Los iconos del Escritorio volverán a su sitio sin necesidad de tener que reiniciar el PC.

-Por último, el informe combofix.txt mostrará los archivos detectados y eliminados, ese reporte lo pegas aquí.

Saludos.
 
B

benata

Guest
gracias de nuevo, pero es que no se como se puede desactivar el antivirus, (Kaspersky Internet Security). Es la primera vez que lo voy a hacer y no se como se hace.

gracias.
 

viru

Ex- Mod
Miembro
Será bastante parecido a esto... Cómo habilitar/deshabilitar la autoprotección de Kaspersky Small Office Security 2 for File Server?
O bien puedes probar con hacer clic derecho sobre el icono de Kaspersky (esquina inferior derecha de tu pantalla) y pinchar en la opción Suspender la Proteccion.

Saludos.
 
B

benata

Guest
Aqui tienes el log de Combofix, y te vuelvo a reiterar mis gracias por tu generosidad y amabilidad.
Código:
ComboFix 12-01-21.02 - Antonio 22/01/2012  20:01:01.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.34.3082.18.2037.1096 [GMT 1:00]
Running from: c:\users\Antonio\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Logo.ico
c:\users\Antonio\g2mdlhlpx.exe
c:\windows\system32\HDREfexProFC32.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\office.exe
c:\windows\winhelp.ini
.
.
(((((((((((((((((((((((((   Files Created from 2011-12-22 to 2012-01-22  )))))))))))))))))))))))))))))))
.
.
2012-01-20 13:15 . 2012-01-20 13:15    --------    d-----w-    c:\users\Antonio\AppData\Roaming\QuickScan
2012-01-20 11:50 . 2012-01-06 04:19    6557240    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7893418-76C2-4BF4-9BAC-973FB0908165}\mpengine.dll
2012-01-20 10:17 . 2012-01-20 20:35    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-20 09:51 . 2011-12-10 14:24    20464    ----a-w-    c:\windows\system32\drivers\mbam.sys
2012-01-20 00:56 . 2012-01-20 00:56    388096    ----a-r-    c:\users\Antonio\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-20 00:09 . 2012-01-20 00:09    --------    d-----w-    c:\program files\Trend Micro
2012-01-19 20:20 . 2012-01-19 20:20    --------    d-----w-    c:\program files\AnalogX
2012-01-17 00:02 . 2012-01-17 00:02    --------    d-----w-    c:\users\Antonio\AppData\Roaming\Malwarebytes
2012-01-17 00:01 . 2012-01-17 00:01    --------    d-----w-    c:\programdata\Malwarebytes
2012-01-17 00:01 . 2012-01-20 09:51    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2012-01-12 20:00 . 2012-01-12 20:00    1208080    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-11 08:42 . 2011-10-14 16:03    189952    ----a-w-    c:\windows\system32\winmm.dll
2012-01-11 08:42 . 2011-10-14 16:00    23552    ----a-w-    c:\windows\system32\mciseq.dll
2012-01-11 08:42 . 2011-11-18 20:23    1205064    ----a-w-    c:\windows\system32\ntdll.dll
2012-01-11 08:42 . 2011-11-18 17:47    66560    ----a-w-    c:\windows\system32\packager.dll
2012-01-11 08:42 . 2011-11-25 15:59    376320    ----a-w-    c:\windows\system32\winsrv.dll
2012-01-11 08:42 . 2011-12-01 15:21    2409784    ----a-w-    c:\program files\Windows Mail\OESpamFilter.dat
2012-01-11 08:42 . 2011-10-25 15:58    1314816    ----a-w-    c:\windows\system32\quartz.dll
2012-01-11 08:42 . 2011-10-25 15:58    497152    ----a-w-    c:\windows\system32\qdvd.dll
2012-01-06 21:50 . 2012-01-06 21:51    --------    d-----w-    c:\users\Antonio\AppData\Local\Facebook
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:37 . 2011-12-14 19:49    2043904    ----a-w-    c:\windows\system32\win32k.sys
2011-11-15 13:29 . 2009-10-25 19:50    222080    ------w-    c:\windows\system32\MpSigStub.exe
2011-11-08 14:42 . 2011-12-14 19:49    2048    ----a-w-    c:\windows\system32\tzres.dll
2011-11-06 15:13 . 2010-06-24 10:33    18328    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-27 08:01 . 2011-12-14 19:50    3602816    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01 . 2011-12-14 19:50    3550080    ----a-w-    c:\windows\system32\ntoskrnl.exe
2011-10-25 15:56 . 2011-12-14 19:49    49152    ----a-w-    c:\windows\system32\csrsrv.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50    21864    ----a-w-    c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2011-07-07 3392920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 4468736]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-05-09 1286144]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-12 457728]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-02 365336]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-26 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-26 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-26 150552]
"snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2001-1-10 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Spyder3Utility.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk
backup=c:\windows\pss\Spyder3Utility.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-03-21 12:00    174872    ----a-w-    c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2011-07-07 06:28    3392920    ----a-w-    c:\program files\Internet Download Manager\IDMan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59    254696    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs    REG_MULTI_SZ       BthServ
LocalServiceAndNoImpersonation    REG_MULTI_SZ       FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1911467015-4292813485-2143558299-1000Core.job
- c:\users\Antonio\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-06 21:50]
.
2012-01-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1911467015-4292813485-2143558299-1000UA.job
- c:\users\Antonio\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-06 21:50]
.
2012-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-03 17:47]
.
2012-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-03 17:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.searchqu.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://es.es.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://es.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! España
IE: Agregar al componente Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: Anexar a PDF existente - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Anexar destino de vínculo a PDF existente - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convertir a Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir destino de vínculo a Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir destino de vínculo en archivo Adobe PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir selección a Adobe PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir vínculos seleccionados a Adobe PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Descargar con IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Descargar con IDM todos los enlaces  - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download with FileServe Manager - c:\program files\FileServe Manager\GetUrl.htm
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Enlace de descarga usando Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
TCP: DhcpNameServer = 62.42.230.24 62.42.63.52
FF - ProfilePath - c:\users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\pws4sm6q.default\
FF - prefs.js: browser.search.selectedEngine - Searchqu Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.IGOOGLE.COM
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=101&sr=0&q=
FF - Ext: Anti-Banner: KavAntiBanner@kaspersky.ru_bak - c:\program files\Mozilla Firefox 3.6 Beta 1\extensions\KavAntiBanner@kaspersky.ru_bak
FF - Ext: Supervisor Kaspersky de vÃ*nculos URL: linkfilter@kaspersky.ru_bak - c:\program files\Mozilla Firefox 3.6 Beta 1\extensions\linkfilter@kaspersky.ru_bak
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 3.6 Beta 1\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 1\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox 3.6 Beta 1\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Exif Viewer: exif_viewer@mozilla.doslash.org - %profile%\extensions\exif_viewer@mozilla.doslash.org
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Mega Manager Integration: {40a1f5d7-afc2-498f-b264-02668d616ff6} - %profile%\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
FF - Ext: Easy YouTube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Bandoo for Firefox: ffox@bandoo.com - %profile%\extensions\ffox@bandoo.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Kaspersky Virtual Keyboard: virtualKeyboard@kaspersky.ru - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF - Ext: FileServe Manager: {9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5} - c:\program files\FileServe Manager\FireFox_Extension\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}
FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\users\Antonio\AppData\Roaming\IDM\idmmzcc5
FF - Ext: Bandoo for Firefox: ffox@bandoo.com - c:\users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\pws4sm6q.default\extensions\ffox@bandoo.com
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-MSServer - c:\windows\system32\hgGyyywW.dll
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-01-22 20:13
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\?\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1911467015-4292813485-2143558299-1000_Classes\CLSID\{1348f27e-6444-45c4-86ef-2af968f77b7d}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000004d
"Therad"=dword:0000001f
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
   1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-1911467015-4292813485-2143558299-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):e8,ac,f5,f7,69,b1,67,f1,19,a4,83,94,02,2f,f2,73,2c,77,e4,e6,1b,
   64,b8,af,be,37,a6,ee,50,0c,cd,f8,c5,8a,03,f1,c1,f4,22,ca,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-01-22  20:18:21
ComboFix-quarantined-files.txt  2012-01-22 19:18
.
Pre-Run: 4.075.819.008 bytes libres
Post-Run: 4.001.300.480 bytes libres
.
- - End Of File - - 7ECF3CE30C33D6D09EA0B0971BF66802
 
B

benata

Guest
de vez en cuando aun me sigue el mismo problema, se me sube el explorer al 100
 

viru

Ex- Mod
Miembro
No uso Windows vista, así que no te puedo decir los pasos exactos, pero yo probaría a desactivar la vista previa y detalles de las carpetas y ponerlas en vista clásica (que se vean como una lista, sin imágenes), me refiero a todas las carpetas que contengan archivos de video, música o imágenes.
Ya nos contarás.

Saludos.

P.D: He mirado un poco y creo que los pasos son estos...
Ir a Inicio/ Panel de control/ Apariencia y personalización y a continuación, en Opciones de carpeta, haces clic en la ficha General y luego clic en Utilizar las carpetas clásicas de Windows.
 
B

benata

Guest
probare para ver que tal. De nuevo gracias por tu amabilidad sin limites.

un saludo
 
B

benata

Guest
nada de nada, sigue subiendo la cpu a 100, y eso que he activado las carpetas en modo lista
 

viru

Ex- Mod
Miembro
Pues vas a tener que armarte de paciencia y tratar de localizar la carpeta que tiene el problema. Ya te digo yo que lo mas probable es que sea una carpeta que contenga videos, música o imágenes, pero por sobre suele pasar con los videos.
Explora cada carpeta, una a una y localiza cual de ellas es la que dá el problema, luego tendrás que sacar de esa carpeta los archivos, uno a uno hasta que encuentres al archivo culpable. De momento, no se me ocurre otra cosa.
Es más (creo que ya te lo comenté) cuando me pasó lo mismo a mí, esa fué la forma en que lo solucione.

Saludos.
 
B

benata

Guest
pues al final creo que lo solucione. Me puse a cmbiar la vista de las carpetas a lista, y me movi de arriba a abajo por todas, cambiandolas de vista, y en ningún momento se me cargo la cpu. Eso si hubo un momento en una carpeta de vídeo que me llego a bloquear y saturar la cpu al 100 pero cuando le cambie la vista a tipo lista y termine el proceso de Explorer, y volví a iniciarlo, de nuevo entre y me movi por todas las carpetas incluida esta ultima sospechosa y en principio no tuve ningún problema.

Espero con el tiempo y los días hacer un seguimiento. Pero en principio parece que todo era cambiar la vista de las carpetas de "Iconos medios" a "Lista.

Lo dicho te reitero mis gracias por tu amabilidad, y si surge algún contratiempo ya estaremos en contacto.
 

viru

Ex- Mod
Miembro
No es nada benata, para eso estamos.
Me alegra muchisimo que lo hayas solucionado (ya no tenía mas ideas :p)
De momento daré el tema como solucionado y cerraré el tema, pero si volviese el problema, no dudes en mandarme un Mensaje Privado para que lo reabra.

Saludos.
 
Estado
Cerrado para nuevas respuestas.
Arriba Pie