• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 24

    Feed Helperbar, SweetIM (Solucionado)

    Resumen del tema: Feed Helperbar, SweetIM (Solucionado) - Hola gente de Spyware tengo un problema con mi navegador Google Chrome, acostumbrado a poner en la barra sin entrar en google lo que quiero buscar, ahora cada vez que lo hago me sale esto. ...

      
    1. #1
      Usuario Avatar de ivaaan_
      Registrado
      oct 2012
      Ubicación
      -
      Mensajes
      12

      Molesto Feed Helperbar, SweetIM (Solucionado)

      Hola gente de Spyware tengo un problema con mi navegador Google Chrome, acostumbrado a poner en la barra sin entrar en google lo que quiero buscar, ahora cada vez que lo hago me sale esto.

      EDITADO enlace a código malicioso.


      Alguna sugerencia?
      Última edición por NeoByte fecha: 18/10/12 a las 03:29:02

    2. #2
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.135

      re: Feed Helperbar, SweetIM

      Hola ivaaan_
      Y bienvenido al foro

      Temas de interes:
      Porfavor edita tu respuesta y elimina el reporte de hijckthis, en este sector no se permiten.

      Tambien evita autoresponderte, ya que si tu tema no aparece con 0 respuestas pensaremos que ya estas siendo ayudado, cuando no es asi Si quieres añadir informacion usa la opcion editar y no responder

      Despues de eliminado el reporte de hijackthis realiza lo siguiente porfavor:
      Ejecuta A-T Destroyer siguiendo estas indicaciones:
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer como administrador.
      • Aparecerá el Disclaimer, si estas de acuerdo, presiona SI para continuar.
      • Presiona sobre la opción 1 (Buscar y Destruir) para comenzar es escaneo.
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya encontrado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      • Si algún programa no inicia, reiniciar la PC.
      Nos traerias el reporte de atdestroyer (c:\atdestroyer.txt) comentandonos el estado del problema.

      Saludos
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de ivaaan_
      Registrado
      oct 2012
      Ubicación
      -
      Mensajes
      12

      re: Feed Helperbar, SweetIM

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      InfoSpyware
      Fecha iniciada en el analisis 17/10/2012
      Hora iniciada en el analisis 21:23:27,77
      Usuario Actual : [C:\Users\Antonella]
      Sistema Operativo: Windows 7 Starter
      Service pack: Service Pack 1
      Arquitectura: Sistema operativo de 32 bits
      Versión Internet Explorer: 9.0.8112.16421
      Modo Actual: Modo Normal.
      Privilegios: [Antonella-Administrador]
      Versión Google Chrome: 22.0.1229.94
      Versión Mozilla Firefox: 1.8.1.20

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======


      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | ( Iminent )
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | ( IminentMessenger )
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
      HKEY_CURRENT_USER\Software\ImInstaller\IncrediMail
      HKEY_CURRENT_USER\Software\ImInstaller
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\AppPaths
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\AppPaths\cleanlab.exe
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\AppPaths\client
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\HomePage
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent\Assemblies
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent\Mediator
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent\Mediator\Server
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent\WebBooster
      HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
      HKEY_CURRENT_USER\SOFTWARE\Iminent
      HKEY_CURRENT_USER\SOFTWARE\Iminent\SearchTheWeb
      HKEY_CURRENT_USER\SOFTWARE\Iminent
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\Complitly.DLL
      HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
      HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\InprocServer32
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ProgID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\Programmable
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\TypeLib
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\VersionIndependentProgID
      HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}\ProxyStubClsid
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}\ProxyStubClsid32
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}\TypeLib
      HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}\1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}\1.0\0
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}\1.0\0\win32
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}\1.0\FLAGS
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}\1.0\HELPDIR
      HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO\CLSID
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO\CurVer
      HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1\CLSID
      HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
      HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
      HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
      HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
      HKEY_LOCAL_MACHINE\SOFTWARE\SimplyGen\Marker
      HKLM\SOFTWARE\SimplyGen


      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}
      C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\0.ini
      C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\20120311234409.log
      C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\20120314162153.log
      C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\7723387C8593EA63
      C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\A46EB1C23B1AA7B0
      "C:\ProgramData\InstallMate"
      C:\ProgramData\Premium\Setup
      "C:\ProgramData\Premium"
      C:\Users\Antonella\AppData\Roaming\OpenCandy\74D11B27505343CAABC71177270D3AF0
      C:\Users\Antonella\AppData\Roaming\OpenCandy\74D11B27505343CAABC71177270D3AF0\3175.ico
      C:\Users\Antonella\AppData\Roaming\OpenCandy\74D11B27505343CAABC71177270D3AF0\EBB77268-338F-4C6A-8590-AD88FED26F4A
      C:\Users\Antonella\AppData\Roaming\OpenCandy\74D11B27505343CAABC71177270D3AF0\LinkuryInstaller.msi
      C:\Users\Antonella\AppData\Roaming\OpenCandy\74D11B27505343CAABC71177270D3AF0\LinkuryInstaller_p1v16.exe
      C:\Users\Antonella\AppData\Roaming\OpenCandy\74D11B27505343CAABC71177270D3AF0\OCBrowserHelper_1.0.3.85.dll
      "C:\Users\Antonella\AppData\Roaming\OpenCandy"
      C:\Users\Antonella\Appdata\Local\Babylon\Setup
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\bab033.tbinst.dat
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\bab091.norecovericon.dat
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\Babylon.dat
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\BExternal-9.0.3.23.zpb
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\Setup-tbmntr903-9.0.3.23.zpb
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\Setup.exe
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\SetupStrings.dat
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\sqlite3.dll
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\common.js
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\eula.html
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\page2.css
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\page2.html
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\page2.js
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\page2Lrg.css
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\page9.html
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\pBar.gif
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\Thumbs.db
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\title2.png
      C:\Users\Antonella\Appdata\Local\Babylon\Setup\HtmlScreens\toolBar.jpg
      "C:\Users\Antonella\Appdata\Local\Babylon"
      C:\Users\Antonella\AppData\Roaming\Babylon\log_file.txt
      "C:\Users\Antonella\AppData\Roaming\Babylon"
      C:\Program Files\SweetIM\Messenger
      C:\Program Files\SweetIM\Messenger\ContentPackagesActivationHandler.exe
      C:\Program Files\SweetIM\Messenger\default.xml
      C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll
      C:\Program Files\SweetIM\Messenger\mgArchive.dll
      C:\Program Files\SweetIM\Messenger\mgcommon.dll
      C:\Program Files\SweetIM\Messenger\mgcommunication.dll
      C:\Program Files\SweetIM\Messenger\mgconfig.dll
      C:\Program Files\SweetIM\Messenger\mgFlashPlayer.dll
      C:\Program Files\SweetIM\Messenger\mghooking.dll
      C:\Program Files\SweetIM\Messenger\mgICQAuto.dll
      C:\Program Files\SweetIM\Messenger\mgICQMessengerAdapter.dll
      C:\Program Files\SweetIM\Messenger\mglogger.dll
      C:\Program Files\SweetIM\Messenger\mgMediaPlayer.dll
      C:\Program Files\SweetIM\Messenger\mgMsnAuto.dll
      C:\Program Files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
      C:\Program Files\SweetIM\Messenger\mgsimcommon.dll
      C:\Program Files\SweetIM\Messenger\mgSweetIM.dll
      C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll
      C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll
      C:\Program Files\SweetIM\Messenger\mgYahooAuto.dll
      C:\Program Files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
      C:\Program Files\SweetIM\Messenger\msvcp71.dll
      C:\Program Files\SweetIM\Messenger\msvcr71.dll
      C:\Program Files\SweetIM\Messenger\resources
      C:\Program Files\SweetIM\Messenger\SweetIM.exe
      C:\Program Files\SweetIM\Messenger\resources\images
      C:\Program Files\SweetIM\Messenger\resources\sqlite
      C:\Program Files\SweetIM\Messenger\resources\images\AudibleButton.png
      C:\Program Files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
      C:\Program Files\SweetIM\Messenger\resources\images\EmoticonButton.png
      C:\Program Files\SweetIM\Messenger\resources\images\GamesButton.png
      C:\Program Files\SweetIM\Messenger\resources\images\KeyboardButton.png
      C:\Program Files\SweetIM\Messenger\resources\images\NudgeButton.png
      C:\Program Files\SweetIM\Messenger\resources\images\SoundFxButton.png
      C:\Program Files\SweetIM\Messenger\resources\images\WinksButton.png
      C:\Program Files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll
      "C:\Program Files\SweetIM"
      C:\Users\Antonella\AppData\Roaming\Complitly\64
      C:\Users\Antonella\AppData\Roaming\Complitly\Complitly.dll
      C:\Users\Antonella\AppData\Roaming\Complitly\KeepMeUpdated.exe
      C:\Users\Antonella\AppData\Roaming\Complitly\64\Complitly64.dll
      C:\Users\Antonella\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
      "C:\Users\Antonella\AppData\Roaming\Complitly"
      C:\Program Files\Complitly\chrome
      C:\Program Files\Complitly\FireFoxExtensionWithFF8Fix.exe
      C:\Program Files\Complitly\FireFoxUninstaller.exe
      C:\Program Files\Complitly\InstTracker.exe
      C:\Program Files\Complitly\[email protected]
      C:\Program Files\Complitly\System.Data.SQLite.dll
      C:\Program Files\Complitly\unins000.dat
      C:\Program Files\Complitly\unins000.exe
      C:\Program Files\Complitly\chrome\ComplitlyChrome.crx
      C:\Program Files\Complitly\[email protected]\chrome
      C:\Program Files\Complitly\[email protected]\chrome.manifest
      C:\Program Files\Complitly\[email protected]\defaults
      C:\Program Files\Complitly\[email protected]\install.rdf
      C:\Program Files\Complitly\[email protected]\chrome\content
      C:\Program Files\Complitly\[email protected]\chrome\content\appIcon.png
      C:\Program Files\Complitly\[email protected]\chrome\content\browserOverlay.xul
      C:\Program Files\Complitly\[email protected]\chrome\content\options.js
      C:\Program Files\Complitly\[email protected]\chrome\content\options.xul
      C:\Program Files\Complitly\[email protected]\chrome\content\utils.js
      C:\Program Files\Complitly\[email protected]\defaults\preferences
      C:\Program Files\Complitly\[email protected]\defaults\preferences\predictad.js
      "C:\Program Files\Complitly"
      "C:\Users\Antonella\Appdata\Local\Conduit"
      "C:\ProgramData\Babylon"
      C:\Program Files\mozilla firefox\searchplugins\babylon.xml
      C:\Users\Antonella\Appdata\Local\GDIPFONTCACHEV1.DAT
      C:\Windows\system32\DEBUG.log
      C:\user.js


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AR&userid=b6241c47-b548-4aac-b43d-cabd9fd3423b&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
      Local Page == C:\Windows\system32\blank.htm
      Default_Search_URL == Upgrade to Google Chrome
      Default_Page_URL == about:blank

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == LocalStrike Search
      Local Page == C:\Windows\System32\blank.htm
      Default_Search_URL == LocalStrike Search
      Default_Page_URL == about:blank


      "HKEY_USERS\S-1-5-21-1736950741-1611260953-3403689371-1001\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=AR&userid=b6241c47-b548-4aac-b43d-cabd9fd3423b&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
      Local Page == C:\Windows\system32\blank.htm
      Default_Search_URL == Upgrade to Google Chrome
      Default_Page_URL == about:blank


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000&st=10&barid={AE3F2BD8-B6A3-11E1-A69E-002713DD22C3}");
      user_pref("browser.startup.homepage", "http://google.com");


      -_-_-_-_-_-_-_-_ Configuraciones de Opera-_-_-_-_-_-_-_-_
      Home URL=http://search.localstrike.com.ar


      ======= EOF =======



      El problema sigue apareciendo.
      Última edición por ivaaan_ fecha: 17/10/12 a las 20:34:05

    4. #4
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.135

      re: Feed Helperbar, SweetIM

      Buenas

      Ejecuta Atdestroyer y elige desinstalar.

      Despues realiza los siguientes pasos:
      Descarga y/o actualiza los siguientes programas pero no los ejecutes aun:
      Instala, y ejecuta glary utilities, despues ejecuta un mantenimiento one-click. Cualquier cosa te dejo su manual.

      Instala y actualiza Malwarebytes, te dejo su manual.
      • Realiza un escaneo Completo.
      • Cuando termine da en Mostrar resultados, y selecciona todo lo que aparesca y no este seleccionado.
      • Presiona en Eliminar Seleccionados, si te pide reiniciar procedes.


      Ejecuta WinsockFix y ejecutalo segun su manual y considerando tu sistema operativo, de usar window 7 o vista ejecuta el programa como administrador.

      Realiza un escaneo con Bitdefender QuickScan segun su manual y desactiva temporalmente cualquier programa de seguridad:
      Y cuando termine presiona View Report (ver reporte), se abrira un reporte que puedes guardar en una ubicacion conocida o pegar directamente. En esta imagen te muestro donde se saca:
      Nos traerias los reporetes de Malwarebytes (de la pestaña Registros del programa) y BitDefender(si no lo guardaste esta en %appdata%\QuickScan\Report [año]-[mes]-[dia] [hora].[minuto].[segundo].txt) y nos comentarias como se encuentra el sistema.

      Saludos
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de ivaaan_
      Registrado
      oct 2012
      Ubicación
      -
      Mensajes
      12

      Re: Feed Helperbar, SweetIM

      QuickScan 32-bit v0.9.9.118
      ---------------------------
      Fecha de Análisis: Thu Oct 18 2242 2012
      ID de la Máquina: 92E74B88
      Procesos
      --------
      AMD External Events 1344 C:\Windows\System32\atieclxx.exe
      AMD External Events 804 C:\Windows\System32\atiesrxx.exe
      APO Access Service (32-bit) 1844 C:\Program Files\IDT\WDM\AEstSrv.exe
      Ares p2p for windows 3540 C:\Program Files\Ares\Ares.exe
      Avira Free Antivirus 4036 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
      Avira Free Antivirus 1872 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      Avira Free Antivirus 2664 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
      Avira Free Antivirus 1668 C:\Program Files\Avira\AntiVir Desktop\sched.exe
      Bluetooth Software 1896 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
      CwService 2012 C:\Windows\System32\FsUsbExService.Exe
      Google Chrome 2528 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\chrome.exe
      Google Chrome 5664 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\chrome.exe
      Google Chrome 4576 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\chrome.exe
      Google Chrome 3452 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\chrome.exe
      Google Chrome 6116 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\chrome.exe
      Google Chrome 3404 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\chrome.exe
      Google Chrome 3360 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\chrome.exe
      HPPA_Service 1792 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
      hpqwmiex Module 3020 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
      HPWMISVC.exe 240 C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
      IDT PC Audio 1004 C:\Program Files\IDT\WDM\stacsv.exe
      IDT PC Audio 3920 C:\Program Files\IDT\WDM\sttray.exe
      InstallShield Update Service 3408 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      Java(TM) Platform SE Auto Updater 2 0 4692 C:\Program Files\Common Files\Java\Java Update\jucheck.exe
      Java(TM) Platform SE Auto Updater 2 0 3760 C:\Program Files\Common Files\Java\Java Update\jusched.exe
      Malwarebytes Anti-Malware 2472 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
      Malwarebytes Anti-Malware 368 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      Malwarebytes Anti-Malware 1120 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      Microsoft® CoReXT 1992 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
      Microsoft® CoReXT 2168 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
      Microsoft® Windows® Operating System 516 C:\Windows\System32\lsass.exe
      Microsoft® Windows® Operating System 1280 C:\Windows\System32\wbem\WmiPrvSE.exe
      Microsoft® Windows® Operating System 2836 C:\Windows\System32\wbem\WmiPrvSE.exe
      Mobile Data Protection System 1312 C:\Windows\System32\hpservice.exe
      Sistema operativo Microsoft® Windows® 5168 C:\Program Files\Windows Media Player\wmpnetwk.exe
      Sistema operativo Microsoft® Windows® 2464 C:\Windows\explorer.exe
      Sistema operativo Microsoft® Windows® 988 C:\Windows\servicing\TrustedInstaller.exe
      Sistema operativo Microsoft® Windows® 2672 C:\Windows\System32\conhost.exe
      Sistema operativo Microsoft® Windows® 4216 C:\Windows\System32\conhost.exe
      Sistema operativo Microsoft® Windows® 372 C:\Windows\System32\csrss.exe
      Sistema operativo Microsoft® Windows® 456 C:\Windows\System32\csrss.exe
      Sistema operativo Microsoft® Windows® 524 C:\Windows\System32\lsm.exe
      Sistema operativo Microsoft® Windows® 3384 C:\Windows\System32\rundll32.exe
      Sistema operativo Microsoft® Windows® 500 C:\Windows\System32\services.exe
      Sistema operativo Microsoft® Windows® 264 C:\Windows\System32\smss.exe
      Sistema operativo Microsoft® Windows® 1640 C:\Windows\System32\spoolsv.exe
      Sistema operativo Microsoft® Windows® 1184 C:\Windows\System32\sppsvc.exe
      Sistema operativo Microsoft® Windows® 2332 C:\Windows\System32\taskhost.exe
      Sistema operativo Microsoft® Windows® 444 C:\Windows\System32\wininit.exe
      Sistema operativo Microsoft® Windows® 728 C:\Windows\System32\winlogon.exe
      Sistema operativo Microsoft® Windows® 4196 C:\Windows\System32\wlanext.exe
      Sistema operativo Microsoft® Windows® 3456 C:\Windows\System32\WUDFHost.exe
      Stickies 3736 C:\Program Files\Stickies\stickies.exe
      Synaptics Pointing Device Driver 3640 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      Synaptics Pointing Device Driver 2696 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      TeamViewer 1528 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
      Windows Metadata Export Service 1964 C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
      Windows® Search 5508 C:\Windows\System32\SearchFilterHost.exe
      Windows® Search 2900 C:\Windows\System32\SearchIndexer.exe
      Windows® Search 5116 C:\Windows\System32\SearchProtocolHost.exe
      (verificado) Sistema operativo Microsoft® Windows® 2432 C:\Windows\System32\dwm.exe
      (verificado) Sistema operativo Microsoft® Windows® 740 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 864 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 1468 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 2888 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 1300 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 1248 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 1688 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 1752 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 1776 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 972 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 5600 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 920 C:\Windows\System32\svchost.exe
      (verificado) Sistema operativo Microsoft® Windows® 624 C:\Windows\System32\svchost.exe


      Actividad de red
      ----------------
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 173.194.42.55
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 173.194.42.13
      Proceso chrome.exe (3360) conectado en el puerto 443 (HTTP over SSL) --> 173.194.42.40
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 173.194.42.13
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 173.194.42.13
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 173.194.42.13
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 173.194.42.45
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 74.125.140.95
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 173.194.42.3
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 173.194.42.3
      Proceso chrome.exe (3360) conectado en el puerto 443 (HTTP over SSL) --> 173.194.42.5
      Proceso chrome.exe (3360) conectado en el puerto 443 (HTTP over SSL) --> 173.194.42.33
      Proceso chrome.exe (3360) conectado en el puerto 443 (HTTP over SSL) --> 173.194.42.3
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 23.12.175.144
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 23.12.175.144
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 173.252.101.16
      Proceso chrome.exe (3360) conectado en el puerto 443 (HTTP over SSL) --> 173.252.101.16
      Proceso chrome.exe (3360) conectado en el puerto 443 (HTTP over SSL) --> 173.252.101.16
      Proceso chrome.exe (3360) conectado en el puerto 443 (HTTP over SSL) --> 173.252.101.16
      Proceso chrome.exe (3360) conectado en el puerto 443 (HTTP over SSL) --> 173.194.42.11
      Proceso chrome.exe (3360) conectado en el puerto 443 (HTTP over SSL) --> 173.194.42.42
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 173.194.42.32
      Proceso chrome.exe (3360) conectado en el puerto 80 (HTTP) --> 37.59.67.149
      Proceso Ares.exe (3540) conectado en el puerto 12346 --> 190.36.210.156
      Proceso Ares.exe (3540) conectado en el puerto 27955 --> 201.208.112.92
      Proceso Ares.exe (3540) conectado en el puerto 58646 --> 177.83.232.133
      Proceso Ares.exe (3540) conectado en el puerto 13637 --> 186.23.74.220
      Proceso Ares.exe (3540) conectado en el puerto 31363 --> 189.90.112.8
      Proceso jucheck.exe (4692) conectado en el puerto 80 (HTTP) --> 23.67.244.25

      Proceso wininit.exe (444) escuchar en puertos: 49152 (RPC)
      Proceso services.exe (500) escuchar en puertos: 49158 (RPC)
      Proceso lsass.exe (516) escuchar en puertos: 49155 (RPC)
      Proceso svchost.exe (740) escuchar en puertos: 135 (RPC)
      Proceso svchost.exe (864) escuchar en puertos: 49153 (RPC)
      Proceso svchost.exe (972) escuchar en puertos: 49154 (RPC)
      Proceso Ares.exe (3540) escuchar en puertos: 45045


      Autoruns y archivos críticos
      ----------------------------
      Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
      Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      Adobe® Flash® Player Update Service C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      Alps Pointing-device Driver C:\Program Files\Apoint2K\Apoint.exe
      Ares p2p for windows C:\Program Files\Ares\Ares.exe
      Avira Free Antivirus C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
      EPSON Status Monitor 3 C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBB.EXE
      Glary Utilities C:\Program Files\Glary Utilities\initialize.exe
      Google Photos Screensaver C:\Windows\system32\GPhotos.scr
      IDT PC Audio C:\Program Files\IDT\WDM\sttray.exe
      InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
      Java(TM) Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe
      Sistema operativo Microsoft® Windows® c:\windows\system32\userinit.exe
      Stickies C:\Program Files\Stickies\stickies.exe
      Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (verificado) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
      (verificado) Google Update C:\Users\Antonella\AppData\Local\Google\Update\GoogleUpdate.exe
      (verificado) Google Update C:\Users\SILVIA\AppData\Local\Google\Update\GoogleUpdate.exe


      Plugins del Navegador
      ---------------------
      Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
      Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
      Bitdefender QuickScan C:\Users\Antonella\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
      Engine.dll C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\Engine.dll
      Google Update C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      Google Update C:\Users\Antonella\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      HTM Toolbar c:\program files\high tech marketing sl\htm\1.7.4.5\bh\htm.dll
      HTM Toolbar c:\program files\high tech marketing sl\htm\1.7.4.5\htmtlbr.dll
      Iminent c:\program files\iminent\iminent.webbooster.internetexplorer.dll
      InstallShield Update Service C:\Windows\Downloaded Program Files\isusweb.dll
      Java Deployment Toolkit 6.0.300.12 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
      Java(TM) Platform SE 6 U30 c:\program files\java\jre6\bin\jp2ssv.dll
      Java(TM) Platform SE 6 U30 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
      Java(TM) Platform SE 6 U30 c:\program files\java\jre6\bin\ssv.dll
      Microsoft Office WRC Control C:\Windows\Downloaded Program Files\wrc32.ocx
      Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
      Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
      Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll
      Microsoft® Windows® Operating System C:\Windows\system32\wshbth.dll
      Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
      MSN® Games by Zone.com C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll
      MSN® Games by Zone.com C:\Windows\Downloaded Program Files\MineSweeper.dll
      MSN® Games by Zone.com C:\Windows\Downloaded Program Files\msgrchkr.dll
      NP_wtapp.dll C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll
      npappworld.dll C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
      NPSWF32_11_4_402_287.dll C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
      Picasa C:\Program Files\Google\Picasa3\npPicasa3.dll
      setup_widget_serv.exe C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\setup_widget_serv.exe
      Shockwave for Director C:\Windows\system32\Adobe\Director\np32dsw.dll
      Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
      Sistema operativo Microsoft® Windows® C:\Windows\system32\mswsock.dll
      TODO: <Product name> C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\components\ffdisp.dll
      UNO Messenger C:\Windows\Downloaded Program Files\GAME_UNO1.dll
      Windows® Internet Explorer c:\windows\system32\ieframe.dll
      (verificado) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.dll
      (verificado) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.exe
      (verificado) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
      (verificado) Sistema operativo Microsoft® Windows® C:\Windows\system32\napinsp.dll
      (verificado) Sistema operativo Microsoft® Windows® C:\Windows\system32\pnrpnsp.dll
      Analizar
      --------
      MD5: 4393dcb856a2a109e266e6f59e2ef31a C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
      MD5: 826ddbbca98f2e6cd1dfe33cef33994c C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
      MD5: a79ed3ee94b229f164110a71226307c6 C:\Program Files\Apoint2K\Apoint.exe
      MD5: c796ac1332cc47940fb877cf9c2ceb49 C:\Program Files\Ares\Ares.exe
      MD5: bd6fb71bc7ea198275968d3c0b05f6cf C:\Program Files\Avira\AntiVir Desktop\aebb.dll
      MD5: 786019c7cfec0f16a0fb3c5367d7ea31 C:\Program Files\Avira\AntiVir Desktop\aecore.dll
      MD5: cd7b65e600b8ebc91b292c1ac9ec1215 C:\Program Files\Avira\AntiVir Desktop\aeemu.dll
      MD5: f3f3915eb5f81b9d0252953d56c0399f C:\Program Files\Avira\AntiVir Desktop\aeexp.dll
      MD5: c5b89e31d9dc26efca474ad7062afc4f C:\Program Files\Avira\AntiVir Desktop\aegen.dll
      MD5: 900acdad5d357bb26a571dca1fd6ad36 C:\Program Files\Avira\AntiVir Desktop\aehelp.dll
      MD5: 3afbe1d7be3f69eb80cde26977d5658b C:\Program Files\Avira\AntiVir Desktop\aeheur.dll
      MD5: 56a0f81c7513b9ca4ed975e42f4edb0d C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll
      MD5: 9c4a76ed4c34a741ab7ea0b1b0e5194f C:\Program Files\Avira\AntiVir Desktop\aepack.dll
      MD5: cf28139a8aecbf3bec26ca1a16fd69cf C:\Program Files\Avira\AntiVir Desktop\aerdl.dll
      MD5: 64605b72b605dede66d38e3d7094e73b C:\Program Files\Avira\AntiVir Desktop\aesbx.dll
      MD5: c4a8ee0ae033f01515240b1f5476410a C:\Program Files\Avira\AntiVir Desktop\aescn.dll
      MD5: 6661319f5af0e978e339546c8f1f9599 C:\Program Files\Avira\AntiVir Desktop\aescript.dll
      MD5: e75a782a8c218d03a0af54325132bc70 C:\Program Files\Avira\AntiVir Desktop\aevdf.dll
      MD5: 109e32163886d0a4343449d8bba2421e c:\program files\avira\antivir desktop\avesvc.dll
      MD5: f6fdf279238cf606e42da28ce82c31b7 c:\program files\avira\antivir desktop\avesvcr.dll
      MD5: 14855022d01d1b7e62629df9c228575b C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll
      MD5: aee597c49402b437aaf302dcf5cb5a73 C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL
      MD5: 32e9bfb9f2f0e0f28cedd606cae05dde C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
      MD5: 3f21f1c910bdbd84ef355c22b9a618f9 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
      MD5: 37d50bac60147fba0eb8f702e4b67bba C:\Program Files\Avira\AntiVir Desktop\avipc.dll
      MD5: d6b458fa729f00db3526f1ea84039054 c:\program files\avira\antivir desktop\avpref.dll
      MD5: b497555df18157a3b2aed130ea57b74c c:\program files\avira\antivir desktop\avreg.dll
      MD5: b38e11139fe126c716b8f43bad1539b3 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
      MD5: 9f07a0c859a0e6247d4ad991d56d54fa c:\program files\avira\antivir desktop\ccgen.dll
      MD5: c9eacd0eecc856a728097ed9d6ee06f4 c:\program files\avira\antivir desktop\ccgenrc.dll
      MD5: 1f4026851620081349b8d704e6284fa4 c:\program files\avira\antivir desktop\ccgrdrc.dll
      MD5: 061f9e67cfdee35978dfdf51f2ddf340 c:\program files\avira\antivir desktop\ccgrdw.dll
      MD5: 0b7d96b463934171d666335a1055f7cd c:\program files\avira\antivir desktop\ccguard.dll
      MD5: 6a0c34505fd9fe6bcc31e2fe246beac2 c:\program files\avira\antivir desktop\cclic.dll
      MD5: 505d72b8bba4217b626cae0baefb860e c:\program files\avira\antivir desktop\cclicrc.dll
      MD5: ce3ec3d4656d61e689964381c6cd34b7 c:\program files\avira\antivir desktop\ccmainrc.dll
      MD5: 9e206b5314ff9078af0bc07e99731d0e c:\program files\avira\antivir desktop\ccmsg.dll
      MD5: ebf9fa30def709142465d18fc2442cf4 c:\program files\avira\antivir desktop\ccmsgrc.dll
      MD5: b26167d3208ea5bf3e7153d4445975f9 c:\program files\avira\antivir desktop\ccupdate.dll
      MD5: a94625b896bbfa5cae4c87d7cfe1d2a0 c:\program files\avira\antivir desktop\ccupdrc.dll
      MD5: 18b5e68cfb963f5f9d4c35435426be44 C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll
      MD5: 03c885c71e6948ed1f235619f78adadb c:\program files\avira\antivir desktop\ccwgrd.dll
      MD5: 5d88b3956c8d13fe70ce90d83b1af528 C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
      MD5: cd3eca4b14064cca0a63103d8498098c c:\program files\avira\antivir desktop\cfglib.dll
      MD5: e1d507069364eb7eac15328990f2004a c:\program files\avira\antivir desktop\gpavgio.dll
      MD5: 1757c1faa178ae48161ead0ed692dcb3 c:\program files\avira\antivir desktop\gpgen.dll
      MD5: beae71724240e5dac6cfdf5ffc3f49e7 c:\program files\avira\antivir desktop\gpgenrep.dll
      MD5: 9ba48df233aa5371471704b38c7c6a1f c:\program files\avira\antivir desktop\gpgrd.dll
      MD5: c39d9c4642505fcf119f8301de7b8f8d c:\program files\avira\antivir desktop\gpgui.dll
      MD5: 1719a20f56060875d8df3a111b14df8f c:\program files\avira\antivir desktop\gpipc.dll
      MD5: 7339683df5003d96dfd335c1efb996e3 c:\program files\avira\antivir desktop\gplegacy.dll
      MD5: ef88e90d42461cb66a1873de9fa9c376 c:\program files\avira\antivir desktop\gpschd.dll
      MD5: 2a565216eb02e4d35c20b45bcb4326fc C:\Program Files\Avira\AntiVir Desktop\grdcore.dll
      MD5: 352d6abd2958de8b3813d0ace38d0c8a C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll
      MD5: 74e6cbf3f8833b58ab8a9338e507e271 c:\program files\avira\antivir desktop\onlcfg.dll
      MD5: 93b237c5b89efacd8d3aa4c999c9e312 C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
      MD5: e769eaaf73737190cbb5f39e239046c6 C:\Program Files\Avira\AntiVir Desktop\sched.exe
      MD5: a12a5263b73cc618a4f359ea4e5647d1 C:\Program Files\Avira\AntiVir Desktop\schedr.dll
      MD5: 503fe48bc3b68f40018520aeae3beac1 C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
      MD5: b8e421c0890356cd4a793d8a346d9096 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      MD5: 7d58c9bdf9c0a3955bdcde7387ad12ac C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      MD5: 1c46fc1ab600766b8554580204806e84 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
      MD5: 7d04f8cf659d852bc8d7275bd92dc000 C:\Program Files\Common Files\Java\Java Update\jucheck.exe
      MD5: 6e3245df783e58375b3465f03274743e C:\Program Files\Common Files\Java\Java Update\jusched.exe
      MD5: fc877611e178fa17e23f99d9694590a0 C:\Program Files\Common Files\Microsoft Shared\DAO\dao360.dll
      MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      MD5: 12b79422a23814429cda9e734c58f78f C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
      MD5: fb01d4ae207b9efdbabfc55dc95c7e31 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
      MD5: c649f293b8b047a2694f3c615d09bf17 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
      MD5: d65560625f5f6247332d0633f991b0f6 C:\Program Files\Glary Utilities\initialize.exe
      MD5: 5d4bc124faae6730ac002cdb67bf1a1c C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      MD5: 54bc55d3d9bd33a6ce38f811cf836794 C:\Program Files\Google\Picasa3\npPicasa3.dll
      MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      MD5: c84bcc03858daeac4db1e95efcce1934 C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
      MD5: ca54d75b928cc8c23dcecae9b7bb185d C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
      MD5: 69a92932f41d9a5a654c63727ed50dee C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.dll
      MD5: 3c7afd36241ea26ab4b79f9043a3bb82 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
      MD5: 9abd12fce4a62905731c286bb1d66789 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
      MD5: ef3ea06057132138b4e5895a61601dbe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
      MD5: c4aa2c6a60bb0be2a5864ff451a236ec c:\program files\high tech marketing sl\htm\1.7.4.5\bh\htm.dll
      MD5: 70d7660dc50c6941364d550c94f680f0 c:\program files\high tech marketing sl\htm\1.7.4.5\htmtlbr.dll
      MD5: 827dbc22c96eecf6d36a13162fabafd3 C:\Program Files\IDT\WDM\AEstSrv.exe
      MD5: f076ffe8af8398fdf2028f6eac5f1778 C:\Program Files\IDT\WDM\stacsv.exe
      MD5: 0e0d5a39e41fb04c629fa5f3fbcf574d C:\Program Files\IDT\WDM\STLang.dll
      MD5: 574d81986369275b25625b836625c36a C:\Program Files\IDT\WDM\sttray.exe
      MD5: d66056a52b6c2732c40494b41c00fc76 c:\program files\iminent\iminent.webbooster.internetexplorer.dll
      MD5: 5e4ff36923c37c80b537dce6caa755f9 C:\Program Files\Internet Explorer\ieproxy.dll
      MD5: f2121482c2968cd3b53ed53acc9277a5 c:\program files\java\jre6\bin\jp2ssv.dll
      MD5: ccc24faa47c47e66be61bf22603c5e3a C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
      MD5: e810acafa8e6d80117414b7ca036d626 c:\program files\java\jre6\bin\ssv.dll
      MD5: c0f7c25eefb1c5fd554aaa801201a83c C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
      MD5: 8eb9df4d405524d5ef69ae9ecb0edd16 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
      MD5: 12e33dd823d74680de6f33bfa359efb3 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
      MD5: a8ad2773202a3913d1e1564bd5703183 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
      MD5: 85b16a92b117a5a800032ecd904b86db C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      MD5: 20e2469db709fc675e655ceaa11be312 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      MD5: 711a2e6a55ec7bfd59b5f649d58b704b c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
      MD5: e9af8b12cffc04c0f4399ed8e4d3826e C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
      MD5: 99f97c9fe748c37528c338a423577fcb C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
      MD5: ff030b5f429a1a8c18821e4595599c1f C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
      MD5: 1405d5015bde94fbbe2f04c7cc7a25e1 C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
      MD5: 4393dcb856a2a109e266e6f59e2ef31a C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
      MD5: aca7bd6d9a45187dd82abb15cc971e24 C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
      MD5: f07af60b152221472fbdb2fecec4896d C:\Program Files\Skype\Updater\Updater.exe
      MD5: cbdbb0c9e4a4f0cb87d53422009810bd C:\Program Files\Stickies\shook70.dll
      MD5: 25f19d4bac1b454bae5d04d41886a0d5 C:\Program Files\Stickies\stickies.exe
      MD5: 4d03a990df08040817e91f2119cb8a1e C:\Program Files\sXe Injected\ddsxei.sys
      MD5: 05f9e556993537eb2e6f13d95055b1bb C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      MD5: df70cb47d1880059da7c524a91a7ca95 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      MD5: 8a9828975a857e477efef5a61ba45ac0 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
      MD5: 717faa23ef41395269169a4757e205ad C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll
      MD5: e1f6f7409bd843cfa05e2c314fe2c3bf C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
      MD5: ba72cfc2bf952da409a953e89d6fe2cd C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll
      MD5: c403c5db49a0f9aaf4f2128edc0106d8 C:\Program Files\WildTangent Games\App\GamesAppService.exe
      MD5: 089b5f924e96ba9c40e4e4522bf43770 c:\program files\windows defender\mprtp.dll
      MD5: 3b40d3a61aa8c21b88ae57c58ab3122e C:\Program Files\Windows Media Player\wmpnetwk.exe
      MD5: aefd5e1d91b86ab41d9705600303f34e C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{69C60A96-9052-4FDC-A4FE-D2C85CD551EF}\mpengine.dll
      MD5: b66b5b27c8c9881f90435a1f7fe370c3 C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
      MD5: 4d1d5601d0432a934c1ae350c62d8bcd C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
      MD5: fe83339e96a291f0fb3f7ca241cce44e C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
      MD5: 7f06b88ddeeeea5c482180ddf66804c9 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
      MD5: bc280f34612d5b1d69503c5646d3e8ad C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\chrome.dll
      MD5: 1c9b45e87528b8bb8cfa884ea0099a85 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\d3dcompiler_43.dll
      MD5: 86e39e9161c3d930d93822f1563c280d C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\d3dx9_43.dll
      MD5: abfa7811184fde6c7402271b3a3b1718 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\icudt.dll
      MD5: 357ed7a7af8b198e2b92e24938c22b00 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll
      MD5: 9cbb9b86ef857ff632f007b5b51a81fa C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
      MD5: e120e3c6c12b09262b9b64c3d93fce00 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
      MD5: 68d3573e3708bf5ee352e0d927ce256a C:\Users\Antonella\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
      MD5: 848d034d067be2ff5cd3d779becbda00 C:\Users\Antonella\AppData\Local\Google\Chrome\Application\chrome.exe
      MD5: 853e987a635c0008f53e3cc13290af6b C:\Users\Antonella\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
      MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Users\Antonella\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      MD5: b6d9025e2c61bf4a799ad5e8a0d56108 C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\components\ffdisp.dll
      MD5: 37292e19894edf028dfc2cad26920499 C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\Engine.dll
      MD5: ce394243f96573242c57d852638119f2 C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\setup_widget_serv.exe
      MD5: 368b2bee3f88bfb883d2c74a258de6f6 C:\Windows\AppPatch\AcLayers.DLL
      MD5: f6bc45de07725a1ecddaf32bda56e306 C:\Windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll
      MD5: f5ec808d10e58f009cf82962ac1b16cf C:\Windows\assembly\GAC_MSIL\Interop.HPQWMIEXLib\1.0.0.0__67b8d1b5179ba5f8\Interop.HPQWMIEXLib.dll
      MD5: cc72e1f4cb45038f2f43df882da2fa6c C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
      MD5: c2335d714efafffb4c7a3c164f2024b1 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
      MD5: 10307046e19c8ec964c792a798b32bb3 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
      MD5: 5f44b1a92e09e8803b0a10da6b1d15c9 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
      MD5: 3b919cbdde7ae3376ed296839846c3dd C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
      MD5: e4993a704aca876fc68e3fe2ef858e1e C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
      MD5: a490b22bd077d42e385581047801b6b2 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
      MD5: 17fadecb631ff8dbe735ba33409885c2 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
      MD5: bd23077cbad092a5ea5f77ed874f32a2 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
      MD5: 2291d1fabc087e43d4122cace1ca30f9 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
      MD5: 26a68554f95a344b62e5771af598e0e8 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
      MD5: 01d585c95a0e752effb11ea899b0e387 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
      MD5: 80f4a456633f78a26a3c6b16e64efec5 C:\Windows\Downloaded Program Files\GAME_UNO1.dll
      MD5: b8f39c9e0f0b71e454dba431cf3b99c9 C:\Windows\Downloaded Program Files\isusweb.dll
      MD5: 8945cca5fc4f25168e8b6f401efaf51f C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll
      MD5: e661e91b5929632665683222d509d271 C:\Windows\Downloaded Program Files\MineSweeper.dll
      MD5: 1e5cfdf9aebdd84305a4c8154277a269 C:\Windows\Downloaded Program Files\msgrchkr.dll
      MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\explorer.exe
      MD5: 75bcc4043512e41d83c8f224b168039c C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
      MD5: 4552f8f61a7975c2359d19673483604d C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
      MD5: 972dcc74d4cdcb64086e7cfacbdb74cb C:\Windows\Microsoft.NET\Framework\v2.0.50727\wminet_utils.dll
      MD5: c521d7eb6497bb1af6afa89e322fb43c C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      MD5: f476ec40033cdb91efbe73eb99b8362d C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
      MD5: 2c49b175aee1d4364b91b531417fe583 C:\Windows\servicing\TrustedInstaller.exe
      MD5: 3506073028f82a26771f703b18072fd9 C:\Windows\system32\accelerometerDLL.dll
      MD5: 9a39a2a5f443a756c568c6ed5748afe4 C:\Windows\System32\Actioncenter.dll
      MD5: 521b748a7f9923302ca18b7e6aa2eeae C:\Windows\system32\ACTIVEDS.dll
      MD5: d2958325c1ae1ae37a83334c6229e3bc C:\Windows\system32\actxprxy.dll
      MD5: b6a800d881a0176c544988870861e798 C:\Windows\system32\Adobe\Director\np32dsw.dll
      MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\system32\ADVAPI32.dll
      MD5: 8b794ae6d5c7d42092804bc39a2eb8f6 c:\windows\system32\AEPIC.dll
      MD5: 0419e8827e8bf83918f007bebb1ab127 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      MD5: 3c1897a32050d1594a40bc30a5b575e1 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      MD5: 97c0dd1a96684907fc1cdbb05f172376 C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      MD5: 7a61e612b2c4addac988233206201feb C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      MD5: 3e2e7f65a2173653182b5870f9a61d51 C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      MD5: 25ba6a58e93f8abc6a4f7a7eb698ed24 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      MD5: 73a78a7bc669ae5070d12522730602da C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      MD5: e232c962d3b087cacf0ab36721af2a1e C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      MD5: 8e9d89b673ef43e9526d8aef557402cd C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      MD5: 82d9d29b54e96c6efb26d76768375389 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      MD5: 2e980982c823ae14be1ef2f1f833a77d C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      MD5: 1b67ef92fd2ab3c74f17fde045f68a0c C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      MD5: 2ae62ba7e40f7f8024b41e0302bc30bc C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      MD5: c6a580f9a1b690877914e556f2693854 C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      MD5: e60d33ae58f909cbf7abe3fb19eb0e39 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      MD5: 0be3d3363b253069b592db0568372518 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      MD5: 8b6e1068a48899c1ef5dcb56f9e8cbeb C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      MD5: c56c14c562eba8cc9a74d379c3b7d408 C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      MD5: 4eed0208825a65cbdffa9ac95d730feb C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      MD5: a1cdea48729a22be69a33a1289b154b4 C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      MD5: 394c82d75383ff17307c155994679da2 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      MD5: e24d5fd658b93f6aad0eb60ad1a92220 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      MD5: 838c585cbea8a26be92b087e1a6fdff6 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      MD5: 364a6844ea41ec5abccfc6f119908c39 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      MD5: ae33e511ac83d95807ef2612186b81fc C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      MD5: 6391f2ff25b8244d3d82ea3312ef25a6 C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      MD5: b245c9d03dff80783b4987ab1645b2a7 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      MD5: 0b997865c325d6f3c9587a102518b055 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
      MD5: fb1959012294d6ad43e5304df65e3c26 C:\Windows\System32\appinfo.dll
      MD5: 8751ac6b4b8b2996ec76277d0939321b C:\Windows\system32\atiadlxx.dll
      MD5: 2ce87272b70b56e6dd0d8e34c9c1be0f C:\Windows\System32\atieclxx.exe
      MD5: c912be4cd6f1a4908d865d27281747d0 C:\Windows\System32\atiesrxx.exe
      MD5: 26b6ce84d8c6ecef4fc5b037ef4dc227 C:\Windows\system32\atiu9pag.dll
      MD5: 727b0810ba2d92974df96cb43ae100bc C:\Windows\system32\atiumdag.dll
      MD5: 2e01e4119c1d507727097b88f5b035f9 C:\Windows\system32\atiumdva.dll
      MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\System32\audioses.dll
      MD5: ce3b4e731638d2ef62fcb419be0d39f0 c:\windows\system32\audiosrv.dll
      MD5: cdd35c1ce1ebfe80c055691cdc8df443 C:\Windows\system32\authui.dll
      MD5: 6e30d02aac9cac84f421622e3a2f6178 C:\Windows\System32\AxInstSV.dll
      MD5: dab748ae0439955ed2fa22357533dddb C:\Windows\system32\basesrv.DLL
      MD5: 67c1b58706b47eeba4e117ac197289e6 C:\Windows\system32\BatMeter.dll
      MD5: 93720b6fa9943e3a03f49ec7c5619b60 C:\Windows\System32\bcmihvsrv.dll
      MD5: 1e2bac209d184bb851e1a187d8a29136 c:\windows\system32\bfe.dll
      MD5: f45ed8c4f9af862cd9992849b5203c11 C:\Windows\system32\bitsigd.dll
      MD5: 0552a8684bf7566f744d5b19ff6aec6b c:\windows\system32\bitsperf.dll
      MD5: 72910f1deb838e6e08a9017bfb7d4f0b C:\Windows\system32\BROWCLI.DLL
      MD5: 3daa727b5b0a45039b0e1c9a211b8400 c:\windows\system32\browser.dll
      MD5: e3d5e244807ad655787fcd25477cc1bc C:\Windows\system32\bthprops.cpl
      MD5: 7a6986dd659b96398a11af5173892715 C:\Windows\system32\Cabinet.dll
      MD5: 319c6b309773d063541d01df8ac6f55f C:\Windows\System32\certprop.dll
      MD5: 3ffaea12666e565ff51bf2fca674f543 C:\Windows\system32\CFGMGR32.dll
      MD5: ae9898d5600a232cd8ae3298692162e5 C:\Windows\system32\CLUSAPI.DLL
      MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
      MD5: 50ba656134f78af64e4dd3c8b6fefd7e C:\Windows\system32\cngaudit.dll
      MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\system32\comdlg32.dll
      MD5: 47005361ff2a479a0554f352266baed3 C:\Windows\System32\conhost.exe
      MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
      MD5: 108c2cfa5527458c096a699929ecbd80 C:\Windows\system32\credui.dll
      MD5: 60d21799a4af4edce65fb98830e4b0c8 C:\Windows\system32\CRYPT32.dll
      MD5: ca79539d3d4c0ba66f0f051a5ee5e923 C:\Windows\system32\cryptnet.dll
      MD5: 96c0e38905cfd788313be8e11dae3f2f c:\windows\system32\cryptsvc.dll
      MD5: 28ca821606669bb9215ce010767720fa C:\Windows\system32\CRYPTUI.dll
      MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\cscapi.dll
      MD5: 6c062ea09313872d2235027ef7a4554e C:\Windows\system32\CSRSRV.dll
      MD5: 342271f6142e7c70805b8a81e1ba5f5c C:\Windows\System32\csrss.exe
      MD5: 2de90400a63818fa38c4c5c9adb166bf C:\Windows\system32\d3d10_1.dll
      MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\Windows\system32\d3d10_1core.dll
      MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\system32\d3d9.dll
      MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 c:\windows\system32\dbghelp.dll
      MD5: e9e01eb683c132f7fa27cd607b8a2b63 c:\windows\system32\dhcpcore.dll
      MD5: 990a58a0b01720e419b55efc5ff387f8 C:\Windows\System32\dhcpcore6.dll
      MD5: ecf036299aa554b5e0455262857b39d0 C:\Windows\system32\diagperf.dll
      MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\DNSAPI.dll
      MD5: 100103c6535c66265267f5eea5f5846e C:\Windows\System32\dnsext.dll
      MD5: 33ef4861f19a0736b11314aad9ae28d0 c:\windows\system32\dnsrslvr.dll
      MD5: 3ef520a077afa7acc076fb3e0fe42ff5 C:\Windows\system32\dot3hc.dll
      MD5: 366ba8fb4b7bb7435e3b9eacb3843f67 C:\Windows\System32\dot3svc.dll
      MD5: 8ec04ca86f1d68da9e11952eb85973d6 c:\windows\system32\dps.dll
      MD5: 0c0df0f05baea320fa301f34e256e08b C:\Windows\system32\dpx.dll
      MD5: 1b133875b8aa8ac48969bd3458afe9f5 C:\Windows\system32\drivers\1394ohci.sys
      MD5: cc1f1d3d70dc13c2c281488d347d4415 C:\Windows\system32\DRIVERS\Accelerometer.sys
      MD5: cea80c80bed809aa0da6febc04733349 C:\Windows\system32\drivers\ACPI.sys
      MD5: 1efbc664abff416d1d07db115dcb264f C:\Windows\system32\drivers\acpipmi.sys
      MD5: 9ebbba55060f786f0fcaa3893bfa2806 C:\Windows\system32\drivers\afd.sys
      MD5: 04b2587c961c084634054d60d3eb385b C:\Windows\system32\DRIVERS\amdsata.sys
      MD5: c078b06811670b90a52ae51ac3808e1e C:\Windows\system32\DRIVERS\amdxata.sys
      MD5: 22403504e15810e99a563782e9d45311 C:\Windows\system32\DRIVERS\Apfiltr.sys
      MD5: aea177f783e20150ace5383ee368da19 C:\Windows\system32\drivers\appid.sys
      MD5: 76bab0c824e2d05b940c4dd40a9b08bf C:\Windows\system32\DRIVERS\athr.sys
      MD5: 36a49b49e982450ac117eda6ab35bdf5 C:\Windows\system32\drivers\AtiHdmi.sys
      MD5: 36838350b63b7a8b19f7d353a379601e C:\Windows\system32\DRIVERS\atikmpag.sys
      MD5: aca01c43d065e546c6dc88ea669ceca6 C:\Windows\system32\DRIVERS\AtiPcie.sys
      MD5: e07121048246866a50ab2e242521e8b7 C:\Windows\system32\DRIVERS\atipmdag.sys
      MD5: d5541f0afb767e85fc412fc609d96a74 C:\Windows\system32\DRIVERS\avgntflt.sys
      MD5: 7d967a682d4694df7fa57d63a2db01fe C:\Windows\system32\DRIVERS\avipbb.sys
      MD5: 53e56450da16a1a7f0d002f511113f67 C:\Windows\system32\DRIVERS\avkmgr.sys
      MD5: c8f0fa214af830bc4bbf6fb38631f5cc C:\Windows\system32\DRIVERS\bcmwl6.sys
      MD5: 8f2da3028d5fcbd1a060a3de64cd6506 C:\Windows\system32\DRIVERS\bowser.sys
      MD5: 77361d72a04f18809d0efb6cceb74d4b C:\Windows\system32\DRIVERS\bridge.sys
      MD5: 1153de2e4f5941e10c399cb5592f78a1 C:\Windows\System32\Drivers\BTHport.sys
      MD5: c81e9413a25a439f436b1d4b6a0cf9e9 C:\Windows\System32\Drivers\BTHUSB.sys
      MD5: 7061fe1715e5aded120fe4c608609357 C:\Windows\system32\drivers\btwampfl.sys
      MD5: a95b2fb3ca7b555b5cb306153f48ced8 C:\Windows\system32\drivers\btwaudio.sys
      MD5: 1f9cd885f1c548be93962ccabdb632e4 C:\Windows\system32\DRIVERS\btwavdt.sys
      MD5: de53089f0678cb5f0afeb867acb0fb05 C:\Windows\system32\DRIVERS\btwl2cap.sys
      MD5: a2d6c7b7b62a6c42dcb01204a6bd6fc2 C:\Windows\system32\DRIVERS\btwrchid.sys
      MD5: be167ed0fdb9c1fa1133953c18d5a6c9 C:\Windows\system32\DRIVERS\cdrom.sys
      MD5: 247b4ce2dab1160cd422d532d5241e1f C:\Windows\System32\Drivers\cng.sys
      MD5: cbe8c58a8579cfe5fccf809e6f114e89 C:\Windows\system32\drivers\CompositeBus.sys
      MD5: f024449c97ec1e464aaffda18593db88 C:\Windows\System32\Drivers\dfsc.sys
      MD5: ff7a7a1e0f9a0ab892a454ffb9d14bbe C:\Windows\system32\DRIVERS\dvmio.sys
      MD5: 23f5d28378a160352ba8f817bd8c71cb C:\Windows\System32\drivers\dxgkrnl.sys
      MD5: 8a73e79089b282100b9393b644cb853b C:\Windows\System32\DRIVERS\fvevol.sys
      MD5: 9036377b8a6c15dc2eec53e489d159b5 C:\Windows\system32\drivers\HDAudBus.sys
      MD5: a5ef29d5315111c80a5c1abad14c8972 C:\Windows\system32\drivers\HdAudio.sys
      MD5: 10c19f8290891af023eaec0832e1eb4d C:\Windows\system32\DRIVERS\hidusb.sys
      MD5: 4ef10b866c62abbeaf7511cdd05a19be C:\Windows\system32\DRIVERS\hpdskflt.sys
      MD5: 871917b07a141bff43d76d8844d48106 C:\Windows\system32\drivers\HTTP.sys
      MD5: 0c4e035c7f105f1299258c90886c64c5 C:\Windows\System32\drivers\hwpolicy.sys
      MD5: 5cd5f9a5444e6cdcb0ac89bd62d8b76e C:\Windows\system32\drivers\iaStorV.sys
      MD5: 4bd7134618c1d2a27466a099062547bf C:\Windows\system32\drivers\IPMIDrv.sys
      MD5: 9e3ced91863e6ee98c24794d05e27a71 C:\Windows\system32\DRIVERS\kbdhid.sys
      MD5: b7895b4182c0d16f6efadeb8081e8d36 C:\Windows\System32\Drivers\ksecdd.sys
      MD5: d30159ac9237519fbc62c6ec247d2d46 C:\Windows\System32\Drivers\ksecpkg.sys
      MD5: 500d089ce760d83da2b6cba681aa9949 C:\Windows\system32\drivers\mbam.sys
      MD5: fc8771f45ecccfd89684e38842539b9b C:\Windows\System32\drivers\mountmgr.sys
      MD5: 2d699fb6e89ce0d8da14ecc03b3edfe0 C:\Windows\system32\drivers\mpio.sys
      MD5: ceb46ab7c01c9f825f8cc6babc18166a C:\Windows\system32\drivers\mrxdav.sys
      MD5: 5d16c921e3671636c0eba3bbaac5fd25 C:\Windows\system32\DRIVERS\mrxsmb.sys
      MD5: 6d17a4791aca19328c685d256349fefc C:\Windows\system32\DRIVERS\mrxsmb10.sys
      MD5: b81f204d146000be76651a50670a5e9e C:\Windows\system32\DRIVERS\mrxsmb20.sys
      MD5: 012c5f4e9349e711e11e0f19a8589f0a C:\Windows\system32\drivers\msahci.sys
      MD5: 55055f8ad8be27a64c831322a780a228 C:\Windows\system32\drivers\msdsm.sys
      MD5: cb7a9abb12b8415bce5d74994c7ba3ae C:\Windows\system32\drivers\msiscsi.sys
      MD5: 8c9c922d71f1cd4def73f186416b7896 C:\Windows\system32\drivers\ndis.sys
      MD5: d8a65dafb3eb41cbb622745676fcd072 C:\Windows\system32\DRIVERS\ndisuio.sys
      MD5: 38fbe267e7e6983311179230facb1017 C:\Windows\system32\DRIVERS\ndiswan.sys
      MD5: 280122ddcf04b378edd1ad54d71c1e54 C:\Windows\System32\DRIVERS\netbt.sys
      MD5: b3e25ee28883877076e0e1ff877d02e0 C:\Windows\system32\drivers\nvraid.sys
      MD5: 4380e59a170d88c4f1022eff6719a8a4 C:\Windows\system32\drivers\nvstor.sys
      MD5: 3f34a1b4c5f6475f320c275e63afce9b C:\Windows\System32\drivers\partmgr.sys
      MD5: 673e55c3498eb970088e812ea820aa8f C:\Windows\system32\drivers\pci.sys
      MD5: d528bc58a489409ba40334ebf96a311b C:\Windows\system32\DRIVERS\rdbss.sys
      MD5: 23dae03f29d253ae74c44f99e515f9a1 C:\Windows\System32\DRIVERS\RDPCDD.sys
      MD5: 518395321dc96fe2c9f0e96ac743b656 C:\Windows\System32\drivers\rdyboost.sys
      MD5: f17713d108aca124a139fde877eef68a C:\Windows\System32\Drivers\RimUsb.sys
      MD5: 5283b9a27ff230f2ff70d92451ff409a C:\Windows\system32\DRIVERS\Rt86win7.sys
      MD5: 867beb23207ba425c85293bb0d3ea971 C:\Windows\System32\Drivers\RtsUStor.sys
      MD5: 05d860da1040f111503ac416ccef2bca C:\Windows\system32\drivers\sbp2port.sys
      MD5: 0693b5ec673e34dc147e195779a4dcf6 C:\Windows\System32\DRIVERS\scfilter.sys
      MD5: 0328be1c7f1cba23848179f8762e391c C:\Windows\system32\drivers\sdbus.sys
      MD5: 6d4ccaedc018f1cf52866bbbaa235982 C:\Windows\system32\drivers\sffp_sd.sys
      MD5: e4c2764065d66ea1d2d3ebc28fe99c46 C:\Windows\System32\DRIVERS\srv.sys
      MD5: 03f0545bd8d4c77fa0ae1ceedfcc71ab C:\Windows\System32\DRIVERS\srv2.sys
      MD5: be6bd660caa6f291ae06a718a4fa8abc C:\Windows\System32\DRIVERS\srvnet.sys
      MD5: f71736dc79731c98698b93326e01a6bd C:\Windows\system32\DRIVERS\stwrt.sys
      MD5: d302eb76f9df62191c9c32c30fbd1b0a C:\Windows\system32\DRIVERS\SynTP.sys
      MD5: a5ebb8f648000e88b7d9390b514976bf C:\Windows\System32\drivers\tcpip.sys
      MD5: cca24162e055c3714ce5a88b100c64ed C:\Windows\System32\drivers\tcpipreg.sys
      MD5: 1cb91b2bd8f6dd367dfc2ef26fd751b2 C:\Windows\system32\drivers\tdpipe.sys
      MD5: 2c2c5afe7ee4f620d69c23c0617651a8 C:\Windows\system32\drivers\tdtcp.sys
      MD5: b459575348c20e8121d6039da063c704 C:\Windows\system32\DRIVERS\tdx.sys
      MD5: 04dbf4b01ea4bf25a9a3e84affac9b20 C:\Windows\system32\drivers\termdd.sys
      MD5: 254bb140eee3c59d6114c1a86b636877 C:\Windows\System32\DRIVERS\tssecsrv.sys
      MD5: fd1d6c73e6333be727cbcc6054247654 C:\Windows\system32\drivers\tsusbflt.sys
      MD5: b2fa25d9b17a68bb93d58b0556e8c90d C:\Windows\system32\DRIVERS\tunnel.sys
      MD5: ee43346c7e4b5e63e54f927babbb32ff C:\Windows\system32\DRIVERS\udfs.sys
      MD5: d295bed4b898f0fd999fcfa9b32b071b C:\Windows\system32\drivers\umbus.sys
      MD5: 7abbdc3b08950992d218fa1e52d52a96 C:\Windows\System32\drivers\UMDF\WpdFs.dll
      MD5: bd9c55d7023c5de374507acc7a14e2ac C:\Windows\system32\DRIVERS\usbccgp.sys
      MD5: f92de757e4b7ce9c07c5e65423f3ae3b C:\Windows\system32\DRIVERS\usbehci.sys
      MD5: e5b14557793164db879ee56f5b59c3e2 C:\Windows\system32\DRIVERS\usbfilter.sys
      MD5: 8dc94aec6a7e644a06135ae7506dc2e9 C:\Windows\system32\DRIVERS\usbhub.sys
      MD5: e185d44fac515a18d9deddc23c2cdf44 C:\Windows\system32\DRIVERS\usbohci.sys
      MD5: f991ab9cc6b908db552166768176896a C:\Windows\system32\DRIVERS\USBSTOR.SYS
      MD5: 68df884cf41cdada664beb01daf67e3d C:\Windows\system32\drivers\usbuhci.sys
      MD5: 45f4e7bf43db40a6c6b4d92c76cbc3f2 C:\Windows\System32\Drivers\usbvideo.sys
      MD5: 5461686cca2fda57b024547733ab42e3 C:\Windows\system32\drivers\vhdmp.sys
      MD5: 4c63e00f2f4b5f86ab48a58cd990f212 C:\Windows\system32\drivers\volmgr.sys
      MD5: f497f67932c6fa693d7de2780631cfe7 C:\Windows\system32\drivers\volsnap.sys
      MD5: e00fdfaff025e94f9821153750c35a6d C:\Windows\system32\DRIVERS\VSTAZL3.SYS
      MD5: bc0c7ea89194c299f051c24119000e17 C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
      MD5: ceb4e3b6890e1e42dca6694d9e59e1a0 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
      MD5: 3c3c78515f5ab448b022bdf5b8ffdd2e C:\Windows\system32\DRIVERS\wanarp.sys
      MD5: a67e5f9a400f3bd1be3d80613b45f708 C:\Windows\system32\DRIVERS\WinUsb.sys
      MD5: e714a1c0354636837e20ccbf00888ee7 C:\Windows\system32\drivers\WudfPf.sys
      MD5: 1023ee888c9b47178c5293ed5336ab69 C:\Windows\system32\DRIVERS\WUDFRd.sys
      MD5: 46812cce46977abe98aa1864f0a6ddd6 C:\Windows\system32\DRIVERS\xlkfs.sys
      MD5: b07c5b7efdf936ff93d4f540938725be C:\Windows\system32\DRIVERS\yk62x86.sys
      MD5: 497e59d9f01c6f247e72222a61835119 C:\Windows\system32\dwmcore.dll
      MD5: 754afc50022c95da7c86b7020db78136 C:\Windows\system32\dwmredir.dll
      MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\Windows\system32\dxgi.dll
      MD5: addb05c93272a62606599b24730bd645 C:\Windows\system32\dxp.dll
      MD5: b20dd954d1ad81e47018a2033e233a32 C:\Windows\System32\E_FLBFBB.DLL
      MD5: f4f3eae16ae6fd93e1f22df295e2a7fc C:\Windows\System32\E_FLBGGB.DLL
      MD5: 9a892b3439884c62b04718f0303a49e9 C:\Windows\system32\eapphost.dll
      MD5: 91f434ff6606ed9bdc6a05d651b69553 C:\Windows\system32\efslsaext.dll
      MD5: 8444a7364d6877922049e99bf4b78c5c C:\Windows\system32\elscore.dll
      MD5: 02a2ed8497f437ea200df3aced255afe C:\Windows\system32\ElsLad.dll
      MD5: 5c3f9dba818cd93379d1a0f215270374 c:\windows\system32\ESENT.dll
      MD5: 53af1750fd45ddd705c9b68c7dc58827 C:\Windows\system32\EVR.dll
      MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\EXPLORERFRAME.dll
      MD5: f34cfada6c48daa41b996d24c7d8d3ca C:\Windows\system32\fdPnp.dll
      MD5: 674611721264013db169ec12afc9c3b6 C:\Windows\system32\fdssdp.dll
      MD5: de6f4b7e62fde776f3de8e5fb5a05c48 C:\Windows\system32\fdwsd.dll
      MD5: b3a5ec6b6b6673db7e87c2bcdbddc074 c:\windows\system32\fntcache.dll
      MD5: d0481fb85beedd30a0884be327880f80 C:\Windows\system32\framedynos.dll
      MD5: b07663a810e861eebfd0eac7e82ca62d C:\Windows\system32\FsUsbExDisk.SYS
      MD5: f96c429788350db4ba6771c3034dfd88 C:\Windows\System32\FsUsbExService.Exe
      MD5: e6d90dc604f407b3b5e0fd285e46b2a0 C:\Windows\system32\FVEAPI.dll
      MD5: c87f28a34b3840f4b40011d170b1a159 C:\Windows\system32\FVECERTS.dll
      MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\system32\fwpuclnt.dll
      MD5: db603d3fd090c66f9709ef6493c26ba3 c:\windows\system32\FwRemoteSvr.DLL
      MD5: 126f8331bd023178c7f0ef2f5ede16b3 C:\Windows\System32\FXSMON.DLL
      MD5: 967ea5b213e9984cbe270205df37755b C:\Windows\system32\fxssvc.exe
      MD5: 19bc13711ac403feb830522e4831701b C:\Windows\System32\gameux.dll
      MD5: e87f5393f7d8ce2facc4dff703531392 C:\Windows\system32\GDI32.dll
      MD5: 9799c6be0dc68f8135575628a703c876 C:\Windows\system32\GPhotos.scr
      MD5: e897eaf5ed6ba41e081060c9b447a673 c:\windows\system32\gpsvc.dll
      MD5: c7952d0a4c43a965a1741916bb134751 C:\Windows\System32\hgcpl.dll
      MD5: e2f6cc0d191361ee94fea3957653f531 C:\Windows\system32\hidphone.tsp
      MD5: c0beb56ed79b59b7b33d0aa6c38a0ba6 C:\Windows\System32\hpservice.exe
      MD5: 8cd1dee212e52b9c22e66dba44991d32 c:\windows\system32\HTTPAPI.dll
      MD5: 0ba3f31e2b4d8d99df8dd19e81155374 c:\windows\system32\ieframe.dll
      MD5: eb8a00e8e9931a7ec04f920b09d880d8 C:\Windows\system32\iertutil.dll
      MD5: f95622f161474511b8d80d6b093aa610 c:\windows\system32\ikeext.dll
      MD5: b2db6aba2e292235749b80a9c3dfa867 C:\Windows\system32\imagehlp.dll
      MD5: 2d11bc8b460957e62e4420373a0d8bda C:\Windows\system32\imapi2.dll
      MD5: 4a8e2f20809cc161107faa94f6cf2685 C:\Windows\system32\IMM32.DLL
      MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\system32\IPHLPAPI.DLL
      MD5: 4d65a07b795d6674312f879d09aa7663 c:\windows\system32\iphlpsvc.dll
      MD5: 53946b69ba0836bd95b03759530c81ec c:\windows\system32\ipsecsvc.dll
      MD5: 509d846fdf0c83158ed5970de751364c C:\Windows\system32\jsproxy.dll
      MD5: bda0b954a30498b5a7edc6204cba07ed C:\Windows\system32\kerberos.DLL
      MD5: 6f93a0f455963dc8a9a16bb682c8d589 C:\Windows\system32\kernel32.dll
      MD5: ce90695129bd27591c47f7a4ab526789 C:\Windows\system32\KERNELBASE.dll
      MD5: af75dba674e55221b7a055b0a4345f16 C:\Windows\system32\keyiso.dll
      MD5: f3fb146cdbdd26fcd0cf7941c547bee4 C:\Windows\system32\kmddsp.tsp
      MD5: 196b4e3f4cccc24af836ce58facbb699 C:\Windows\system32\kmsvc.dll
      MD5: c1585eaa67c37a05bf6f93726fafc069 c:\windows\system32\l2gpstore.dll
      MD5: 6658f4404de03d75fe3ba09f7aba6a30 C:\Windows\system32\ListSvc.dll
      MD5: 9ede13f62e7be92dba561218eddc4e21 C:\Windows\system32\livessp.DLL
      MD5: 55ca01ba19d0006c8f2639b6c045e08b c:\windows\system32\lmhsvc.dll
      MD5: 74af6aa2e8b3180aadae5fe8813cb1cd C:\Windows\System32\localspl.dll
      MD5: 8ea53101ff2b15bdff934b62a8fb326d C:\Windows\system32\logoncli.dll
      MD5: c95ca687d32ddab1c91e1122e80d5e16 C:\Windows\system32\lsasrv.dll
      MD5: 81951f51e318aecc2d68559e47485cc4 C:\Windows\System32\lsass.exe
      MD5: 8aea9a37c1a3565a204d37c5e72ab791 C:\Windows\System32\lsm.exe
      MD5: 44c00a385ca9dbc1d5cf3781f8c26aea C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      MD5: e7bc792810ec02dd1f7ed25d830e9324 C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
      MD5: 8bc9db92c4b2f3be89185beab2afc1f6 C:\Windows\system32\MAPI32.dll
      MD5: fdba1dec4f9be4274a00b9b850c63484 C:\Windows\system32\mf.dll
      MD5: b4e91c857c886c8731f7969d9a85665d C:\Windows\system32\MFC100ESN.DLL
      MD5: f3de10aabd5c7a1a186c9966f037d0c0 C:\Windows\system32\mfc100u.dll
      MD5: dc6612a9ee015a36ba2a27bc9cc12537 C:\Windows\system32\MFC42.DLL
      MD5: 24caedcd73b5b0e22226283b7b2468c7 C:\Windows\system32\MFC42u.dll
      MD5: 243974ec02f7ae49e4179c54624143ab c:\windows\system32\MMDevAPI.DLL
      MD5: 4eaf682e27490a3d45c0ebb6537ee6a8 C:\Windows\system32\modemui.dll
      MD5: d4191efab91e00fc09257aa5ebaf503b C:\Windows\System32\MPRAPI.dll
      MD5: 9835584e999d25004e1ee8e5f3e3b881 c:\windows\system32\mpssvc.dll
      MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\system32\MSASN1.dll
      MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
      MD5: d83947a58613e9091b4c9cc0f1546a8d C:\Windows\SYSTEM32\MSCOREE.DLL
      MD5: 3a16ea01fcfaab40882db5bfee632322 C:\Windows\system32\MsftEdit.dll
      MD5: a6c29db53eca94fa8591c5388d604b82 C:\Windows\system32\msi.dll
      MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
      MD5: c5413bc4f10ceb4c3070bbf04d324117 C:\Windows\system32\MSISIP.DLL
      MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll
      MD5: 3de43bfdaf3f8979699650202aa18b12 C:\Windows\system32\msmpeg2vdec.dll
      MD5: 387a8a473ecc5ba02cf453277c1f3274 c:\windows\system32\mspatcha.dll
      MD5: c90878913df3dc504790282043db5f4c C:\Windows\system32\msprivs.DLL
      MD5: db67c7c62038bde813cb6486581a7611 C:\Windows\system32\mssph.dll
      MD5: 0241cb16136b9a4939ca0395768ae286 C:\Windows\system32\MSSRCH.DLL
      MD5: 56ceed370508f69a1ba04939bd1badda C:\Windows\system32\MSUTB.dll
      MD5: 4c1e16b9a53102c8d6fba587cbcb95de C:\Windows\system32\msv1_0.DLL
      MD5: bc83108b18756547013ed443b8cdb31b C:\Windows\system32\MSVCP100.dll
      MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\Windows\system32\MSVCR100.dll
      MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\Windows\system32\msvcrt.dll
      MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\system32\mswsock.dll
      MD5: 1cdea9188899e76d4ffd54c9d512ccdb C:\Windows\System32\msxml3.dll
      MD5: d9a9702e43a5859896f34898d5fd3fec C:\Windows\System32\msxml6.dll
      MD5: 8b57a1ad493653bb57f281fe75dd175b C:\Windows\System32\NaturalLanguage6.dll
      MD5: 45d9f6cd2469cdb6a640dd4bd2b01471 C:\Windows\system32\NCI.dll
      MD5: a4cc7227a452c4909f9499d91b184364 C:\Windows\system32\NCObjAPI.DLL
      MD5: 591fe0a6ceb19bf886ceb1331f591940 C:\Windows\system32\ncrypt.dll
      MD5: 75ea62927355189876081ef863064982 c:\windows\system32\ncsi.dll
      MD5: 3d2c126424666944eff0a3c5d15cbffa C:\Windows\system32\ndfetw.dll
      MD5: ffa41043b3ac524585e36cbca2032253 C:\Windows\system32\ndfhcdiscovery.dll
      MD5: bf517d3316953b137183dd0067fd0546 C:\Windows\system32\ndishc.dll
      MD5: aa11a26692e0db2996caefe9ec61f61f C:\Windows\system32\ndptsp.tsp
      MD5: 6dcfaec6d1334aa6cdf8961db4633cbf C:\Windows\system32\negoexts.DLL
      MD5: 2fca0d2c59a855c54bafa22aa329df0f c:\windows\system32\NETAPI32.dll
      MD5: 1ff7e4f548c7c372c804938f0d5b36ae C:\Windows\system32\netcfgx.dll
      MD5: cc84e67f8e7fa340175ff1cf1a852e32 C:\Windows\system32\netcorehc.dll
      MD5: c6fa3cbf5c6bd7b9bcb63441c6d67ea7 C:\Windows\system32\netdiagfx.dll
      MD5: e343cabbd8d600abaf3f11625d33b3d0 C:\Windows\system32\netjoin.dll
      MD5: c1809b9907adedaf16f50c894100883b C:\Windows\system32\netlogon.DLL
      MD5: eab975db4c2805927fe5bd047d05c9aa C:\Windows\System32\netshell.dll
      MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
      MD5: 3d57ffbad3ed16b63de3879bab0fb56f C:\Windows\system32\NetworkExplorer.dll
      MD5: 104a1070e90f1c530328e69b49718841 C:\Windows\System32\nlaapi.dll
      MD5: 912084381d30d8b89ec4e293053f4710 c:\windows\system32\nlasvc.dll
      MD5: cccd41db1bfef9fe46e4aebbca7699b4 C:\Windows\System32\NLSData000a.dll
      MD5: d2a937964199f647b1c3bc435712e5d9 c:\windows\system32\nrpsrv.DLL
      MD5: ba387e955e890c8a88306d9b8d06bf17 c:\windows\system32\nsisvc.dll
      MD5: c30a91ade8c9cb91e4281ec83c4500c6 C:\Windows\SYSTEM32\ntdll.dll
      MD5: 03f3b770dfbed6131653ceda8ca780f0 C:\Windows\system32\ntshrui.dll
      MD5: 7d34af98a706230cc2dedfe0cabf87ab C:\Windows\system32\ODBC32.dll
      MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\system32\ole32.dll
      MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\OLEACC.dll
      MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\system32\OLEAUT32.dll
      MD5: 703ffd301ab900b047337c5d40fd6f96 C:\Windows\system32\OLEPRO32.DLL
      MD5: f748f53fe09d21d8ecbb6421e6792024 c:\windows\system32\OneX.DLL
      MD5: 7e82616bee76bf5eaa5b30f681414e21 C:\Windows\system32\perftrack.dll
      MD5: 37cc990d4e2cdfae12ac47f6b620fc13 C:\Windows\system32\pku2u.DLL
      MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
      MD5: 3d6f22551d422f97aacb0bb927e4c846 C:\Windows\System32\pnidui.dll
      MD5: e98278865e8daba21cfe5fe4be34210a C:\Windows\system32\PortableDeviceApi.dll
      MD5: 81490fdae27f0082e5cc2dc78dca96fa C:\Windows\System32\portabledeviceclassextension.dll
      MD5: c693e642acfbdd76433af6be3c3eee6f C:\Windows\System32\portabledeviceconnectapi.dll
      MD5: 2b389c1ac7186c32dc695e28e5ecea32 C:\Windows\system32\pots.dll
      MD5: 03cf941d031f30272d3063e5a4d686f5 C:\Windows\System32\PrintIsolationProxy.dll
      MD5: c8333f1f77a1b2e25f2202e892caf634 C:\Windows\system32\prnfldr.dll
      MD5: cadefac453040e370a1bdff3973be00d c:\windows\system32\profsvc.dll
      MD5: 12c45e3cb6d65f73209549e2d02eca7a c:\windows\system32\PROPSYS.dll
      MD5: dbc02d918fff1cad628acbe0c0eaa8e8 c:\windows\system32\provsvc.dll
      MD5: 02530b0b7e048dd5ac8d52daeacaeb2b C:\Windows\System32\QAgent.dll
      MD5: 61d57a5d7c6d9afe10e77dae6e1b445e C:\Windows\system32\qagentRT.dll
      MD5: e585445d5021971fae10393f0f1c3961 c:\windows\system32\qmgr.dll
      MD5: 0ae0c4955e1de29ccdc9da1b816fe5ee C:\Windows\system32\quartz.dll
      MD5: bd626ef05967d14c772b8096292731a3 C:\Windows\System32\QUtil.dll
      MD5: 7ffd52d73352806969d424ef327d10a7 C:\Windows\system32\radardt.dll
      MD5: 207cf171b1c6b8ae50c1fbf87363eebc C:\Windows\System32\raschap.dll
      MD5: cb9e04dc05eacf5b9a36ca276d475006 c:\windows\system32\rasmans.dll
      MD5: 67f9b5c7e215b48f9256757e9cc09a7b C:\Windows\system32\rasppp.dll
      MD5: b2e1e4a16edd02396f451f915fa3cbfa C:\Windows\system32\rastapi.DLL
      MD5: 2af094c822bd6094f14a8e85fb51d52a C:\Windows\system32\RESUTILS.DLL
      MD5: 102cf6879887bbe846a00c459e6d4abc C:\Windows\system32\RICHED20.dll
      MD5: b5506b451bfe7148eca7056bda2970bd C:\Windows\system32\RICHED32.DLL
      MD5: 6400774e903729add0a62a24a334ee56 C:\Windows\system32\RPCRT4.dll
      MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
      MD5: 7660f01d3b38aca1747e397d21d790af c:\windows\system32\rpcss.dll
      MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\System32\rtutils.dll
      MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\system32\samcli.dll
      MD5: 245f4691314f42d4d1bc06442f0b2086 C:\Windows\system32\SAMSRV.dll
      MD5: 8124944ec89d6a1815e4e53f5b96aaf4 C:\Windows\system32\scecli.DLL
      MD5: 250aa41de690561af1282d598914564c C:\Windows\system32\SCESRV.dll
      MD5: 3369d021265e369d57317d61fa86dd79 C:\Windows\system32\scext.dll
      MD5: 3d3cbd1847f980fb03343a63671e7886 C:\Windows\system32\schannel.DLL
      MD5: a42e7748be906434c5fd17161d168c20 C:\Windows\system32\SCHEDCLI.DLL
      MD5: a04bb13f8a72f8b6e8b4071723e4e336 c:\windows\system32\schedsvc.dll
      MD5: 08236c4bce5edd0a0318a438af28e0f7 C:\Windows\System32\SDRSVC.dll
      MD5: a6cd6b3f71e13e2e45b727fb8a47ea87 C:\Windows\System32\SearchFilterHost.exe
      MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\System32\SearchIndexer.exe
      MD5: e1ac89f6c5252057e6062843e36a6701 C:\Windows\System32\SearchProtocolHost.exe
      MD5: 69678722290c78d5d7198c60b5a4e3e8 C:\Windows\system32\secur32.dll
      MD5: 5f1b6a9c35d3d5ca72d6d6fdef9747d6 C:\Windows\System32\services.exe
      MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
      MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\system32\SETUPAPI.dll
      MD5: f14a9b1778376d0b1788e402ac1f831a C:\Windows\System32\shacct.dll
      MD5: be247ae996a9fde007a27b51413a6c79 C:\Windows\System32\shdocvw.dll
      MD5: 29e9794708df51db5dc89fb2e903a0f6 C:\Windows\system32\SHELL32.dll
      MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\system32\SHLWAPI.dll
      MD5: 414da952a35bf5d50192e28263b40577 c:\windows\system32\shsvcs.dll
      MD5: 16742790895960690237a5143cedec8b C:\Windows\System32\smss.exe
      MD5: 2cfa4569350b7f84f815e9ec34e85766 C:\Windows\system32\SndVolSSO.DLL
      MD5: 4b9e4ce667df26ada061aa81e9aa841d C:\Windows\system32\SPFILEQ.dll
      MD5: 7ac2182fa963efd2f72e8399bf0e67f9 C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBB.EXE
      MD5: cd72c6406ba561bed6d42cb145e55307 C:\Windows\system32\spool\PRTPROCS\W32X86\winprint.dll
      MD5: 629181c26a78eb66b0b4e774e5ac2882 C:\Windows\System32\SPOOLSS.DLL
      MD5: 9aea093b8f9c37cf45538382caba2475 C:\Windows\System32\spoolsv.exe
      MD5: 971a36c4827ad1ae2a54e6407478921a C:\Windows\system32\SPP.dll
      MD5: cf87a1de791347e75b98885214ced2b8 C:\Windows\System32\sppsvc.exe
      MD5: b0180b20b065d89232a78a40fe56eaa6 C:\Windows\system32\sppuinotify.dll
      MD5: ce292c4c10b8db6070f262ea2733f0dc c:\windows\system32\sqmapi.dll
      MD5: 674b0c0f6a448eb185caab9c51d44032 C:\Windows\System32\srchadmin.dll
      MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
      MD5: d64af876d53eca3668bb97b51b4e70ab c:\windows\system32\srvsvc.dll
      MD5: 89e783711af91af09e1ef30ef3107446 C:\Windows\system32\SSCORE.DLL
      MD5: 4a054c853031616d161a84becf281f47 C:\Windows\system32\SSPICLI.DLL
      MD5: e361ae3010ea4b3123dab5bdae21798f C:\Windows\system32\SspiSrv.dll
      MD5: fbf71e42234ace3e0e06cf02e2ee42bb C:\Windows\system32\stapi32.dll
      MD5: 912649a1b3f9e6acb3899fbdaba2ed5f C:\Windows\system32\stobject.dll
      MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\sxs.dll
      MD5: 364455805e64882844ee9acb72522830 C:\Windows\system32\sxssrv.DLL
      MD5: 2ddea2c345da5bc589efd398f220db0e C:\Windows\System32\SyncCenter.dll
      MD5: 1b82800be96fa1b5ec7c13a5f903f674 C:\Windows\system32\SynCOM.dll
      MD5: 2ddabe4f5ef2a2698dea62c08445acfd C:\Windows\system32\SynTPAPI.dll
      MD5: 36650d618ca34c9d357dfd3d89b2c56f c:\windows\system32\sysmain.dll
      MD5: ba51ffe170c5b3ae8ec4f5bd2581a29e C:\Windows\system32\SYSNTFY.dll
      MD5: 763fecdc3d30c815fe72dd57936c6cd1 C:\Windows\System32\TabSvc.dll
      MD5: 613bf4820361543956909043a265c6ac c:\windows\system32\tapisrv.dll
      MD5: 1c3e8371377e988b683797a132effe1b C:\Windows\system32\taskcomp.dll
      MD5: 7fa8ba5a780e4757964ac9d4238302b9 C:\Windows\System32\taskhost.exe
      MD5: 544eff88ac6c85df5a4d6f18dfe08cfc C:\Windows\system32\taskschd.dll
      MD5: eafc149cd3bd78c443e31bb157841197 C:\Windows\system32\tbs.dll
      MD5: b390c1d825c7687493bede237c6c2f25 C:\Windows\System32\tcpmon.dll
      MD5: 382c804c92811be57829d8e550a900e2 C:\Windows\System32\termsrv.dll
      MD5: 7e9917d5309a90e7576653bfe39f80d8 C:\Windows\system32\timedate.cpl
      MD5: 465dbf63a5049e4db4bc5c12ffe781cb C:\Windows\system32\TQUERY.DLL
      MD5: d29e45078cf4020ce0aac82ec652d1ea C:\Windows\system32\tspkg.DLL
      MD5: 7222995615bf93b628dcea4bd6ccacf7 C:\Windows\system32\UBPM.dll
      MD5: 10a084557c1e91319a0abf578d12d1c5 C:\Windows\system32\ucmhc.dll
      MD5: d33e95c0a2754061233b58dc41f8094c C:\Windows\system32\umb.dll
      MD5: ec7bc28d207da09e79b3e9faf8b232ca c:\windows\system32\umpnpmgr.dll
      MD5: f87d30e72e03d579a5199ccb3831d6ea c:\windows\system32\umpo.dll
      MD5: 377f0c1ddbfa6a43cb7e7568bc0eced0 C:\Windows\system32\unimdm.tsp
      MD5: 53ca6bf58658815fcb472205291dd953 C:\Windows\system32\unimdmat.dll
      MD5: e675de8cf57d8814218733b3dae896d7 C:\Windows\system32\uniplat.dll
      MD5: 954ea9b34f155c844b11f4047a8f6f89 C:\Windows\system32\upnp.dll
      MD5: 9fac0f6d5f3d922db294e30cd3f62369 C:\Windows\system32\urlmon.dll
      MD5: 923cdd30092db73ec4a0ebcddd16c686 C:\Windows\System32\usbmon.dll
      MD5: f1dd3acaee5e6b4bbc69bc6df75cef66 C:\Windows\system32\USER32.dll
      MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\USERENV.dll
      MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\system32\userinit.exe
      MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\Windows\system32\USP10.dll
      MD5: a12829e9974f57e9b5dbfea7c93190f6 C:\Windows\system32\UXINIT.dll
      MD5: 370349f79315d4db86cd992cacefee61 C:\Windows\system32\van.dll
      MD5: c3cd30495687c2a2f66a65ca6fd89be9 C:\Windows\System32\vds.exe
      MD5: 80b562b5b59ed850c328dd75f964f3d8 C:\Windows\system32\vpnike.dll
      MD5: 13337a3fb17f2242487fd45488ed0485 C:\Windows\system32\VSSAPI.DLL
      MD5: 209a3b1901b83aeb8527ed211cce9e4c C:\Windows\system32\vssvc.exe
      MD5: cb67c2b94302dc94bc15ed6553a5c1c7 C:\Windows\system32\wbem\cimwin32.dll
      MD5: 5ae88135c6a86fcd67ba16afbb1c8389 C:\Windows\system32\wbem\esscli.dll
      MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\FastProx.dll
      MD5: f148865e4ac4f715e322ea06e6e21d84 C:\Windows\system32\wbem\ncprov.dll
      MD5: 371e3b05894549113d07cd3081ed55ef C:\Windows\system32\wbem\repdrvfs.dll
      MD5: 585eb475e7af55c9065256e8ffb751a1 C:\Windows\system32\wbem\wbemcore.dll
      MD5: b350509b6c9296529bc464c60feeaef1 C:\Windows\system32\wbem\wbemess.dll
      MD5: 701c9eb15e1e23d22f7c7184c0506673 C:\Windows\system32\wbem\wmidcprv.dll
      MD5: c6b0509aa89f656247694e2d6abf7255 C:\Windows\system32\wbem\wmiprov.dll
      MD5: 3cde2911462fec80064a409c07710c06 C:\Windows\system32\wbem\wmiprvsd.dll
      MD5: 4fb491ac8d46aaf22ba8bc5c73dabef7 C:\Windows\System32\wbem\WmiPrvSE.exe
      MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
      MD5: 691e3285e53dca558e1a84667f13e15a C:\Windows\system32\wbengine.exe
      MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
      MD5: f0016853fa3f38f55fd868ff74c0359b C:\Windows\system32\wdiasqmmodule.dll
      MD5: d205c24a9d069049fe2df2a1b38726a7 C:\Windows\system32\wdmaud.drv
      MD5: a399514d3b28c9a3453a486bbaaff1c7 c:\windows\system32\WDSCORE.dll
      MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
      MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\Windows\system32\webio.dll
      MD5: db846eeca70ee9d2e2ff31147c57b0f4 C:\Windows\system32\webservices.dll
      MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\System32\wer.dll
      MD5: 1869bd251211fb6275067372a45682d6 C:\Windows\System32\werconcpl.dll
      MD5: 241e015dd809cfb23242f890b1fc575b c:\windows\system32\wevtsvc.dll
      MD5: 019c372b1a9da73a22d0d35a4d40f5c9 C:\Windows\system32\wfapigp.dll
      MD5: e2d56ae1d40e3725084054cd8e9cfbb1 C:\Windows\system32\wiarpc.dll
      MD5: e1fb3706030fb4578a0d72c2fc3689e4 c:\windows\system32\wiaservc.dll
      MD5: be3953c7dae4ecc89134cf64a903f8ed C:\Windows\System32\win32spl.dll
      MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\Windows\system32\WindowsCodecs.dll
      MD5: 2875b386b45b8a77e2343c5e129ae50c C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll
      MD5: 39c2d311fd5b80ec58c3618a1d994291 C:\Windows\system32\winethc.dll
      MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\system32\WINHTTP.dll
      MD5: 5553611e2f9ea6f613079177f1233068 C:\Windows\system32\WININET.dll
      MD5: b5c5dcad3899512020d135600129d665 C:\Windows\System32\wininit.exe
      MD5: 6d13e1406f50c66e2a95d97f22c47560 C:\Windows\System32\winlogon.exe
      MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
      MD5: 9419abf3163b6f0e3ad3dd2b381c879f c:\windows\system32\WinSCard.dll
      MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 c:\windows\system32\WINSPOOL.DRV
      MD5: 48cb4fdbcaaeac7bce2f5941545ff071 C:\Windows\system32\winsrv.DLL
      MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\system32\WINSTA.dll
      MD5: 17448af0bba9e7ab5ec955af93f271bd C:\Windows\system32\WINTRUST.dll
      MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
      MD5: 58405e4f68ba8e4057c6e914f326aba2 c:\windows\system32\wkssvc.dll
      MD5: 6f44f5c0bc6b210fe5f5a1c8d899ad0a C:\Windows\System32\wlanext.exe
      MD5: 3c9035085141162416a0dd34dbf3f3c1 c:\windows\system32\WLANMSM.DLL
      MD5: 20c06a50dfc097e134bc6fa8444ca9bc c:\windows\system32\WLANSEC.dll
      MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\system32\WLDAP32.dll
      MD5: 749f9795f01c35eebe100a87d82b9681 c:\windows\system32\wlgpclnt.dll
      MD5: 633c2c060cf857099f6c4f8d75c952b1 C:\Windows\system32\wls0wndh.dll
      MD5: 5cf15474ffdb5005e54958df6edd97ab C:\Windows\system32\wmdrmdev.dll
      MD5: 907281ed4ad35d41b29ffdc211ebad80 C:\Windows\system32\WMI.DLL
      MD5: 1957d49a9613faad1c73b508cce02aa5 C:\Windows\system32\wmp.dll
      MD5: 0fbc74aa20fe0ae6884279f893169c60 C:\Windows\system32\wmploc.dll
      MD5: 3f2b83695e5bf11930c16af50e991f96 C:\Windows\System32\wmpps.dll
      MD5: d412b1b72c5ab020218e9a047d90ca05 C:\Windows\system32\WMsgAPI.dll
      MD5: 0f416e23dd2eb4debe70608020cfd283 C:\Windows\system32\wmvcore.dll
      MD5: aa53356d60af47eacc85bc617a4f3f66 c:\windows\system32\wpdbusenum.dll
      MD5: 735263da17bf5baf9ccd483843bf9d5a C:\Windows\system32\wpdshserviceobj.dll
      MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\system32\WS2_32.dll
      MD5: a8cdf3768604ff95b54669e20053d569 C:\Windows\System32\wscapi.dll
      MD5: 7fd5532c142db6c9cc47aa4dcf71fdec C:\Windows\System32\wscui.cpl
      MD5: 73f6c5223f7e9b5780dd4a6c30fcf569 C:\Windows\system32\wsdapi.dll
      MD5: a8eb761de499242becf153b2b34f020e C:\Windows\System32\WSDMon.dll
      MD5: ac122407b29378ff9646f03404ac7c54 C:\Windows\system32\wshbth.dll
      MD5: e8f6851e4600cd3674422487ee240941 C:\Windows\system32\wshext.dll
      MD5: 81f08948a0f1475894c99d4d19a158a8 C:\Windows\System32\wshqos.dll
      MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
      MD5: 6357e2b68753a1f5cf4a68a25c4fd14a C:\Windows\System32\wsnmp32.dll
      MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\WTSAPI32.dll
      MD5: 1a617835452eee5060976c9b9f5fe635 C:\Windows\system32\wuapi.dll
      MD5: fc3ec24fce372c89423e015a2ac1a31e c:\windows\system32\wuaueng.dll
      MD5: 311a281f5199ec39711017530dc06b64 C:\Windows\System32\WUDFHost.exe
      MD5: 9fbcfd7e88a7ace0e94456504895dd7f c:\windows\system32\WUDFPlatform.dll
      MD5: 8d1e1e529a2c9e9b6a85b55a345f7629 c:\windows\system32\wudfsvc.dll
      MD5: 8549e6abf8b270cc10c31b480239e116 C:\Windows\system32\WUDFx.dll
      MD5: edf2a5e96bec469da3f64e9bdd386111 c:\windows\system32\XmlLite.dll
      MD5: 5b3d1c528cd6674ff6bd1f6720f5a686 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\cbscore.dll
      MD5: 4ccf86aad1b67168fb51a477307ec288 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll
      MD5: 8896ef6deba34c5507a488729a1d3af2 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll
      MD5: c9b89e87cb6d87fa4cc3f04ebc9f3d1c C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll
      MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
      MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
      MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
      MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
      MD5: 7717f84f483002815490033bf069dabd C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll

      Total traffic - 0.03 MB enviado, 2.52 KB recibido
      Scanned 1051 files and modules - 96 seconds
      ==============================
      Malwarebytes Anti-Malware (PRO) 1.65.1.1000
      18/10/2012 06:52:58 p.m.
      Tipos de Análisis: Análisis Completo (C:\|D:\|E:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Archivos Detectados: 5
      C:\Users\Antonella\Downloads\mozilla-firefox-2.0.0.20.exe (PUP.BundleInstaller.UTD) -> En cuarentena y eliminado con éxito.
      C:\Users\Antonella\Escritorio\PROGRAMAS\Picnik.exe (Adware.Bundler) -> En cuarentena y eliminado con éxito.
      C:\Users\SILVIA\Documents\KeygenPhotoshopCS5Extended.exe (Malware.Packer.Gen) -> En cuarentena y eliminado con éxito.
      C:\Users\SILVIA\Documents\Keygen\KeygenPhotoshopCS5Extended.exe (Malware.Packer.Gen) -> En cuarentena y eliminado con éxito.
      C:\Program Files\vGrabber-software\Uninstall.exe (PUP.BundleInstaller.VG) -> En cuarentena y eliminado con éxito.
      fin)

      el problema sigue apareciendo y despues aparece el buscador babylon que yo ya lo eh eliminado : feed***helperbar***com
      Última edición por ivaaan_ fecha: 18/10/12 a las 21:34:14

    6. #6
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.135

      Re: Feed Helperbar, SweetIM

      Buenaas

      Realiza lo siguiente porfavor:
      Instala la ultima version del siguiente programa:
      Actualiza Java de la siguiente forma:
      1. Descarga e instala Java de su pagina oficial: Descarga gratuita de software de Java
      2. Ejecuta JavaRa (Manual de JavaRa) y si descargas la version 2 procede de la siguiente forma:
        1. Ejecuta JavaRa como administrador, y presiona donde dice Update JavaRa Definitions,
        2. Ve a Remove JRE y elimina todos los que te aparescan anteriores a la actual.
        3. Despues ve a Aditional Task y marca donde dice Remove Outdated Firefox Extensions y presiona Run.
      3. Desinstala cualquier version de Java anterior a la actual, en este caso 7 update 9

      Nota: cuando quieras verificar tu version de Java puedes ir a este enlace: Verificar la versión de Java
      Ve a Mozilla y en Complementos>Extensiones elimina los que digan algo como iminent.

      Descarga OTM y colocalo en el esritorio:

      Precaución: OTMoveIt es un programa muy potente, diseñado para remover archivos y carpetas rebeldes en el proceso de detección y eliminación de las infecciones causada por diversos tipos de malware. Se recomienda que sea "utilizado bajo la dirección y supervisión de un experto", no para uso privado. El uso de esta herramienta incorrecta y sin un control adecuado puede llevar a desastrosos problemas con su sistema operativo.
      • Despues ejecutalo segun su manual y desactivando temporalmente cualquier programa de seguridad.
      • Pegaras el siguiente texto en el marco izquierdo que pone Paste instruccions for items to be moved - (Se excluye la palabra "codigo").
        Código:
        :files
        C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\Engine.dll
        C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\setup_widget_serv.exe
        C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444
        C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\components\ffdisp.dll
        C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]
        
        :commands
        [emptyjava]
        [emptytemp]
        [emptyflash]
      • Presionas el boton MoveIt!.
      • El programa comenzara a hacer su trabajo, espera pacientemente a que termine.
      • Cuando termine te preguntara si quieres reiniciar para eliminr algunos archivos.
      • Le damos "Yes" para reiniciar de inmediato, Permite que se reinicie el equipo, esto es importante.. De no hacerlo reinicia manualmente

      Nota: Es posible que note archivos u carpetas visibles en el escritorio y/o en otro apartado del sistema, esto es normal, al finalizar los procedimientos, todo volverá a la normalidad.
      En Glary Utilities ve a Modulos>Untilidades del Sistema>Asistente de Internet Explorer. En la ventana que se abrira ve a Restaurar modificaciones, te aseguras que la opcion Marcar Todo, este activada, das click en Restaurar y esperas a que el programa termine. Al final abres IE y compruebas los resultados.

      Para cambiar las restauraciones de Mozilla y Opera, en caso de que no te deje en sus opciones/preferencias tendrias que hacer un respaldo de los marcadores, haces una desisntalacion completa (puedes usar revo en modo avanzdo: Manual de Revo Uninstaller), y despues usar el respaldo:
      Nos traerias el reporte de OTM de C: \ _ OTM\MovedFiles\***_***.log (Donde sale "***_***" es la fecha y hora) comentandonos como sigue el problema.

      Saludos
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de ivaaan_
      Registrado
      oct 2012
      Ubicación
      -
      Mensajes
      12

      Re: Feed Helperbar, SweetIM

      El problema sigue apareciendo compañero, yo utilizo Google Chrome

      Me redirecciona a este sitio cuando busco algo y después me aparece search babylon.

      http****feed**helperbar**com**?publisher=OPENCANDY&dpid=OPENCANDY&co=AR&userid=b6241c47-b548-4aac-b43d-cabd9fd3423b&affid=111583&searchtype=ds&babsrc=lnkry&q=adaaa

      All processes killed
      ========== FILES ==========
      LoadLibrary failed for C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\Engine.dll
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\Engine.dll moved successfully.
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\setup_widget_serv.exe moved successfully.
      File/Folder C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444 not found.
      DllUnregisterServer procedure not found in C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\components\ffdisp.dll
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\components\ffdisp.dll moved successfully.
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\defaults\preferences folder moved successfully.
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\defaults folder moved successfully.
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\content\imgs\mnRadio folder moved successfully.
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\content\imgs\flgs folder moved successfully.
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\content\imgs folder moved successfully.
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\content folder moved successfully.
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected]\components folder moved successfully.
      C:\Users\Antonella\AppData\Roaming\Mozilla\Firefox\Profiles\fxp4osyr.default\extensions\[email protected] folder moved successfully.
      ========== COMMANDS ==========

      [EMPTYJAVA]

      User: All Users

      User: Antonella

      User: Default

      User: Default User

      User: HP Lab

      User: Invitado

      User: Public

      User: SILVIA
      ->Java cache emptied: 0 bytes

      Total Java Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: Antonella
      ->Temp folder emptied: 4238859 bytes
      ->Temporary Internet Files folder emptied: 316974 bytes
      ->FireFox cache emptied: 3457377 bytes
      ->Google Chrome cache emptied: 76755368 bytes
      ->Flash cache emptied: 0 bytes

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: HP Lab
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Invitado
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      User: SILVIA
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Java cache emptied: 0 bytes
      ->Google Chrome cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 1067732 bytes
      %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32155262 bytes
      %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 741 bytes
      RecycleBin emptied: 393521432 bytes

      Total Files Cleaned = 488,00 mb


      [EMPTYFLASH]

      User: All Users

      User: Antonella
      ->Flash cache emptied: 0 bytes

      User: Default
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Flash cache emptied: 0 bytes

      User: HP Lab
      ->Flash cache emptied: 0 bytes

      User: Invitado
      ->Flash cache emptied: 0 bytes

      User: Public

      User: SILVIA
      ->Flash cache emptied: 0 bytes

      Total Flash Files Cleaned = 0,00 mb


      OTM by OldTimer - Version 3.1.21.0 log created on 10212012_195725

    8. #8
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.135

      Re: Feed Helperbar, SweetIM

      Buenas

      Pues creo que tu ordenador ya no tiene adwares.

      Ejecuta OTM y presiona CleanUp!, espera a que termine de limpiarse y restaurar los cambios causados. Cuando termine reinicia.

      Ahora probemos restaurar chrome. Primero ve al menu>Herrmientas>Extensiones y elimina todas aquellas que tu no hayas instalado y no quieras. En especial si dicen algo relacionado con el problema.

      Despues en el menu ve a configuraciones. Cambia la pagina de inicio, el motor de busqueda y en aspecto eliminando las paginas que no conoscas o cambiandolas por algunas que si conoscas.

      Nos comentas.

      Saludos
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de ivaaan_
      Registrado
      oct 2012
      Ubicación
      -
      Mensajes
      12

      Re: Feed Helperbar, SweetIM

      En este link dejo la imagen del problema.

      Subefotos.com - Comparte rapidamente tus fotos

      El problema sigue, quiero modifcarlo y me vuelve a poner ese sitio web.
      Última edición por ivaaan_ fecha: 21/10/12 a las 21:00:12

    10. #10
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.135

      Re: Feed Helperbar, SweetIM

      Hola

      Vamos a probar esto:
      Descarga Eset Smart Installer:
      Ejecuta Eset como se indica en el manual y te aseguras de Activar las siguientes casillas antes de iniciar el escaneo:
      • Eliminar las amenazas detectadas
      • Analizar archivos
      • Analizar en busca de aplicaciones potencialmente indeseables
      • Analizar en busca de aplicaciones potencialmente peligrosas
      • Activar la tecnología Anti-Stealth
      Ve a Glary y realiza un mantenimiento One-Click, despues haces esto:
      • Ve a Modulos>Optimizar y Mejorar>Administrador de Inicio, y en la ventana que se abrira ve a Archivo>Exportar y guardas un reporte.
      • Ve a Modulos>Limpiar y Reparar>Administrador de desinstalacion. En la ventana que se abrira, y cuando termine de cargar ve a Archivo>Exportar lista de aplicaciones y guardas otro reporte.
      Nos traerias los reportes de glary y eset (%programfiles%\Eset\Eset Online Scanner\log.txt) comentandonos el estado del problema.

      Saludos
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 3 123 ÚltimoÚltimo