• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 19

    OS Attack: MS RPCSS Attack CVE-2004-0116 2

    Buenas tardes a todos! Tengo instalado en mi maquina el Symantec Endpoint Protection y me aparece el siguiente mensaje de alerta: "Traffic from IP address ... is blocked from date / time SID: 20386 OS ...

    1. #1
      Usuario Avatar de serko71
      Registrado
      jul 2005
      Ubicación
      Argentina
      Mensajes
      39

      OS Attack: MS RPCSS Attack CVE-2004-0116 2

      Buenas tardes a todos!

      Tengo instalado en mi maquina el Symantec Endpoint Protection y me aparece el siguiente mensaje de alerta:
      "Traffic from IP address ... is blocked from date / time
      SID: 20386 OS Attack: MS RPCSS Attack CVE-2004-0116 2 detected"
      He revisado en la web y solo encontre la siguiente solucion en la pagina de Symantec:
      http://www.symantec.com/security_res...jsp?asid=20386
      pero solo aplica para el SP1 y yo tengo instalado Windows XP Professional SP3.
      Adicionalmente me han hackeado la cuenta de correo de Hotmail.
      Por favor, si alguien pudiera ayudarme, muy agradecido.
      Saludos!

    2. #2
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: OS Attack: MS RPCSS Attack CVE-2004-0116 2

      Cita Originalmente publicado por serko71 Ver Mensaje
      Buenas tardes a todos!

      Tengo instalado en mi maquina el Symantec Endpoint Protection y me aparece el siguiente mensaje de alerta:
      "Traffic from IP address ... is blocked from date / time
      SID: 20386 OS Attack: MS RPCSS Attack CVE-2004-0116 2 detected"
      He revisado en la web y solo encontre la siguiente solucion en la pagina de Symantec:
      OS Attack: MS RPCSS Attack CVE-2004-0116 2: Attack Signature - Symantec Corp.
      pero solo aplica para el SP1 y yo tengo instalado Windows XP Professional SP3.
      Adicionalmente me han hackeado la cuenta de correo de Hotmail.
      Por favor, si alguien pudiera ayudarme, muy agradecido.
      Saludos!
      Hola! vamos a ver, el tema de hackeo de la cuenta de hotmail, la tienes bloqueada o en qué estado está.

      Ejecuta RKill (disfrazado de WINLOGON)

      Luego ejecuta el siguiente programa según su => Manual de BitDefender QuickScan Online teniendo en cuenta que el reporte que te genere lo tendrás que sacar del "View Report", te pido disculpas pero mi servidor de Imágenes IMAGESHACK está en Mantenimiento, pero te saldrá una imagen así y en la parte inferior derecha te pondrá View Report clickeas y te saldrá el Reporte, detecte algo o no, me lo adjuntas:

      IMAGEN

      SAludos.
      Última edición por Gemsa_03 fecha: 12/01/13 a las 19:12:14 Razón: correción

    3. #3
      Usuario Avatar de serko71
      Registrado
      jul 2005
      Ubicación
      Argentina
      Mensajes
      39

      Re: OS Attack: MS RPCSS Attack CVE-2004-0116 2

      Hola!

      Muchas gracias por tu respuesta! Ejecute los dos dos programas que me has indicado y los reportes son los siguientes:

      1- RKill - Report

      Rkill 2.4.5 by Lawrence Abrams (Grinler)
      Bleeping Computer - Technical Support and Computer Help
      Copyright 2008-2013 BleepingComputer.com
      More Information about Rkill can be found at this link:
      RKill - What it does and What it Doesn't - A brief introduction to the program

      Program started at: 01/13/2013 03:42:22 PM in x86 mode.
      Windows Version: Microsoft Windows XP Service Pack 3

      Checking for Windows services to stop:

      * No malware services found to stop.

      Checking for processes to terminate:

      * C:\WINDOWS\system32\Drivers\trcboot.exe (PID: 1696) [WD-HEUR]
      * C:\WINDOWS\system32\Drivers\ldlcserv.exe (PID: 5164) [WD-HEUR]
      * C:\WINDOWS\system32\Drivers\ldlcserv6.exe (PID: 5180) [WD-HEUR]

      3 proccesses terminated!

      Checking Registry for malware related settings:

      * No issues found in the Registry.

      Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
      * HKLM\Software\Classes\.exe\shell found and deleted!


      Performing miscellaneous checks:

      * Windows Defender Disabled

      [HKLM\SOFTWARE\Microsoft\Windows Defender]
      "DisableAntiSpyware" = dword:00000001

      * Windows Firewall Disabled

      [HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
      "EnableFirewall" = dword:00000000

      * Windows Firewall Disabled

      [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
      "EnableFirewall" = dword:00000000

      Checking Windows Service Integrity:

      * No issues found.

      Searching for Missing Digital Signatures:

      * No issues found.

      Checking HOSTS File:

      * HOSTS file entries found:

      127.0.0.1 localhost

      Program finished at: 01/13/2013 03:43:12 PM
      Execution time: 0 hours(s), 0 minute(s), and 49 seconds(s)

    4. #4
      Usuario Avatar de serko71
      Registrado
      jul 2005
      Ubicación
      Argentina
      Mensajes
      39

      Re: OS Attack: MS RPCSS Attack CVE-2004-0116 2

      2- Bitdefender - Report

      QuickScan 32-bit v0.9.9.118
      ---------------------------
      Fecha de Análisis: Sun Jan 13 15:51:07 2013
      ID de la Máquina: C03FBF83



      No se han encontrado infecciones.
      ---------------------------------



      Procesos
      --------
      Access Connections 3880 C:\Program Files\ThinkPad\ConnectUtilities\Access Connections.exe
      Access Connections 2312 C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
      Access Connections 2436 C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
      Access Connections 876 C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
      Access Connections 1024 C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
      Access Connections 2900 C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
      Ad-Aware Antivirus 4156 C:\PROGRA~1\AD-AWA~1\AdAware.exe
      Ad-Aware Antivirus Service 4376 C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
      Anti-phishing Domain Advisor 4872 C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
      AT&T Global Network Client 3212 C:\Program Files\AT&T Network Client\NetClientSvc.exe
      Auto Scroll 396 C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
      BESClient 2620 C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
      Bluetooth Software 5928 C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
      Bluetooth Software 1072 C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
      Doze Mode Service Program 3200 C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
      EEventManager Application 2528 C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
      GFI AntiMalware Common SDK Merge Module 4812 C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
      IBM Developer Kit for Windows,Java,1.6. 2788 C:\Program Files\IBM\Java60\jre\bin\jqs.exe
      IBM Lotus Notes/Domino 3032 C:\notes\SUService.exe
      IBM Standard Asset Manager GUI 2504 C:\Program Files\C4ebreg\isamtray.exe
      IBM Standard Asset Manager Service 1492 C:\Program Files\C4ebreg\c4ebreg.exe
      IBM wnsd 1560 C:\notes\nsd.exe
      IBM(R) DB2(R) 2776 C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
      IBM(R) DB2(R) 3004 C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
      Intel(R) Common User Interface 3588 C:\WINDOWS\system32\hkcmd.exe
      Intel(R) Common User Interface 1568 C:\WINDOWS\system32\igfxext.exe
      Intel(R) Common User Interface 3652 C:\WINDOWS\system32\igfxpers.exe
      Intel(R) Common User Interface 3668 C:\WINDOWS\system32\igfxsrvc.exe
      Intel(R) Common User Interface 3572 C:\WINDOWS\system32\igfxtray.exe
      Intel(R) PROSet/Wireless 4512 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      Intel(R) PROSet/Wireless 3320 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      Intel(R) PROSet/Wireless 640 C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
      ISSI Service 2040 C:\sdwork\issimsvc.exe
      Microsoft® Windows® Operating System 6092 C:\WINDOWS\system32\notepad.exe
      Microsoft® Windows® Operating System 620 C:\WINDOWS\system32\spoolsv.exe
      Microsoft® Windows® Operating System 3856 C:\WINDOWS\system32\wbem\unsecapp.exe
      miragent.exe 3084 C:\Program Files\MANDIANT\MANDIANT Intelligent Response Agent\miragent.exe
      NetCfgSvr Module 3592 C:\PROGRA~1\AT&TNE~2\netcfgsvr.exe
      On screen display 2772 C:\Program Files\Lenovo\HOTKEY\micmute.exe
      On screen display 992 C:\Program Files\Lenovo\HOTKEY\tphkload.exe
      On screen display 684 C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
      On screen display 2248 C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
      On screen display 2336 C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.exe
      Personal Communications 2064 C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE
      Personal Communications 5164 C:\WINDOWS\system32\drivers\ldlcserv.exe
      Personal Communications 5180 C:\WINDOWS\system32\drivers\ldlcserv6.exe
      PGP Desktop 2964 C:\Program Files\PGP Corporation\PGP Desktop\PGPtray.exe
      PGP Desktop 3080 C:\Program Files\PGP Corporation\PGP Desktop\RDDService.exe
      pmonmh.exe 3556 C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.common_1.7.2\pmonmh.exe
      Power Manager 3924 C:\Program Files\ThinkPad\Utilities\PWMEWSVC.exe
      PWMDBSVC Module 340 C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
      ScheduledTask 2872 C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.EXE
      Search Protection 5072 C:\Documents and Settings\All Users\Application Data\Search Protection\SearchProtection.exe
      Spybot - Search & Destroy 4548 C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
      Spybot - Search & Destroy 2708 C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
      Spybot - Search & Destroy 1152 C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
      Spybot - Search & Destroy 5000 C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
      Symantec AntiVirus 4916 C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
      Symantec Client Management Component 1948 C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
      Symantec Client Management Component 6064 C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
      Symantec Security Technologies 2484 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      Symantec Security Technologies 1220 C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      Synaptics Pointing Device Driver 3852 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      Synaptics Pointing Device Driver 2732 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      ThinkPad Power Management Service 1596 C:\WINDOWS\system32\ibmpmsvc.exe
      ThinkPad UltraZoom 2316 C:\PROGRA~1\Lenovo\ZOOM\TpScrex.exe
      ThinkVantage Active Protection System 3716 C:\WINDOWS\system32\TpShocks.exe
      Tivoli Endpoint Manager 2056 C:\Program Files\BigFix Enterprise\BES Client\BESClientUI.exe
      tpam.exe 1328 C:\Program Files\IBM\Personal Communications\tpam.exe
      (verificado) Microsoft® .NET Framework 3420 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
      (verificado) Microsoft® Windows® Operating System 1120 C:\WINDOWS\explorer.exe
      (verificado) Microsoft® Windows® Operating System 324 C:\WINDOWS\system32\alg.exe
      (verificado) Microsoft® Windows® Operating System 1348 C:\WINDOWS\system32\csrss.exe
      (verificado) Microsoft® Windows® Operating System 3384 C:\WINDOWS\system32\ctfmon.exe
      (verificado) Microsoft® Windows® Operating System 1448 C:\WINDOWS\system32\lsass.exe
      (verificado) Microsoft® Windows® Operating System 2288 C:\WINDOWS\system32\rundll32.exe
      (verificado) Microsoft® Windows® Operating System 3764 C:\WINDOWS\system32\rundll32.exe
      (verificado) Microsoft® Windows® Operating System 1436 C:\WINDOWS\system32\services.exe
      (verificado) Microsoft® Windows® Operating System 1264 C:\WINDOWS\system32\smss.exe
      (verificado) Microsoft® Windows® Operating System 1836 C:\WINDOWS\system32\svchost.exe
      (verificado) Microsoft® Windows® Operating System 1796 C:\WINDOWS\system32\svchost.exe
      (verificado) Microsoft® Windows® Operating System 1628 C:\WINDOWS\system32\svchost.exe
      (verificado) Microsoft® Windows® Operating System 4712 C:\WINDOWS\system32\svchost.exe
      (verificado) Microsoft® Windows® Operating System 940 C:\WINDOWS\system32\svchost.exe
      (verificado) Microsoft® Windows® Operating System 832 C:\WINDOWS\system32\svchost.exe
      (verificado) Microsoft® Windows® Operating System 752 C:\WINDOWS\system32\svchost.exe
      (verificado) Microsoft® Windows® Operating System 1968 C:\WINDOWS\system32\wbem\wmiprvse.exe
      (verificado) Microsoft® Windows® Operating System 2624 C:\WINDOWS\system32\wbem\wmiprvse.exe
      (verificado) Microsoft® Windows® Operating System 1388 C:\WINDOWS\system32\winlogon.exe
      (verificado) Windows® Internet Explorer 2256 C:\Program Files\Internet Explorer\iexplore.exe
      (verificado) Windows® Internet Explorer 2368 C:\Program Files\Internet Explorer\iexplore.exe
      (verificado) Windows® Internet Explorer 4680 C:\Program Files\Internet Explorer\iexplore.exe


      Actividad de red
      ----------------
      Proceso iexplore.exe (4680) conectado en el puerto 80 (HTTP) --> 173.194.42.1
      Proceso iexplore.exe (4680) conectado en el puerto 80 (HTTP) --> 190.221.164.202
      Proceso iexplore.exe (4680) conectado en el puerto 80 (HTTP) --> 173.194.42.1

      Proceso svchost.exe (1796) escuchar en puertos: 135 (RPC)
      Proceso EEventManager.exe (2528) escuchar en puertos: 2968
      Proceso db2jds.exe (2776) escuchar en puertos: 6789
      Proceso miragent.exe (3084) escuchar en puertos: 22201
      Proceso PWMEWSVC.exe (3924) escuchar en puertos: 3730
      Proceso SDFSSvc.exe (4548) escuchar en puertos: 21320, 21322, 21323
      Proceso SDUpdSvc.exe (5000) escuchar en puertos: 21321


      Autoruns y archivos críticos
      ----------------------------
      _run.bat C:\Documents and Settings\All Users\Application Data\Search Protection\_run.bat
      Access Connections C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll
      Access Connections C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
      Access Connections C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
      Ad-Aware Antivirus Launcher C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe
      Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      Anti-phishing Domain Advisor C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
      Auto Scroll C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
      EEventManager Application C:\Program Files\Epson Software\Event Manager\EEventManager.exe
      EPSON Status Monitor 3 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBB.EXE
      IBM Standard Asset Manager GUI C:\Program Files\C4ebreg\isamtray.exe
      IBM Standard Asset Manager Service C:\Program Files\C4ebreg\c4ebreg.exe
      IBM Standard Software Installer c:\sdwork\w32maing.exe
      Intel(R) Common User Interface C:\WINDOWS\system32\hkcmd.exe
      Intel(R) Common User Interface C:\WINDOWS\system32\igfxdev.dll
      Intel(R) Common User Interface C:\WINDOWS\system32\igfxpers.exe
      Intel(R) Common User Interface C:\WINDOWS\system32\igfxtray.exe
      ISSI Service C:\sdwork\issimsvc.exe
      launcher.exe C:\Program Files\Thinkvantage Fingerprint Software\launcher.exe
      Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
      Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
      Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
      Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.dll
      Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
      Microsoft® Windows® Operating System C:\WINDOWS\system32\reg.exe
      Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
      Microsoft® Windows® Operating System C:\WINDOWS\system32\sstext3d.scr
      Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
      Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
      Network access restoration program C:\Program Files\AT&T Network Client\NetSP.exe
      OGAEXEC.exe C:\WINDOWS\system32\OGAEXEC.exe
      pmonmh.exe C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.common_1.7.2\pmonmh.exe
      psqlpwd.dll C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
      PWMIDTSK.EXE C:\Program Files\ThinkPad\Utilities\PWMIDTSK.EXE
      Spybot - Search & Destroy C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
      Spybot - Search & Destroy C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
      Spybot - Search & Destroy C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
      Symantec Security Technologies C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      ThinkPad Power Manager C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL
      ThinkVantage Active Protection System C:\WINDOWS\system32\TpShocks.exe
      新注音 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
      (verificado) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
      (verificado) Microsoft IME 2002 C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
      (verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
      (verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
      (verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
      (verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
      (verificado) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


      Plugins del Navegador
      ---------------------
      AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
      Ad-Aware Security Add-on C:\Program Files\adawaretb\adawareDx.dll
      Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
      Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
      Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
      Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll
      DtUser C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p9mdzysh.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\dtUser.exe
      DTX Toolbar C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p9mdzysh.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\components\dtTransparency.dll
      Epson Easy Photo Print (TBL) c:\program files\epson software\easy photo print\eptbl.dll
      IBM BluePages Add to NAB 1.1 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p9mdzysh.default\extensions\bpaddtonab@firefox-extensions.ibm.com\plugins\npaddtonab.dll
      IBM Developer Kit for Windows,Java,1.6. c:\program files\ibm\java60\jre\bin\jp2ssv.dll
      IBM Developer Kit for Windows,Java,1.6. C:\Program Files\IBM\Java60\jre\bin\new_plugin\npjp2.dll
      IBM Developer Kit for Windows,Java,1.6. c:\program files\ibm\java60\jre\bin\ssv.dll
      IBM Developer Kit for Windows,Java,1.6. c:\program files\ibm\java60\jre\lib\deploy\jqs\ie\jqs_plugin.dll
      IBM GLOBAL PRINT C:\Program Files\Mozilla Firefox\plugins\npcpsweb.dll
      IE Tab Plug-in C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p9mdzysh.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll
      InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe
      Java Deployment Toolkit 6.0.0-20120412_ C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
      Microsoft® Windows® Operating System C:\WINDOWS\System32\MSWSOCK.dll
      Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
      Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
      NPSWF32_11_5_502_135.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
      Software Manager C:\WINDOWS\Downloaded Program Files\isusweb.dll
      Spybot - Search & Destroy C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
      Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
      (verificado) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll
      (verificado) Microsoft Office 2003 C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
      (verificado) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe


      Archivos perdidos
      -----------------
      Archivo no encontrado: C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher
      --> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"Ad-Aware Antivirus"

      Archivo no encontrado: SDWinLogon.dll
      --> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon\"DllName"

    5. #5
      Usuario Avatar de serko71
      Registrado
      jul 2005
      Ubicación
      Argentina
      Mensajes
      39

      Re: OS Attack: MS RPCSS Attack CVE-2004-0116 2

      Analizar
      --------
      MD5: 67cd9584055a30da8bf7a633d2cd6ddc C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p9mdzysh.default\extensions\bpaddtonab@firefox-extensions.ibm.com\plugins\npaddtonab.dll
      MD5: f82c597a5011763cb087c61f85b09f0e C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p9mdzysh.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll
      MD5: 9232d0e2a87b415869b128b2e7dc7953 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p9mdzysh.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\components\dtTransparency.dll
      MD5: f860d92cbfce07dd25a924f144251728 C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p9mdzysh.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\dtUser.exe
      MD5: c55d73bf01beb9c25516fa519174cc9c C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.dll
      MD5: df7aeec25e5c006eec61206476f48629 C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
      MD5: 788c6c50155b17fb5b845288146a1cb1 C:\Documents and Settings\All Users\Application Data\MANDIANT\MANDIANT Intelligent Response Agent\mktools.sys
      MD5: dfb1f3063b7d686996c14f8e6f1aa92e C:\Documents and Settings\All Users\Application Data\Search Protection\SearchProtection.exe
      MD5: 74edbb03de3291fcf2094af1fb363f1d c:\notes\dbghelp_x86_v6.8.40.dll
      MD5: e4fa829273fdf5bd20fc9804fd5f9c20 C:\notes\nsd.exe
      MD5: 2098af12149789fa6608422c8796f77c C:\notes\SUService.exe
      MD5: 90012fb281b393f9f6a6689bcd4cb64b C:\Program Files\Ad-Aware Antivirus\AdAware.exe
      MD5: 693a2bf25349642027fa26f5d1a4059e C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe
      MD5: a09a61cfde15e5a67701ea812ce3f43f C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
      MD5: 111092bcae7b9341229ca147a0d37bb4 C:\Program Files\Ad-Aware Antivirus\AdAwareShellExtension.dll
      MD5: f3e0c06e4dd1283b22ba58c7527e5e87 C:\Program Files\Ad-Aware Antivirus\cart\CartSdk.dll
      MD5: 3e8fe7e72e4c269771bc25fdaf9184c6 C:\Program Files\Ad-Aware Antivirus\Definitions\lgpl.dll
      MD5: 7dc7d177b59d55b1a09f3a8e14fdfb58 C:\Program Files\Ad-Aware Antivirus\Definitions\lib7zip.dll
      MD5: 50bc994b5bd8a2f905a69f601fc3dc1d C:\Program Files\Ad-Aware Antivirus\Definitions\libBase64.dll
      MD5: c8ea2e332ec6884d08ce2d5eefcb8440 C:\Program Files\Ad-Aware Antivirus\Definitions\libEmail.dll
      MD5: bf47c9a5372e4df8f435ab2f03be3c32 C:\Program Files\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
      MD5: 28188263a5d451261ecbfa6303d4d702 C:\Program Files\Ad-Aware Antivirus\Definitions\libMsCab.dll
      MD5: 3225b53b1c53672e97295861947ed3de C:\Program Files\Ad-Aware Antivirus\Definitions\libMsi.dll
      MD5: 5798d98b64240f18a012aa76f632734a C:\Program Files\Ad-Aware Antivirus\Definitions\libNSIS.dll
      MD5: 1f8a4be6c00f689a6fe3a678b5c2b603 C:\Program Files\Ad-Aware Antivirus\Definitions\libOleA.dll
      MD5: fb5c1ed6bba79291fda664cf142eea4d C:\Program Files\Ad-Aware Antivirus\Definitions\libRar.dll
      MD5: 56dd7d9679a86efc4c31a03a92c3237d C:\Program Files\Ad-Aware Antivirus\Definitions\libRTF.dll
      MD5: 5d2638498dea94f0d65136d49625a8dc C:\Program Files\Ad-Aware Antivirus\Definitions\libtd.dll
      MD5: 477e3d0df9dc60957cb9e0c0d8b47019 C:\Program Files\Ad-Aware Antivirus\Definitions\libVvs.dll
      MD5: 0e47902c881a09dc64d5deba611b370a C:\Program Files\Ad-Aware Antivirus\Definitions\libZip.dll
      MD5: c731fc78cb6546c7fe189c9a40d7eed0 C:\Program Files\Ad-Aware Antivirus\Definitions\remediation.dll
      MD5: da9e66f0b2de8b14cf919aaaa67833db C:\Program Files\Ad-Aware Antivirus\Definitions\vcore.dll
      MD5: 0106917007064c4d42d90a6081d57511 C:\Program Files\Ad-Aware Antivirus\htmlayout.dll
      MD5: 6b59e42d12d76455e1657df2bfd47c90 C:\Program Files\Ad-Aware Antivirus\kbu.dll
      MD5: 9ce7bd04edf43a81685030ff09e7f4d7 C:\Program Files\Ad-Aware Antivirus\mimepp.dll
      MD5: 99fc1599f89a80216e41175b8ca44d89 C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
      MD5: e92f9a1caf8369d541da870b683a33d6 C:\Program Files\Ad-Aware Antivirus\SBAMSvcPS.dll
      MD5: 09289206c1fddd64ca96e024d5c4b23e C:\Program Files\Ad-Aware Antivirus\sbap.dll
      MD5: 08af0b15ac1696f1f9b58fab6560372b C:\Program Files\Ad-Aware Antivirus\SBArva.dll
      MD5: 414f0c81bc69d2bf7216b0a5432dba7f C:\Program Files\Ad-Aware Antivirus\SbHips.dll
      MD5: e691826f57c814decd85e143bb8f15c0 C:\Program Files\Ad-Aware Antivirus\SBTE.dll
      MD5: 9eba2c513b44a87c1e4a2a4115fa5ab8 C:\Program Files\Ad-Aware Antivirus\SpursDownload.dll
      MD5: c610485022bdaf12f3836b6955470b69 C:\Program Files\Ad-Aware Antivirus\Vipre.dll
      MD5: 070ea95e365833fb8973e595d3a1911c C:\Program Files\adawaretb\adawareDx.dll
      MD5: 2f6281cabe3152b6570d6fd7a5dc88d0 C:\Program Files\adawaretb\adawaretb.dll
      MD5: 84cbd6f6aa7ee399fbdc265b8ea64474 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
      MD5: d9726b14251fcdb2926225ab2f1d402b C:\Program Files\AT&T Network Client\Diagnostic.dll
      MD5: 06a9192b08bda241785fb5f227f85ff3 C:\Program Files\AT&T Network Client\Hpqpm.dll
      MD5: 0458acdaece682c5ec34d01bc88cec03 C:\Program Files\AT&T Network Client\netcfgsvr.exe
      MD5: cdf98243b57c155bcd6473faf6ff598b C:\Program Files\AT&T Network Client\NetClientSvc.exe
      MD5: 4b79690ce9427a61c67dd18bc028fb06 C:\Program Files\AT&T Network Client\NetSP.exe
      MD5: 7d29ce985f795a05489bf36c449fc0c2 C:\Program Files\AT&T Network Client\NetTLM.dll
      MD5: 8e852c485fcc0342a10ffa79b5f22f16 C:\Program Files\AT&T Network Client\proxystub.dll
      MD5: b12de719302ef4407eee0a77a2eaec58 C:\Program Files\AT&T Network Client\WwanCoreSdk.dll
      MD5: d06561590ee158bc551d5711beb22442 C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
      MD5: 98a4cd03d1c9076173f9371cc83c57a3 C:\Program Files\BigFix Enterprise\BES Client\BESClientUI.exe
      MD5: 5e6c2f089855c4653502d823d3d1be60 C:\Program Files\BigFix Enterprise\BES Client\libBEScrypto_1_0_0_1.dll
      MD5: fb74a76c5635a4b176a84d7a4025ef22 C:\Program Files\BigFix Enterprise\BES Client\libBESssl_1_0_0_1.dll
      MD5: 047615d240d7b193978694fad96cd779 C:\Program Files\C4ebreg\c4ebreg.exe
      MD5: a91e6fa27abf47c52c4669252a8ae5c6 C:\Program Files\C4ebreg\isamtray.exe
      MD5: 8ac507841d9aeb0930e5841fad33f0ba C:\Program Files\C4ebreg\osprules.dll
      MD5: 5ce3778530e39d2badf87574b5f9529c C:\Program Files\C4ebreg\python23.dll
      MD5: ba0ed7aa3c36a8da27ded1d6b3508158 c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
      MD5: 280d33db8697fdef8ccf2b9eef9ea5cb C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
      MD5: c56ee8c650cbb70a20a3b2e3df3fe996 C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
      MD5: 958f62b7a3e4a1352b88bd98ed46843d C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
      MD5: af9d9c8a2f6e4841673f59dc47b0d943 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      MD5: bfa0c69b3ba317236f110c8f1857225d C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
      MD5: 6947611dbdccc3cd96fcb53aceacbca9 C:\Program Files\Common Files\Symantec Shared\ccAlert.dll
      MD5: cb52bf7fe8b0040f79b656ad0677a5d7 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      MD5: 31bb3d651826a44cfbdbd9539f47c6bd C:\Program Files\Common Files\Symantec Shared\ccEmlPxy.dll
      MD5: e68cb1cc26ffc8e3f81476fbebb72947 C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll
      MD5: 694100c8c86c132dd4d8c8f391e1db45 C:\Program Files\Common Files\Symantec Shared\ccEvtPlg.dll
      MD5: 2eefb407244f331d67daaabf2ebd020d C:\Program Files\Common Files\Symantec Shared\ccL60.dll
      MD5: 25eb9415eba0be7f7b13b8c238858b7e C:\Program Files\Common Files\Symantec Shared\ccL608.dll
      MD5: 4a8c16ab9ddae019faa6f6232e29eab4 C:\Program Files\Common Files\Symantec Shared\ccL60U.dll
      MD5: 7727ce5516b32321f5585b0d875ea750 C:\Program Files\Common Files\Symantec Shared\ccL60U8.dll
      MD5: c96f6973377bb453f74e062c50961e4f C:\Program Files\Common Files\Symantec Shared\ccProSub.dll
      MD5: d80efbc1f1d2627dfae9035254b49ece C:\Program Files\Common Files\Symantec Shared\ccScanw.dll
      MD5: f431f614513041ae206f4d15411df1c8 C:\Program Files\Common Files\Symantec Shared\ccSet.dll
      MD5: e260c72ab50ae12eb93a381e5dc6ddfa C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
      MD5: db4cf2ed288ce36c26de8ec3865543e1 C:\Program Files\Common Files\Symantec Shared\ccSetPlg.dll
      MD5: 6359bee771568d2c5baa60eeeb5b5344 C:\Program Files\Common Files\Symantec Shared\ccSvc.dll
      MD5: bda4e1060947fb60585e6cec32b18353 C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      MD5: 8f6ab3c4682134486f57b5bf53838a3d C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
      MD5: ad19bfb510355002bdd4d7324aa3d2d1 C:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll
      MD5: a18aa8f44dc2148702d4cd1af5cede4e C:\Program Files\Common Files\Symantec Shared\COH\sh0008.dll
      MD5: 0837f5d8956f532ca9d38a41a7f11108 C:\Program Files\Common Files\Symantec Shared\dec_abi.dll
      MD5: 25d7a040a493ab91052f9170d4db80d4 C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL
      MD5: 85b8b4032a895a746d46a288a9b30ded C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
      MD5: b5a8a04a6e5b4e86b95b1553aa918f5f C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
      MD5: 52e6b94060cd0cfd882d2fc79aaca97d C:\Program Files\Common Files\Symantec Shared\Global Exceptions\GEDataStore.dll
      MD5: e8e1a53f4daf189a3b5e99228e8c896b C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll
      MD5: 8ec18b87b96c2c875df3effecf836107 C:\Program Files\Common Files\Symantec Shared\rcEmlPxy.dll
      MD5: fe2035a1ccfdd3ae02597eb0f4eeb52c C:\Program Files\Common Files\Symantec Shared\SAVSubmissionEngine\SUBCONN.dll
      MD5: 48ed1365276087fe6f8fca66dd17b8ed C:\Program Files\Common Files\Symantec Shared\SAVSubmissionEngine\SUBENG.dll
      MD5: a0696491bb54209f3925b238900f7204 C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll
      MD5: e87cf104f12c92401c4d33c50a3d5dc8 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
      MD5: be1c0426d50efccab94c964b9f274330 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll
      MD5: c4c08402290c1b403bcf09761a6a6fe3 C:\Program Files\Common Files\Symantec Shared\SRTSP\Srtsp32.dll
      MD5: d6823c28c310601f16035e8b350edf7e C:\Program Files\Common Files\Symantec Shared\vpmsece.dll
      MD5: 2133b82cd52f1b62cdea633769819a60 C:\Program Files\Common Files\System\ado\msado15.dll
      MD5: 142cedecae89e372ee347681c3fbb257 C:\Program Files\Common Files\System\msadc\msadce.dll
      MD5: 81e9041dac0983aace5c8920af73d64e C:\Program Files\Common Files\System\msadc\msadcer.dll
      MD5: 1ed4c96ec76c3ddfcabd7644da23f4b6 C:\Program Files\Common Files\System\Ole DB\msdasql.dll
      MD5: 8985fcece06a74017e23ddd093e34d4e C:\Program Files\Common Files\System\Ole DB\MSDASQLR.DLL
      MD5: 73baffa0b02320690cdc606241078ce4 C:\Program Files\Common Files\System\Ole DB\MSDATL3.dll
      MD5: ea3329e06d7c794b788ceada90ab7000 c:\program files\epson software\easy photo print\eptbl.dll
      MD5: dfd0d26d2056f1d01adcdbb1e851119f C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\fioall32.dll
      MD5: 0bf1785d199b5da3cb6c61d7aeece654 C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Ism.dll
      MD5: 5f725d2b7428ba815126f9efa21a1db9 C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\SASM.dll
      MD5: d3f8a00d598090bfb18e70e02c12e38e C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
      MD5: 80117dbe266de563c7c661562530b556 C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
      MD5: 7741f775060e84319198a7a67f1fe664 C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Tcm.dll
      MD5: 90a3525c7399b7784d28f99ea1a51c4c C:\Program Files\Epson Software\Event Manager\EEventManager.exe
      MD5: baf7bdd5a1eb63acd6eea20d4f731cb0 C:\Program Files\Epson Software\Event Manager\EPNSM.dll
      MD5: 637124cdbff5819cb8a8478838a33048 C:\Program Files\Epson Software\Event Manager\ESPSUTL.dll
      MD5: 4d197238fdfaa5793d1b0961aaef649a C:\Program Files\Epson Software\Event Manager\Mfc42.dll
      MD5: 2fe859e92176a498cc8e1b7c517b137b c:\program files\ibm\java60\jre\bin\jp2ssv.dll
      MD5: 91b6cc872a227917f4bb7e6c63e54f8d C:\Program Files\IBM\Java60\jre\bin\jqs.exe
      MD5: b6708ec93f60ff9e9e40b471e18d34de C:\Program Files\IBM\Java60\jre\bin\MSVCR71.dll
      MD5: c79f452d692b7b3497e7df42d7dad8dd C:\Program Files\IBM\Java60\jre\bin\new_plugin\npjp2.dll
      MD5: 88163b2c6dbc9aa01e0f8a6a1d30392d c:\program files\ibm\java60\jre\bin\ssv.dll
      MD5: e77ff94434214a92d60727b79b9e4651 c:\program files\ibm\java60\jre\lib\deploy\jqs\ie\jqs_plugin.dll
      MD5: 93985e65cece32603a2aa04401c12f00 C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.common_1.7.2\pmonmh.exe
      MD5: bd1365065396629a4deae81d0bb1a1d6 C:\Program Files\IBM\Personal Communications\ATMGRTOK.DLL
      MD5: 2b377bb3b034b455e302216c236c9e18 C:\Program Files\IBM\Personal Communications\csrcmds.exe
      MD5: 93eab3cb8aff91ff9e3cf33aed57e467 C:\Program Files\IBM\Personal Communications\DEFSECUR.DLL
      MD5: 36b07a3f83700c638682636402877f63 C:\Program Files\IBM\Personal Communications\MESSAGE.DLL
      MD5: 02049d17ebfe6680aa52c2b11bf8cd09 C:\Program Files\IBM\Personal Communications\MILLUTIL.DLL
      MD5: af0372229153be7c0a5321e39f2ae20f C:\Program Files\IBM\Personal Communications\MSGIO.dll
      MD5: f1ce013224293c244ef3663502dc881e C:\Program Files\IBM\Personal Communications\NODEINIT.DLL
      MD5: 6b56ddba706352945b9212e9fb817f2d C:\Program Files\IBM\Personal Communications\OOCSVCS2.dll
      MD5: ae3ce1c7345d0c892d05935a932b5107 C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE
      MD5: 630ff361da6e19b5f70a1b96a73dc8bc C:\Program Files\IBM\Personal Communications\PCSCAPI.dll
      MD5: 831c79c762fecafb45e6bc26a2e8d0eb C:\Program Files\IBM\Personal Communications\PCSCDLG.dll
      MD5: 88e7f9c0f16f759330d66ad8451dd401 C:\Program Files\IBM\Personal Communications\PCSCLIB.dll
      MD5: 9456fcfe97aa75ab4ccb830239a131f7 C:\Program Files\IBM\Personal Communications\PCSHELP.dll
      MD5: 37088e2d9dec4eecba9796e1d6097b18 C:\Program Files\IBM\Personal Communications\PCSMSG.dll
      MD5: d9ca54f96a40d874c348d21e21ed7c9e C:\Program Files\IBM\Personal Communications\PCSPREF.dll
      MD5: 9c0eb3dbc68505c04c1e77789d7ff3dd C:\Program Files\IBM\Personal Communications\PCSRTMSN.DLL
      MD5: 61d4df344219e8fa8cf8229508379eec C:\Program Files\IBM\Personal Communications\PCSSFX.dll
      MD5: 074f0e2cb7f0fb750e5036930d2e1c52 C:\Program Files\IBM\Personal Communications\PCSTQ.dll
      MD5: 6d76eb30c9748fa68c74eaf56ae7cc57 C:\Program Files\IBM\Personal Communications\PCSULIB.dll
      MD5: 13fe6127519bc562062c1326eb46d27c C:\Program Files\IBM\Personal Communications\PCSW32X.dll
      MD5: dde64c5dcb949c614522ddb16647cd78 C:\Program Files\IBM\Personal Communications\PCSWLIB.dll
      MD5: 46962f867de62ef85fde1c2cbb4fc462 C:\Program Files\IBM\Personal Communications\PCSWLIBI.dll
      MD5: 326a06927fd2d1a7c758f6f56d4ef77d C:\Program Files\IBM\Personal Communications\PCSZLIB.dll
      MD5: f536d6231190ed081f55f1e878c9d323 C:\Program Files\IBM\Personal Communications\SPELLING.DLL
      MD5: 24c1ef858f65f788b5e5642bf192017e C:\Program Files\IBM\Personal Communications\tpam.exe
      MD5: 50684ba6dd0f92e60593544cb035d2a7 C:\Program Files\IBM\SQLLIB\BIN\DB2APP.dll
      MD5: 9d7c187cfa6d18db29f1479e13425f57 C:\Program Files\IBM\SQLLIB\BIN\db2dascmn.dll
      MD5: 6e30f5aae0edc528768e91029b374962 C:\Program Files\IBM\SQLLIB\BIN\db2g11n.dll
      MD5: 2e239840e78cd4bd7c6b70a9e5d7d981 C:\Program Files\IBM\SQLLIB\BIN\db2genreg.dll
      MD5: 596f06d976cc4547f922b57c7f3b1292 C:\Program Files\IBM\SQLLIB\BIN\db2install.dll
      MD5: 7b7ceb35252e303be8fc2d042035be90 C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
      MD5: b66e0181b0c82fe3da6e54db7b782639 C:\Program Files\IBM\SQLLIB\BIN\db2locale.dll
      MD5: 6d09cd41855ca35af550a186472cf3ba C:\Program Files\IBM\SQLLIB\BIN\db2osse.dll
      MD5: 7e364a3254814e020b31aa9dfc8e7d97 C:\Program Files\IBM\SQLLIB\BIN\db2osse_db2.dll
      MD5: c564b096750032c53154d139bd08837e C:\Program Files\IBM\SQLLIB\BIN\db2sec.dll
      MD5: 3b00274d653f20312167c2202e95de32 C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
      MD5: 35e69e43f893f3e4ed198b6f4076ccac C:\Program Files\IBM\SQLLIB\BIN\DB2SYS.dll
      MD5: c967401077f92a6a82cef5380c63348b C:\Program Files\IBM\SQLLIB\BIN\DB2SYSP.dll
      MD5: 9a44890c461f26f7d2aa50db4721468d C:\Program Files\IBM\SQLLIB\BIN\db2trcapi.dll
      MD5: d19fea679943384f5b68a0ebec9c1325 C:\Program Files\IBM\SQLLIB\BIN\DB2WINT.dll
      MD5: 7c3c8a244a716db1157299f0d250dfb4 C:\Program Files\IBM\Tivoli\Remote Control\Target\trc_base.exe
      MD5: b58b0175c86a51ef1d5fef5269a77fe7 C:\Program Files\IBM\Trace Facility\FMT_UTIL.dll
      MD5: 73e4ed3af2f8711a5f11116a2122d04a C:\Program Files\IBM\Trace Facility\NSTRC.dll
      MD5: 96a7b21920c24d1e9213a3380a58d885 C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
      MD5: 45b91426298d80c09bd9eb39eec783eb C:\Program Files\Intel\WiFi\bin\DbEngine.dll
      MD5: fe29bbf76408f47bbfef0e2cd5ccb891 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      MD5: e4bf614d90beb9b3d14766c2caf09808 C:\Program Files\Intel\WiFi\bin\IntStngs.dll
      MD5: 94c05fc35da65070f225394f2f6e7ab9 C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
      MD5: c2115e933eb3191acc259d93b895592b C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\SupplicantPlugin.dll
      MD5: 021f75f21a27894de232fa7c0fa3f16d C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\WSCPlugin.dll
      MD5: 97cd0f7ce8b3f6f27543b5ce1552e167 C:\Program Files\Intel\WiFi\bin\MurocAPI.dll
      MD5: ca201adf6382c5cd55f697a10b1f4ea7 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
      MD5: 0acf9b6bbd8b0f45f1b9a1f6c48c8e9f C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
      MD5: 7aa2508f722d9bda462664cc82e16f28 C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
      MD5: a1f0844af36034e34bf59039f963dc90 C:\Program Files\Intel\WiFi\bin\supplicant.dll
      MD5: b306ab1a1cf5a3c652466f74f7ee27d2 C:\Program Files\Internet Explorer\ieproxy.dll
      MD5: 0a7b01235b1cbfa387b04a91e2f2b7d0 C:\Program Files\Internet Explorer\plugins\nppdf32.dll
      MD5: 854274ac89f9b0aa0dd7dee518c225a7 C:\Program Files\Internet Explorer\xpshims.dll
      MD5: 5e8e149b3c0dc48b35f1a12de3b41267 C:\Program Files\LENOVO\HOTKEY\hotkey.dll
      MD5: fce735941da27929dbfc1918f286ffd8 C:\Program Files\Lenovo\HOTKEY\micmute.exe
      MD5: 65539d7206aec4f53e71197bf33a8ac4 C:\Program Files\LENOVO\HOTKEY\micmutex.dll
      MD5: 4ae8ee3649926228fb68eb9999037699 C:\Program Files\LENOVO\HOTKEY\spkvolxp.dll
      MD5: 88d609bfdeb7e013e9e491434190ba43 C:\Program Files\Lenovo\HOTKEY\tphkload.exe
      MD5: 9e6e4a9789f76593cc5a6a5af8fc5929 C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
      MD5: 68687605b22bd00fd6f018fa611d84e4 C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
      MD5: b105c799c83d2cff8bc1dc672b758639 C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
      MD5: bdd131ab7aace0300cf5cf2a13625b5c C:\Program Files\Lenovo\HOTKEY\tposd.dll
      MD5: 6e5e3c98a40d873fab931d8c79717be4 C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
      MD5: ed64cb9ad1401edbbfc4cee2c021b7a8 C:\Program Files\Lenovo\ZOOM\tpfsm.dll
      MD5: 913c3c7a71d2a1b6f570c8ac837c7e85 C:\Program Files\Lenovo\ZOOM\TpScrex.exe
      MD5: 8584a25222700fcbd4eb0cca13bdaaf3 C:\Program Files\MANDIANT\MANDIANT Intelligent Response Agent\miragent.exe
      MD5: 8eaf3534d677c7b95671623370063382 C:\Program Files\Mozilla Firefox\plugins\npcpsweb.dll
      MD5: 1444a2fc91abe45185eeb096ff98f6fd C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
      MD5: 0a7b01235b1cbfa387b04a91e2f2b7d0 C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
      MD5: 022b33f67543b587a8c2f424b10f6d32 C:\Program Files\PGP Corporation\PGP Desktop\checktdt.dll
      MD5: 46ded1c3c75bc7df09cc202d66cbd5fa C:\Program Files\PGP Corporation\PGP Desktop\PGPATClientDLL.dll
      MD5: 700c4be16330815cec765475f182ddd5 C:\Program Files\PGP Corporation\PGP Desktop\PGPolplg.dll
      MD5: 73bc405ee27b1f5092729ecf705bd155 C:\Program Files\PGP Corporation\PGP Desktop\PGPtray.exe
      MD5: bc52abff6df2befa45cc11d67ccc72e8 C:\Program Files\PGP Corporation\PGP Desktop\RDDService.exe
      MD5: 52df05892db5e199d3732f124ff0875c C:\Program Files\PGP Corporation\PGP Desktop\tdtclientsdk3.dll
      MD5: 86e99e1222e671408ed5e8618521aeeb C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
      MD5: 105ed75f4cee9e58152061520daa4abd C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl
      MD5: 9c2543a7ac524caa63b26a16d4e3ad39 C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
      MD5: b009d6171147be129636a49c4178e487 C:\Program Files\Spybot - Search & Destroy 2\LIBEAY32.dll
      MD5: 4c867b62f6100c107a3a8f5e7a10461d C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl
      MD5: fad9807acde89a34d2eb4743d57016d7 C:\Program Files\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
      MD5: d6cc267b372bfea2657872865c1b2d2d C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll
      MD5: 0671a791c292f46423cfe37b53d598d0 C:\Program Files\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
      MD5: 206387ab881e93a1a6eb89966c8651f1 C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
      MD5: 240f3f7f2db45cfeaae7b5aeeaec10c1 C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
      MD5: 36a82c214b46787385f3b0cd02ecaa88 C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
      MD5: a0e86ba4b3e56c1dc277bd7ccec555da C:\Program Files\Spybot - Search & Destroy 2\SDResources.dll
      MD5: e4a0900cf535888ddd85b10040ca3e34 C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
      MD5: b5a4eba9487f08becc843a87422b8052 C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
      MD5: 452db84283eb2f043827ac95d62ce19c C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
      MD5: a529cfe32565c0b145578ffb2b32c9a5 C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
      MD5: cb63bdb77bb86549fc3303c2f11edc18 C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
      MD5: 0fdabb1fd68cbc557084e16b0ea2f731 C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl
      MD5: 9244e0240a1d150581c3baa89d8aa154 C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
      MD5: fa27f4df4015b22f04b5d18044a24322 C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
      MD5: 14361fb2fd630988816a4f46aeaf0684 C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
      MD5: d21ab32f16e8de67d45e5a383b5e52ba C:\Program Files\Spybot - Search & Destroy 2\ssleay32.dll
      MD5: d9af104f7e21fa859efa3c67e5522e88 C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl
      MD5: aeb9dd47b76075b05e27874384544f39 C:\Program Files\Spybot - Search & Destroy 2\vclie150.bpl
      MD5: 4aa01bd5cc7da9888af33c5fab5bf1dd C:\Program Files\Spybot - Search & Destroy 2\vclimg150.bpl
      MD5: 5422cb64444c33f029483552a8face37 C:\Program Files\Spybot - Search & Destroy 2\vclx150.bpl
      MD5: 8f220dcb4aa4b2a12ece5b87c701170d C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
      MD5: aed853b8da53dc5de49bff4c5d006fab C:\Program Files\Symantec\Symantec Endpoint Protection\AVMan.plg
      MD5: 2c172d4925d689bc322da85242286acb C:\Program Files\Symantec\Symantec Endpoint Protection\AvPluginImpl.dll
      MD5: 379bfbab17f797c83ef796a719338171 C:\Program Files\Symantec\Symantec Endpoint Protection\Cliproxy.dll
      MD5: e925e475b507ab397dd1d25871fe9f6c C:\Program Files\Symantec\Symantec Endpoint Protection\DataMan.dll
      MD5: 17cba9110d423f0030e2c42e28440d4d C:\Program Files\Symantec\Symantec Endpoint Protection\deuParser.dll
      MD5: 22c2e54f5c4c8869c863aa2d7ba08734 C:\Program Files\Symantec\Symantec Endpoint Protection\devman.plg
      MD5: fa16b219b730ee9f2e25299e88d5001a C:\Program Files\Symantec\Symantec Endpoint Protection\GUProxy.plg
      MD5: 1e092d954a1553bff28ffcabef7f2fa6 C:\Program Files\Symantec\Symantec Endpoint Protection\HPPProtectionProviderUI.dll
      MD5: 2b4795de0babcefce917554a271560a5 C:\Program Files\Symantec\Symantec Endpoint Protection\I2ldvp3.dll
      MD5: 84f0239dfdec33f3d169541282554770 C:\Program Files\Symantec\Symantec Endpoint Protection\IdsTrafficPipe.dll
      MD5: 40bb40e17db5b3c9f29507bc7f8a9b8b C:\Program Files\Symantec\Symantec Endpoint Protection\IMail.dll
      MD5: e4515dc6fef3ee3c1690e8461c45a13e C:\Program Files\Symantec\Symantec Endpoint Protection\LuMan.plg
      MD5: c3bd7b6c0f7a391aea013559d18b1cb4 C:\Program Files\Symantec\Symantec Endpoint Protection\ManagedUnloader.dll
      MD5: fcaf43e9c5127c48eac9ab291f7c9f42 C:\Program Files\Symantec\Symantec Endpoint Protection\NacManager.plg
      MD5: bdb94fcc1e74b59ba01b5c99eef0563a C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL
      MD5: aed49b7051a3d76318b07ba846baf164 C:\Program Files\Symantec\Symantec Endpoint Protection\Netport.dll
      MD5: ab774f911c8d9201f57a7a9b87c370c3 C:\Program Files\Symantec\Symantec Endpoint Protection\NotesExt.dll
      MD5: e284089b5b89ad11d1809213b33e7803 C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionProviderPS.dll
      MD5: 75cc55ba1248fe128623c24b18eb469c C:\Program Files\Symantec\Symantec Endpoint Protection\ProtectionUtil.dll
      MD5: dfb10a9e0aa9a7538ce6eb4f97656368 C:\Program Files\Symantec\Symantec Endpoint Protection\PSSensor.dll
      MD5: 294e443ede0f8e9c12a4189ff4ce4a22 C:\Program Files\Symantec\Symantec Endpoint Protection\RasSymEap.dll
      MD5: 70b2ced5435a3eeabaeb603bc1bdd9f6 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\ActaRes.dll
      MD5: 8d359f5abf92da123ec7573f4b1ed3f6 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\AvManRes.dll
      MD5: e8d8292417beae6f9fdc09aaae5454dc C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\DevManRes.dll
      MD5: c5b472488084f57c734442d0ce51cd9b C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\GUProxyRes.dll
      MD5: fa901c4ca8cbb2ea1be5aad15b8fe29d C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\HPPProtectionproviderUIRes.dll
      MD5: 898e270c1394891706e7596dd7691132 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\IMailRes.dll
      MD5: 80d686f707060e77a81d95bea4a04cf9 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\LUManRes.dll
      MD5: 335589e865132477e1995d2215192cb3 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\NotesExtRes.dll
      MD5: 8705f14cf91c8c29562f52fca7191ed1 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\ProtectionUtilRes.dll
      MD5: 6b534e3a777c5eca3ffe2eecee882f61 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\PScanRes.dll
      MD5: a088f44f3e76939b2938abf1af6f5fa6 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SavMainUIRes.dll
      MD5: c44bae414cafaff51feb59624bdd9a03 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SAVSubmitterRes.dll
      MD5: 4591e46f00276640a3acbe0e9f978805 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SfManRes.dll
      MD5: 09141d7c492a85a3b9934b111039cff3 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SgHIRes.dll
      MD5: 496806c62eb8067a5053ad1df9da1403 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SmcGuiRes.dll
      MD5: bd712b67bb76c6669421de550855b48a C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SmcRes.dll
      MD5: 2d0517280f7c101d6bf7bec7b969fa57 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SpNetRes.dll
      MD5: 7295fb59174792691685de4c3db37fdd C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SUBRES.loc
      MD5: 8e5b21546db7d57926039a47d75da17e C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SyLinkRes.dll
      MD5: 7dc4b5d58880c5a4c6438d572fe959dd C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\TseRes.dll
      MD5: 6aed09c1d177f8cfc06b001705d70d46 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\VpmSeceRes.dll
      MD5: ec44bd2dd59d67b03b6e14daad265627 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\VpShellRes.dll
      MD5: dc358448cd60f6739c58361a0a5fda0b C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
      MD5: 4e89b3dce5fb3a3ea3af5cdbff58b2d4 C:\Program Files\Symantec\Symantec Endpoint Protection\RTVScanPS.dll
      MD5: 47303bf57da1c3c6235002043353e1e9 C:\Program Files\Symantec\Symantec Endpoint Protection\SavEmail.dll
      MD5: 1b2345f5235035a1d3b2aed232705bef C:\Program Files\Symantec\Symantec Endpoint Protection\SavMainUI.dll
      MD5: 073aaa1ddf88daab0315667013d4c28d C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSesHlp.dll
      MD5: eadd26fbb8ee0eaaf39a336b0a43cf8a C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSubmitter.dll
      MD5: f49a1fc165f8edad0b45f1b516823e02 C:\Program Files\Symantec\Symantec Endpoint Protection\SescLUPS.dll
      MD5: f684dc8f5d3e8fc182210356cc7f68c2 C:\Program Files\Symantec\Symantec Endpoint Protection\SfConfig.dll
      MD5: 34d19c00d6fde86ae742918b75b1881c C:\Program Files\Symantec\Symantec Endpoint Protection\sfman.plg
      MD5: 24333dd51634bf433fe7b69bdfa2481e C:\Program Files\Symantec\Symantec Endpoint Protection\SgConfig.dll
      MD5: 002844686be8771789055888aa2b0c63 C:\Program Files\Symantec\Symantec Endpoint Protection\SgHI.dll
      MD5: 16176075021462d37edabb98dea753d0 C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
      MD5: 09196f86a56f818fa31b6888e0e23ca1 C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
      MD5: 1c48f2df2cf97504169e63c37a2818b2 C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
      MD5: 3166c67a1a18aa928f636313c7becd62 C:\Program Files\Symantec\Symantec Endpoint Protection\SnacNp.dll
      MD5: 85a727f1438ffcce69d9bcb368d146d4 C:\Program Files\Symantec\Symantec Endpoint Protection\SpNet.dll
      MD5: 7559a06e91f31bb026cb13decdcfb05a C:\Program Files\Symantec\Symantec Endpoint Protection\SSSensor.dll
      MD5: c4c69e251fdc1f7f473d0dc321f896af C:\Program Files\Symantec\Symantec Endpoint Protection\SyLink.dll
      MD5: ebd56ccf0407aa9e27c752f7c800f03b C:\Program Files\Symantec\Symantec Endpoint Protection\SyLog.dll
      MD5: b41b9c3c9d9b46fe8dbc8b721ced1aee C:\Program Files\Symantec\Symantec Endpoint Protection\SymProtectStorage.dll
      MD5: a53c0cc574a206494a0ba9495784918b C:\Program Files\Symantec\Symantec Endpoint Protection\SymRasMan.dll
      MD5: 1778b697715fbe8c319f8dde3449645d C:\Program Files\Symantec\Symantec Endpoint Protection\tfman.dll
      MD5: 34b98dbb7b2da8930f17036cc70436e6 C:\Program Files\Symantec\Symantec Endpoint Protection\Trident.dll
      MD5: 117a876792da8375c14d43c8b3d33ebf C:\Program Files\Symantec\Symantec Endpoint Protection\tse.dll
      MD5: 71261f9a78152f43e021b4cbc63c21c6 C:\Program Files\Symantec\Symantec Endpoint Protection\TseConfig.dll
      MD5: c6f0dafaf5fcb329d4d60c1b177ae6fe C:\Program Files\Symantec\Symantec Endpoint Protection\vpshell2.dll
      MD5: 73574ad20015ec5839af445282af6f1a C:\Program Files\Symantec\Symantec Endpoint Protection\wpsman.dll
      MD5: 4532a5e1a86501e75c1519278cdbd6b6 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      MD5: 06dbf92c0bbca1ce81210c3627eb1da2 C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
      MD5: 1c629172843fee8bf09916c6cc088b1b C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      MD5: 4b9e1a7798a80d075f53d1049fd4dab0 C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
      MD5: eaf4e898e55bd9b20633cf0696cb7d37 C:\Program Files\ThinkPad\Bluetooth Software\BtBalloon.dll
      MD5: 8322c90a26e08eded69d8b974ceda52a C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
      MD5: 73a226fae5a95a525906e6c0016ed979 C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll
      MD5: 89eb4c341432d7bdb9653eea410fbd65 C:\Program Files\ThinkPad\ConnectUtilities\Access Connections.exe
      MD5: 3458ceaf8f31f05922a88fc28d36eddb C:\Program Files\ThinkPad\ConnectUtilities\ACComWrapper.dll
      MD5: c983a0466e28de1f0182e497c20e166b C:\Program Files\ThinkPad\ConnectUtilities\ACCOMWrapperLib.dll
      MD5: a9d3922eb92f7cf826706dd9d3b8c861 C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll
      MD5: e1ab3b77900d8d13fbe358f621bb1bad C:\Program Files\ThinkPad\ConnectUtilities\ACGina.dll
      MD5: e5708d5b7777d076cb83c5233471de7f C:\Program Files\ThinkPad\ConnectUtilities\ACGolan.DLL
      MD5: 3e34781e3e4406f6a74abbdcfaec7baf C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll
      MD5: 375dc53b8e7935f1b29770ba71e8415e C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll
      MD5: 5c290ff97493edc76f18fce6b1040da2 C:\Program Files\ThinkPad\ConnectUtilities\AcLocMigrator.dll
      MD5: 8c5d579d980329c89bfdc0fe0cf1cbc5 C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll
      MD5: c187e2fc1a2589fcf65861fbd5e6085c C:\Program Files\ThinkPad\ConnectUtilities\ACNewBiosHelper.dll
      MD5: 70a2fa0748c4316af36ffc24b888597c C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll
      MD5: 6700daf946dc246cdcc9afe3400ca5f4 C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll
      MD5: 4cc12645f3e79699b8e3a793107941ff C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll
      MD5: 02150acb98286c98cd00a3b5d0daea44 C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
      MD5: 3f5f79c8ac89aae8b696b68ac9898890 C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll
      MD5: bf7d32fa7ceba8fab34049dbc8631b2e C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
      MD5: 5a64d2735b252ae16043ef62466d25da C:\Program Files\ThinkPad\ConnectUtilities\AcSvcHlpr.dll
      MD5: eaa6b49d528771e712eb74973c3af89c C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll
      MD5: ec716dc6a1bdf8c20bd4d3c6a3db3afb C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
      MD5: c3f86e128195825372a7631a8628a867 C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll
      MD5: 68cf077b6d04c9c77e5fa9e9a9a714eb C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
      MD5: e27528c3413d25ffff8496c390720b4f C:\Program Files\ThinkPad\ConnectUtilities\ACWpfAdvUIHlpr.dll
      MD5: b9ca003ee37722f82e33c199abf9626f C:\Program Files\ThinkPad\ConnectUtilities\AcWrpc.dll
      MD5: 1c2355d7a6b2941170c5ab71dfc8107f C:\Program Files\ThinkPad\ConnectUtilities\ANC.dll
      MD5: 6f8decc0ff846a3ce883effee621ec84 C:\Program Files\ThinkPad\ConnectUtilities\ANCA.dll
      MD5: 3c955ee3a7688b238219af1f959ef02e C:\Program Files\ThinkPad\ConnectUtilities\AxInterop.P2PControlLib.dll
      MD5: cba134d93fe91fac5b2a394cce6f7fcf C:\Program Files\ThinkPad\ConnectUtilities\CommunityMgr.dll
      MD5: 550d6b1760c86e519f42fdfd59465385 C:\Program Files\ThinkPad\ConnectUtilities\en-US\Access Connections.resources.dll
      MD5: 293b06405a527b9ca0c17833359f18dc C:\Program Files\ThinkPad\ConnectUtilities\Interop.P2PControlLib.dll
      MD5: 015e39e02e0b9d805c748a33655ab279 C:\Program Files\ThinkPad\ConnectUtilities\P2PControl.dll
      MD5: d6aca7e4106d658e50821dd0499b8f9f C:\Program Files\ThinkPad\ConnectUtilities\P2PWrap.dll
      MD5: f304e4770cc40586cfbc7aa8d3d47e99 C:\Program Files\ThinkPad\ConnectUtilities\Res\US\GUIHlprRes.dll
      MD5: 2d36b7cecf6fa4df506173929011358b C:\Program Files\ThinkPad\ConnectUtilities\Res\US\IconRes.dll
      MD5: 564a3db19877527b20eb0929c63aa078 C:\Program Files\ThinkPad\ConnectUtilities\Res\US\MainGUIRes.dll
      MD5: fe9e78cac62ab66937e69102f245bc58 C:\Program Files\ThinkPad\ConnectUtilities\Res\US\P2PRes.dll
      MD5: 7fc967aead5abed1cdc3661f8cd3bfc0 C:\Program Files\ThinkPad\ConnectUtilities\Res\US\SvcHlprRes.dll
      MD5: 2a2801d070173ed1921598ae4afe4a2f C:\Program Files\ThinkPad\ConnectUtilities\Res\US\TrayRes.dll
      MD5: db24b6e10948d9f49affe987f2c6977b C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
      MD5: e3a1066ad542e7a5ccad7375cb62fba7 C:\Program Files\ThinkPad\ConnectUtilities\ThinQCon.dll
      MD5: 78995d3fd1dd4d3726acd30e90d9b727 C:\Program Files\ThinkPad\TpShocks\MUI\0409\TpShocks.dll
      MD5: d951ae42cb19417e0e9a2222c73ccc04 C:\Program Files\ThinkPad\Utilities\ATM.DLL
      MD5: a4ecdd165b0f7ee9e44a569881f4ca6d C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
      MD5: ff4bc6ae139a83268d01dfb781d3d294 C:\Program Files\ThinkPad\Utilities\EN-US\PWMUIAux.resources.dll
      MD5: 790ae923769aced1d6313eea202508ad C:\Program Files\ThinkPad\Utilities\libeay32.dll
      MD5: 64fb20f4df685e0550744c31771d27bd C:\Program Files\ThinkPad\Utilities\libewsdk.dll
      MD5: 1275eba5a13135f65665a155f61789f2 C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
      MD5: bb232ee2820093d13af78f3c6a67f49f C:\Program Files\ThinkPad\Utilities\PWMEWSVC.exe
      MD5: 5bddb9b3e1bfbc54111d3d13ede04eac C:\Program Files\ThinkPad\Utilities\PWMIDTSK.EXE
      MD5: 3901a53b6aa11b2a77ae5097555f90c1 C:\Program Files\ThinkPad\Utilities\PWMUICtl.DLL
      MD5: fbbbf08f47e963dac9729ac2cece2a9e C:\Program Files\ThinkPad\Utilities\PWRMGR.DLL
      MD5: 066639024532ac5dc3d728b9b114ff5b C:\Program Files\ThinkPad\Utilities\PWRMGRIF.DLL
      MD5: b11423e434e456d384aa318e1f94e342 C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL
      MD5: 64049c54939fd7bb2987c758f1d6d984 C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
      MD5: caf8cddc8edcb91f2d7ea55f100c9e3b C:\Program Files\ThinkPad\Utilities\US\PWRMGRRO.DLL
      MD5: 2a1439c6a1418f24c68646b8204d9c42 C:\Program Files\ThinkPad\Utilities\US\PWRMGRRT.DLL
      MD5: dd326ccc410a884b01b167e457d8e8c8 C:\Program Files\ThinkVantage Fingerprint Software\bio.dll
      MD5: aa0563dfa273b60a0e823b86ee8dc18d C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll
      MD5: fa04af70dbd720da4d471cb35c9f004c C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll
      MD5: 0f6511db9a3e98eabda054b1dcb23d9f C:\Program Files\ThinkVantage Fingerprint Software\infql2.dll
      MD5: d273c5676483be9c325502032c9b439e C:\Program Files\Thinkvantage Fingerprint Software\launcher.exe
      MD5: e0d5d88b72cfc3a5708198db6b2a4bda C:\Program Files\ThinkVantage Fingerprint Software\ps2css.dll
      MD5: 78f27737ea8990be87937b7db185ded5 C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
      MD5: 88bb563595411e790c83acdc5235cdfe C:\Program Files\ThinkVantage Fingerprint Software\qlbase.dll
      MD5: 0b9c01236d25bdcb37aa79dc59dfb7d3 C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
      MD5: c59e1c0d72eca03f22dd130157995ee5 C:\Program Files\ThinkVantage Fingerprint Software\sysset.dll
      MD5: 90012fb281b393f9f6a6689bcd4cb64b C:\PROGRA~1\AD-AWA~1\AdAware.exe
      MD5: 0458acdaece682c5ec34d01bc88cec03 C:\PROGRA~1\AT&TNE~2\netcfgsvr.exe
      MD5: 8e4c77ad9bb279900c00f870cc0c674b C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130112.007\NAVENG.SYS
      MD5: 826f699b69e88a3920c70f344dd42d88 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130112.007\NAVEX15.SYS
      MD5: 90a3525c7399b7784d28f99ea1a51c4c C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
      MD5: 68687605b22bd00fd6f018fa611d84e4 C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
      MD5: b105c799c83d2cff8bc1dc672b758639 C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.exe
      MD5: 913c3c7a71d2a1b6f570c8ac837c7e85 C:\PROGRA~1\Lenovo\ZOOM\TpScrex.exe
      MD5: 9e25ffba1ee26abfe7b9319f8ef3f771 C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      MD5: 64049c54939fd7bb2987c758f1d6d984 C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.EXE
      MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
      MD5: 77e6673a112c98f99ef44776f4de2e4d C:\WINDOWS\AppPatch\AcLayers.DLL
      MD5: 2cfe88ee740380f4b594b2de58aa933d C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
      MD5: 09523afbc5937d7cc786fc9c74d2d516 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
      MD5: 17170ef2e1b181cbf056a894362a4b69 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\2e26794770e6d33cf79a7f8daa4a48c3\PresentationCore.ni.dll
      MD5: b9153b3a2f653ded6560fb8aad38ae08 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\0f410e5729f64f2acc084505f01f863f\PresentationFontCache.ni.exe
      MD5: 98aca424f22691965bd079b8deef68a1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2abe0b9f0e996273614f4cf1f6808eed\PresentationFramework.ni.dll
      MD5: b70e45ba7880fe0aa47cd98fbb0f2d28 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a351cdca2d71ee68ae3a581e13553b19\PresentationFramework.Luna.ni.dll
      MD5: 0c720c33e8d28ad60b7932ead82309ea C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll
      MD5: 7a7831a07950cd7e8ac82afa7e44a816 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
      MD5: 741bdba1e61da6c56dd1c13bddf1a7ee C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll
      MD5: 5a2fdf0d90643a3279e14e1525d02773 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll
      MD5: c3fed6bbc024aaffe6969fd4ee9f5941 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
      MD5: 4b3685aa700084e4ed6635fc1efd9cc2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
      MD5: c4177ade85770a781692dbc5bc060931 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\0b5c7d832d0a10ddcfa764d3e4adce14\UIAutomationProvider.ni.dll
      MD5: c87fed0bf3ca6e9a5d7ea4b1b947ac89 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\4b889e41364baff1e456817b4777b610\WindowsBase.ni.dll
      MD5: 2a2ad2d9f37f6d178e69f6c211ae7e01 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a4e685acd7537546624b27000fade8ac\WindowsFormsIntegration.ni.dll
      MD5: 01e2eca759056f23c73a035fdabb2d6d C:\WINDOWS\Downloaded Program Files\dwusplay.exe
      MD5: 2f74a2c57a8f87846e2606cd738f3520 C:\WINDOWS\Downloaded Program Files\isusweb.dll
      MD5: 56940b50ab0e5923822f47b0e4463885 C:\WINDOWS\Downloaded Program Files\qsax.dll
      MD5: 219af0f9a54ebeeb3e7e20025d801034 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll
      MD5: 723528449ed0d1b0ad98af3edf23101d c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
      MD5: f282d4edd85d53e20d902cc92190c5f5 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
      MD5: fb53a700132d9a97d1e10e9f80bd6174 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
      MD5: 36ba8022693af7e967359ff3f97531d7 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll
      MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
      MD5: 82a98d0eb83505529ad81e4c1fadc37d c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
      MD5: f5df6846f30e9f54ea60ccaeb3fb2055 c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
      MD5: 1f1d608abcc34ca2a5369c95b47605f0 C:\WINDOWS\system32\ATL71.DLL
      MD5: cfd4e51402da9838b5a04ae680af54a0 c:\windows\system32\browser.dll
      MD5: b218af9e706d47ff01403d62796840fc C:\WINDOWS\system32\BROWSEUI.dll
      MD5: 558f0dffd81fd4ebce2e28a63ae6d076 C:\WINDOWS\system32\bthcrp.dll
      MD5: 9bb43c3c0e6bdcc42ed3ae66ab7ce438 C:\WINDOWS\system32\btmmhook.dll
      MD5: fcee79ea3b5676f391542efc4f724421 C:\WINDOWS\system32\btncopy.dll
      MD5: cc21b362149e80d8fce85d3b35a4c256 C:\WINDOWS\system32\btosif.dll
      MD5: 798563c5cb086a56506f873c3b4a7eca C:\WINDOWS\system32\btrez.dll
      MD5: 0e270c1d650d087027b54d1aa093f727 C:\WINDOWS\system32\btwhidcs.DLL
      MD5: b3a6aae959c4730acad83c35625e3298 C:\WINDOWS\system32\btwicons.dll
      MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll
      MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
      MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll
      MD5: 6bee5d4eff0a0341bcc4a462d81ccfc1 C:\WINDOWS\system32\CRYPT32.dll
      MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
      MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\System32\CSCDLL.dll
      MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll
      MD5: 0607cbc6fa20114cb491efe4b2f9efad C:\WINDOWS\system32\d3d9.dll
      MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL
      MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll
      MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll
      MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
      MD5: 1875f492c399db858e77c1b29366d54b C:\WINDOWS\system32\DRIVERS\5U877.sys
      MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys
      MD5: 4c1cce14c407079393e71f8848062629 C:\WINDOWS\system32\DRIVERS\agnfilt.sys
      MD5: 685443afa5d1a94c5f47e4846b0e4c3d C:\WINDOWS\system32\DRIVERS\agnwifi.sys
      MD5: 93b5133e966df72b54df89ccfa529df1 C:\WINDOWS\system32\drivers\ahcix86.sys
      MD5: 11ab185a7af224800bbfb5b836974a17 C:\WINDOWS\System32\drivers\ANC.SYS
      MD5: 8d0fa15eda636ca9ef84ca10b557bfbb C:\WINDOWS\System32\drivers\anydlc.sys
      MD5: 424bcffcfad92ffd9607adbda3a61374 C:\WINDOWS\System32\drivers\appn.sys
      MD5: e8dbd0a8e875e013aa419ece8c2ce6e7 C:\WINDOWS\System32\drivers\appnapi.sys
      MD5: 00406ae76e464be093492b026bfd585a C:\WINDOWS\System32\drivers\AppnBase.sys
      MD5: 1126d882b0a0c62c3944621134bd31dd C:\WINDOWS\system32\Drivers\appnnode.exe
      MD5: 50b570e4209f6d401893720fc8ddce46 C:\WINDOWS\System32\DRIVERS\ApsHM86.sys
      MD5: df6a84dd19d3c0858d707b5e64938d60 C:\WINDOWS\System32\DRIVERS\Apsx86.sys
      MD5: 255284c2475588f79edea559d8d110f7 C:\WINDOWS\system32\DRIVERS\avpnnic.sys
      MD5: 8a8fd355547b50bd5be0bc473c0af148 C:\WINDOWS\system32\DRIVERS\b57xp32.sys
      MD5: 658548bdda675ae2e36aa5604f8e9549 C:\WINDOWS\system32\DRIVERS\btkrnl.sys
      MD5: 108d22ae4b97307668ae5f951aed72d1 C:\WINDOWS\system32\drivers\CHDRT32.sys
      MD5: c348e3288d3d9f2d26f4097496c143a2 C:\WINDOWS\system32\Drivers\COH_Mon.sys
      MD5: 022c82d96a910937cce7d09c0d66bad6 C:\WINDOWS\system32\drivers\cstrcser.exe
      MD5: 6d279bb0de1d8e34f454e1b353f4d738 C:\WINDOWS\System32\DRIVERS\DozeHDD.sys
      MD5: f1ebf5b469f38379285e79b043527cfd C:\WINDOWS\system32\DRIVERS\e1c5132.sys
      MD5: 483924f92e55a5f9423201ec635e2ced C:\WINDOWS\system32\drivers\gfibto.sys
      MD5: d86ac00883b9c98b570e7643aaf8e554 C:\WINDOWS\system32\DRIVERS\HECI.sys
      MD5: f4037a3fedb92dd97c95f320766ea5c9 C:\WINDOWS\System32\Drivers\iaStor.sys
      MD5: 3a7dbe81ec5edb96a0a61c7d4af3198d C:\WINDOWS\system32\Drivers\IBMBLDID.sys
      MD5: fa3d0a6da7bb7968efe5c5bc267f0e55 C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
      MD5: 14c665264ee51dfe6ae9dfdf9c5511f2 C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
      MD5: 34ee48d11c584eedb59fd0d537ac2296 C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
      MD5: 918526321f24c48ec6ed3a3d6d0082fe C:\WINDOWS\system32\DRIVERS\isamfilter.sys
      MD5: 9bdcb099c70a8a34027472c7015d3d31 C:\WINDOWS\System32\drivers\klognt.sys
      MD5: 807c1f45b82b2ea58b267319d5a7bb32 C:\WINDOWS\system32\drivers\ldlcserv.exe
      MD5: c195e72d474c5e9c374a2ba1e83cf986 C:\WINDOWS\system32\drivers\ldlcserv6.exe
      MD5: aaafeaa4ad70b914d26e6e0b247748a4 C:\WINDOWS\system32\DRIVERS\llc2.sys
      MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys
      MD5: 32e6902485c5add8e4c6cd21545d5133 C:\WINDOWS\system32\DRIVERS\NETwNx32.sys
      MD5: 14b34f111a956d521c4d5cc621bfe52b C:\WINDOWS\System32\drivers\nstrcnt.sys
      MD5: 7bc8027d56fab153a987c56ae9835664 C:\WINDOWS\system32\DRIVERS\pcntpci5.sys
      MD5: 1a20045d45f5c79bf40e886a894f5d9c C:\WINDOWS\System32\drivers\pdlnacom.sys
      MD5: c408088387da52f128d93f63e1b77641 C:\WINDOWS\System32\drivers\pdlnafac.sys
      MD5: 5bc4d7417f2e9cd9818ee9889b3af2f0 C:\WINDOWS\System32\drivers\pdlncbas.sys
      MD5: 88701b6d773063914251de75cae14812 C:\WINDOWS\System32\drivers\pdlncfwk.sys
      MD5: 78b3fea51744118c12766207f0d067db C:\WINDOWS\System32\drivers\pdlndint.sys
      MD5: 581965f4635c6f2d50e5162871ca2c1c C:\WINDOWS\System32\drivers\pdlndldl.sys
      MD5: ac89149e7d672d342678be7914ca57b6 C:\WINDOWS\System32\drivers\pdlndldl6.sys
      MD5: d8fc6eefe54adab545c51bf57eb7d9f4 C:\WINDOWS\System32\drivers\pdlndlpb.sys
      MD5: f6b028d0fa6865aca1aa1270ac5fd48a C:\WINDOWS\System32\drivers\pdlndoem.sys
      MD5: d65cdd4c4263e57304d1a379cdf4b5a2 C:\WINDOWS\System32\drivers\pdlndqll.sys
      MD5: b9fbaed8bcd410d2a541de9a802825bd C:\WINDOWS\System32\drivers\pdlndsdl.sys
      MD5: 6b02c106a9d255c64323ac99050be135 C:\WINDOWS\System32\drivers\pdlnebas.sys
      MD5: 2425f8135194512035f2397cc26f6c06 C:\WINDOWS\System32\drivers\pdlnecfg.sys
      MD5: a5467a900f36db4ab90f009e74ab3fb8 C:\WINDOWS\System32\drivers\pdlnemap.sys
      MD5: 7382bde29bccc7a6dbd7f2544377cb18 C:\WINDOWS\System32\drivers\pdlnemsg.sys
      MD5: b0b5b052778b394eb4517dcb1f5d2d33 C:\WINDOWS\System32\drivers\pdlnepkt.sys
      MD5: bbea7524158e822107f17b3bebbf8e79 C:\WINDOWS\System32\drivers\pdlnshay.sys
      MD5: d6bb9f2ba19e2e6ff1992c8f80b8c59f C:\WINDOWS\System32\drivers\pdlnslea.sys
      MD5: c191d58c4966d62f6bcbae022d7b23b6 C:\WINDOWS\System32\drivers\pdlnsv25.sys
      MD5: cc6d622860b1e81460df2b93b97c463a C:\WINDOWS\System32\drivers\pdlnsx25.sys
      MD5: 7d1f2a3cd5ec30fc6d59fb6dc1ec3447 C:\WINDOWS\System32\Drivers\PGPsdk.sys
      MD5: d1f77e5f123a5c961554a31a1f8ab213 C:\WINDOWS\system32\DRIVERS\Pgpwdefs.sys
      MD5: fa292805788528c083f416e151b60ab6 C:\WINDOWS\system32\drivers\PMEMNT.SYS
      MD5: 651d3abc1d82d61b6cfb40cb947b3db3 C:\WINDOWS\system32\DRIVERS\psadd.sys
      MD5: 9ebc0f4b55ec20e91fe40ac83825836c C:\WINDOWS\system32\DRIVERS\risdxc86.sys
      MD5: 27fc71da659305e260acbda15a318399 C:\WINDOWS\system32\DRIVERS\s24trans.sys
      MD5: 9aac267a225f3caebb9e633f7eb16e4b C:\WINDOWS\system32\DRIVERS\smiif32.sys
      MD5: 620bbcc5c4c4407447866793c36e1215 C:\WINDOWS\System32\Drivers\SRTSP.SYS
      MD5: 995e15de499ca58445e39a2fba7d170e C:\WINDOWS\System32\Drivers\SRTSPL.SYS
      MD5: 1b63f794f283b974a79084514df206a0 C:\WINDOWS\System32\Drivers\SRTSPX.SYS
      MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
      MD5: 8afa1b80366276f8345a6b61e0df2f3e C:\WINDOWS\system32\DRIVERS\stm_tpm.sys
      MD5: ab33c3b196197ca467cbdda717860dba C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
      MD5: 24a0901cafcee7343ee62565bcfb7c9a C:\WINDOWS\system32\DRIVERS\symmpi.sys
      MD5: 4db524dcd5cece0349d9f8c3738da0b2 C:\WINDOWS\system32\DRIVERS\SynTP.sys
      MD5: c8f9eb4ac42740d036b0b9f0809b335b C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys
      MD5: 58e3eb5a5c78740c5870eee6648ccc46 C:\WINDOWS\System32\Drivers\tcusb.sys
      MD5: 75346634d815c9fda103ae5fada072b3 C:\WINDOWS\system32\DRIVERS\teefer2.sys
      MD5: 8aef2188630f5ecd79ad9abba630630b C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys
      MD5: c037817e2498d9db736e4ba355b1f4e7 C:\WINDOWS\System32\drivers\Tppwrif.sys
      MD5: 814dbd3c6a41d80bed130b06bfbbc4c7 C:\WINDOWS\system32\Drivers\trcboot.exe
      MD5: c2f196b0b0f80ed121fd9146eba2587e C:\WINDOWS\system32\DRIVERS\vmci.sys
      MD5: fde704c302da333e0c91f9e8c56e203d C:\WINDOWS\system32\Drivers\vmdebug.sys
      MD5: 82132036ee4d3e8aa3e73feebe1a9741 C:\WINDOWS\system32\DRIVERS\vmscsi.sys
      MD5: 4319450cf04d2eaf4f80f1ef53628aff C:\WINDOWS\system32\DRIVERS\vmx_svga.sys
      MD5: d81ef0d8716500a573cd82185ef3e42d C:\WINDOWS\system32\drivers\wpsdrvnt.sys
      MD5: c306d2037ec147c7c663994f12b87f1e C:\WINDOWS\system32\drivers\WpsHelper.sys
      MD5: b20dd954d1ad81e47018a2033e233a32 C:\WINDOWS\system32\E_FLBFBB.DLL
      MD5: e063b92725af8769268c7594e9505dc4 C:\WINDOWS\SYSTEM32\EGATHDRV.SYS
      MD5: f5b754cdea20bbb3a31e16a776ede6d6 C:\WINDOWS\system32\ESENT.dll
      MD5: 0e13deaa35e93ea67c84c7c7236722ad C:\WINDOWS\system32\gpkcsp.dll
      MD5: 0e6a744c3b40a0f19d16c605646415d2 C:\WINDOWS\system32\gpkrsrc.dll
      MD5: e75463b95cb67b77bb6fa71e4f0539e8 C:\WINDOWS\system32\gptext.dll
      MD5: 2aa08d8de386444502f4afa0c4b934b1 C:\WINDOWS\system32\hccutils.DLL
      MD5: 643a54df06d9edfa902e62e8ec9dc46d C:\WINDOWS\system32\hkcmd.exe
      MD5: 495f184a29b80b51735bcee91d84fe8f C:\WINDOWS\system32\ibmpmsvc.exe
      MD5: 903c8c110131b8a71501514b61a17761 C:\WINDOWS\system32\ieframe.dll
      MD5: 7b6f5a09bcb1e8017a964ffe0992e8f6 C:\WINDOWS\system32\iepeers.dll
      MD5: 994b77915ea49a467cda144806ae42d6 C:\WINDOWS\system32\iertutil.dll
      MD5: 041de090f9c89393b7beadedc9068f40 C:\WINDOWS\system32\igfxdev.dll
      MD5: a4ff043f71cfe88016c80e1ada46d2f6 C:\WINDOWS\system32\IGFXEXPS.DLL
      MD5: b2866512a0487d6b59d4ae86f93ae52b C:\WINDOWS\system32\igfxext.exe
      MD5: 9fa4c05663a403dc2ef990e43c859221 C:\WINDOWS\system32\igfxpers.exe
      MD5: b7425ee9fabdb3cbbd32b6631939923d C:\WINDOWS\system32\igfxrENU.lrc
      MD5: d9b6441e7dd31f3ad5e93127593de59f C:\WINDOWS\system32\igfxress.dll
      MD5: a78211598e5dd764fe77812348f967a0 C:\WINDOWS\system32\igfxsrvc.dll
      MD5: 9ad8d09b340ccd64eb89c10121200be7 C:\WINDOWS\system32\igfxsrvc.exe
      MD5: 988584bd95d58b44774208038e6f1f23 C:\WINDOWS\system32\igfxtray.exe
      MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll
      MD5: 024dc0f68df5fd6ae9dd82dfbaf479d6 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
      MD5: 63e8d944afbeebb243f25c4ed07e74c5 C:\WINDOWS\system32\inetmib1.dll
      MD5: 1206e36eb45cd0372fa200b3b0bb7841 C:\WINDOWS\system32\javacypt.dll
      MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\system32\jscript.dll
      MD5: ca3b195d98bdbbb7d50c70372cf3005f C:\WINDOWS\system32\jsproxy.dll
      MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll
      MD5: 6fe42512ab1b89f32a7407f261b1d2d0 C:\WINDOWS\system32\kernel32.dll
      MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll
      MD5: 5677dfe438ec1f009273fc84feed6b10 C:\WINDOWS\system32\localspl.dll
      MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll
      MD5: 25def2ef843275862ffbf55487cefddd C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx
      MD5: 95ce557d16a75606ccc2d7f3b0b0bccb C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      MD5: 54fc590185d7d00d65e53b9a5990dc14 C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
      MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL
      MD5: f6f2bfc17069eb335acceef7595f9302 C:\WINDOWS\system32\MFC42u.DLL
      MD5: 12f8cb899b4c14b76ecd251986362788 C:\WINDOWS\system32\MFC71U.DLL
      MD5: 9c46e5c82f94d9aedd2ce798f0df1158 C:\WINDOWS\system32\mshtml.dll
      MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll
      MD5: e75aa32c6b79c846f5314ca4da92f29e C:\WINDOWS\system32\msjava.dll
      MD5: 9e70016c950b1f8fdeaa6f067e2e25a8 C:\WINDOWS\system32\msjet40.dll
      MD5: 7e2b58ce8c4013287371667880b1080d C:\WINDOWS\system32\MSJINT40.DLL
      MD5: c7e39ea41233e9f5b86c8da3a9f1e4a8 C:\WINDOWS\system32\mspmsnsv.dll
      MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\System32\MSWSOCK.dll
      MD5: afdc647d16b285b9ae6140335b3b3255 C:\WINDOWS\system32\mswstr10.dll
      MD5: acfee2392503dd5e457363a0510b8bcb C:\WINDOWS\system32\msxml3.dll
      MD5: cac752bf84db4666ed3ce0948e6ea937 C:\WINDOWS\system32\NETAPI32.dll
      MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\system32\NETSHELL.dll
      MD5: 5e28284f9b5f9097640d58a73d38ad4c C:\WINDOWS\system32\notepad.exe
      MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
      MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll
      MD5: 2c288aa87e4723ac9ff4d76a192ec3f8 C:\WINDOWS\system32\odbccp32.dll
      MD5: 5ce275cdc5ffb77b1ec29dbdfe4b6689 C:\WINDOWS\system32\odbcji32.dll
      MD5: 1b05dcc75fbb903a17e3e0ddaea8d508 C:\WINDOWS\system32\odbcjt32.dll
      MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll
      MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\OLEACC.dll
      MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll
      MD5: d44ab658261de714facf005000509536 C:\WINDOWS\system32\pdclntif.dll
      MD5: 154363396dabb181aeb95fba33b0b475 C:\WINDOWS\system32\pdresrc.dll
      MD5: dbe2b62353660ecca0d75ea307a717e9 C:\WINDOWS\system32\Perfctrs.dll
      MD5: 7bd4d531aa0958178243bc24080e9b61 C:\WINDOWS\system32\PGPcl.dll
      MD5: 5019fab7b162c072b6682d6dff64c305 C:\WINDOWS\system32\PGPdskEn.dll
      MD5: 6ffbb79da417d9eefbb6f4b0982a6e90 C:\WINDOWS\system32\PGPdskUI.dll
      MD5: 3de72d0ff0a2004cfbb5619988ab1ef7 C:\WINDOWS\system32\PGPdydbg.dll
      MD5: e86baa1bea168d30acd32fbba370b13b C:\WINDOWS\system32\PGPhk.dll
      MD5: 18c6f097c8650646f1bac4b7294bb35c C:\WINDOWS\system32\PGPiconv.dll
      MD5: af0762c985a1335c016300a7db0d206f C:\WINDOWS\system32\PGPmn.dll
      MD5: 1a8229808228ff16746139982f8267cf C:\WINDOWS\system32\PGPmnp.dll
      MD5: 4ef2670c20fd6db3a84e35614ca06e1d C:\WINDOWS\system32\PGPSC.DLL
      MD5: 6d7eb5be28ab135985bf3edc14c6825f C:\WINDOWS\system32\PGPsdk.dll
      MD5: e2ef41066fd56c07a3f4b9070b63ba7f C:\WINDOWS\system32\PGPsdkNL.dll
      MD5: 22415eedd0b973a72118cbd56a6f3e61 C:\WINDOWS\system32\PGPsdkUI.dll
      MD5: 8676713c68ec4b8209199bd8d1b3fd78 C:\WINDOWS\system32\PGPwd.dll
      MD5: c199fa438badf5cf6c82b3f2bfd524f7 C:\WINDOWS\system32\PGPwdesdk.dll
      MD5: 77de1f81666a4766bfed712dc7232f4e C:\WINDOWS\system32\PresentationNative_v0300.dll
      MD5: c65122b94f7c82065fe86c32cf271f6d C:\WINDOWS\system32\reg.exe
      MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
      MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll
      MD5: ff257ccca321cd2a697bb5ca38c9ec87 C:\WINDOWS\system32\SCARDDLG.dll
      MD5: 11e41821248e9704d5f392eda5f01572 C:\WINDOWS\system32\sccbase.dll
      MD5: 2f43f90516ecd8ab23d64dcc9e13602b C:\WINDOWS\system32\SccSCCP.DLL
      MD5: 0f64207b49390c8063c36ae7cbf9c2db C:\WINDOWS\system32\schannel.dll
      MD5: f0a0ebf086597e645bc14b0d98f8ba58 C:\WINDOWS\system32\ScrRun.dll
      MD5: 8bcd11d38fce43a519246a91cc40de6a C:\WINDOWS\system32\SECURITY.DLL
      MD5: 66fa7e71a8d6aa2b3c88406980571590 C:\WINDOWS\system32\selpms.dll
      MD5: 80414bb030e344f18264f577f4fe6abf C:\WINDOWS\system32\Sensor.dll
      MD5: 653cc3873858fc4473f800228053364b C:\WINDOWS\system32\SHDOCVW.dll
      MD5: 6843d54bc4a40cc8c5741af750233d10 C:\WINDOWS\system32\SHELL32.dll
      MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll
      MD5: 200c3f8e80b72b63558b3bc47a6807a0 C:\WINDOWS\system32\slbcsp.dll
      MD5: 421b2f81cbb65f94a70a3316c7be0e7c C:\WINDOWS\system32\SlbIop.dll
      MD5: 7ac2182fa963efd2f72e8399bf0e67f9 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBB.EXE
      MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
      MD5: 77a54bdfbad4604e6131ae68e3cf76d6 C:\WINDOWS\system32\SrClient.dll
      MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll
      MD5: d66709f79d595dd378c995c3347349c1 C:\WINDOWS\system32\sstext3d.scr
      MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll
      MD5: d5795b6b750832c15644eb37b58532e9 C:\WINDOWS\system32\SynCOM.dll
      MD5: f875c3eba1e0b1f50d045eb30a64327c C:\WINDOWS\system32\SynTPAPI.dll
      MD5: d87438f321aff5da590f90edc680e3af C:\WINDOWS\SYSTEM32\SYSFER.DLL
      MD5: 2e5d84c3d4301701cf7f977c15df905d C:\WINDOWS\system32\tgrab.sys
      MD5: 1f98a2433555dd854cb4e2edc819deb4 C:\WINDOWS\System32\TPHDEXLG.exe
      MD5: 3f5b6c88c15498e0d4deefa45f3a8e09 C:\WINDOWS\system32\TpShocks.exe
      MD5: bca608797a3e8eec0094cd6d596d77d7 C:\WINDOWS\system32\urlmon.dll
      MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
      MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\System32\USP10.dll
      MD5: 0dfa4d5e8205614eda53394e637812e4 C:\WINDOWS\system32\VDMDBG.DLL
      MD5: 9af7d69ba8e58573721c8b6785db4dc3 C:\WINDOWS\system32\VMHELPER.DLL
      MD5: e4e0ed7b6fc7070d7085fc8a969e794f C:\WINDOWS\system32\vrlogon.dll
      MD5: e837fdbb92e9873e538395b623f45462 C:\WINDOWS\system32\wbem\cimwin32.dll
      MD5: 4306fa2f1099d7c606139255fdb62b19 C:\WINDOWS\System32\Wbem\framedyn.dll
      MD5: c7000f2db2a5515c64c257478769a481 C:\WINDOWS\system32\wbem\unsecapp.exe
      MD5: 960f6d3cd9a1ba6435d7aadd102b297f C:\WINDOWS\system32\wbem\wmiprov.dll
      MD5: 8432a8217a75a2857ffb10f9aa5e1415 C:\WINDOWS\system32\wbtapi.dll
      MD5: 7a81d6cefb55c0abd620ef817b6248ee C:\WINDOWS\system32\wiadss.dll
      MD5: bf67ac2c1f41be892b98e9b8e91c0cb8 C:\WINDOWS\system32\wiashext.dll
      MD5: 9b25daf8f5104130582ed2037a23c6ee C:\WINDOWS\system32\WidcommSdk.dll
      MD5: 5f63e2b2a72e1e6448123e0920d31530 C:\WINDOWS\system32\WindowsCodecs.dll
      MD5: eb2d2e05e471208cd651ddcdf77904bf C:\WINDOWS\system32\WindowsCodecsExt.dll
      MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll
      MD5: 9ad88ea663124336e88eb031f917ce20 C:\WINDOWS\system32\WININET.dll
      MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\System32\WINMM.dll
      MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
      MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll
      MD5: d458b738b4c2ce33174cfb2ce12412db C:\WINDOWS\system32\WINTRUST.dll
      MD5: 9eefe69139fdbb4a3c327630f8eb993a C:\WINDOWS\system32\wlanapi.dll
      MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll
      MD5: 6472932f2b6084ea1fb3f7f9493ac640 C:\WINDOWS\system32\wshom.ocx
      MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll
      MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\System32\xpsp2res.dll
      MD5: 6b5070f063ce5536a6c883b671e05884 C:\WINDOWS\TWAIN_32.DLL
      MD5: d5e459bed3db9cf7fc6cc1455f177d2d C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL
      MD5: 1d109ed0d660654ea7ff1574558031c4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
      MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll
      MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
      MD5: 1f5afd468eb5e09e9ed75a087529eab5 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80.DLL
      MD5: e2c48cd0132d4d1dc7d0df9a6bef686a C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80U.DLL
      MD5: 28a09777d2d952122567a8a82f1a2c7b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\MFC80ENU.DLL
      MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
      MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll


      Archivo no enviado

      Scan finished - communication took 7 sec
      Total traffic - 0.04 MB enviado, 1.61 KB recibido
      Scanned 1130 files and modules - 60 seconds

      ==============================================================================

    6. #6
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: OS Attack: MS RPCSS Attack CVE-2004-0116 2

      Hola!

      Voy a necesitar algo de tiempo para analizar tu archivo de Bit Defender, pero en principio ya de entrada veo cosas sospechosas realízame los siguientes pasos:

      Descarga/Actualiza/Ejecuta este programa Malwarebytes Anti-Malware 1.65.1 | InfoSpyware => Manual de Malwarebytes Anti-Malware 2

      Realiza un Análisis completo, seleccionando todo lo que te salga y borrándolo según la imagen que te muestro:



      Ejecuta ESET SMART INSTALLER

      teniendo en cuenta que antes de iniciar el análisis tienes que tener las casillas seleccionadas tal y como se ven en la imagen Y DESHABILITAR TEMPORALMENTE TU ANTIVIRUS => Cómo deshabilitar temporalmente su Antivirus:



      Por otro lado tienes el Ad-Aware Instalado en el Equipo y habría que desinstalarlo. Vamos a ver los resultados de estos análisis y seguimos.


      Saludos!

    7. #7
      Usuario Avatar de serko71
      Registrado
      jul 2005
      Ubicación
      Argentina
      Mensajes
      39

      Re: OS Attack: MS RPCSS Attack CVE-2004-0116 2

      Buen dia!

      Tengo los reportes de Malwarebytes y Ad-Aware para mostrarte pero no sé como pegar la imagen por aqui...

    8. #8
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: OS Attack: MS RPCSS Attack CVE-2004-0116 2

      Cita Originalmente publicado por serko71 Ver Mensaje
      Buen dia!

      Tengo los reportes de Malwarebytes y Ad-Aware para mostrarte pero no sé como pegar la imagen por aqui...
      Hola!

      el del Ad-aware en principio no lo necesito al margen de que tienes el NORTON! o el Ad-Aware o el NORTON tener 2 Antivirus, como que es incompatible, por eso te dije que tendríamos que desinstalar el Ad-aware, porque pensé que trabajabas con el NORTON.

      El reporte que te pedí fue el del ESET (fíjate en el Post anterior)

      De momento me pegas el del Malwarebytes, lo ejecutas te vas a la pestaña REGISTROS del Programa y clickeas sobre el que hicistes. Te saldrá una Venana con los resultados, simplemente tienes que seleccionar todo y pegármelo aquí.

      Por favor no le pongas ningún marco, se hace más complicada su lectura.

      Un saludo.
      Última edición por Gemsa_03 fecha: 14/01/13 a las 09:38:59 Razón: correción

    9. #9
      Usuario Avatar de serko71
      Registrado
      jul 2005
      Ubicación
      Argentina
      Mensajes
      39

      Re: OS Attack: MS RPCSS Attack CVE-2004-0116 2

      Malwarebytes' Anti-Malware 1.46
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: 912122806

      Windows 5.1.2600 Service Pack 3
      Internet Explorer 8.0.6001.18702

      13/01/2013 11:31:40
      mbam-log-2013-01-13 (11-31-40).txt

      Tipos de Análisis: Análisis Rápido
      Objetos examinados: 0
      Tiempo transcurrido: 3 segundo(s)

      Procesos en Memoria Infectados: 0
      Módulos de Memoria Infectados: 0
      Claves del Registro Infectadas: 0
      Valores del Registro Infectados: 0
      Elementos de Datos del Registro Infectados: 0
      Carpetas Infectadas: 0
      Archivos Infectados: 0

      Procesos en Memoria Infectados:
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Infectados:
      (No se han detectado elementos maliciosos)

      Claves del Registro Infectadas:
      (No se han detectado elementos maliciosos)

      Valores del Registro Infectados:
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Infectados:
      (No se han detectado elementos maliciosos)

      Carpetas Infectadas:
      (No se han detectado elementos maliciosos)

      Archivos Infectados:
      (No se han detectado elementos maliciosos)

    10. #10
      Usuario Avatar de serko71
      Registrado
      jul 2005
      Ubicación
      Argentina
      Mensajes
      39

      Re: OS Attack: MS RPCSS Attack CVE-2004-0116 2

      Ad-Aware - Report

      Cookie: Tracking Cookies Cuenta de rastros: 8 Nivel: Low
      Trojan.Java.Generic (v) Cuenta de rastros: 1 Nivel: Elevated
      Trojan.Win32.Generic!BT Cuenta de rastros: 1 Nivel: High
      Trojan.Win32.Generic!BT Cuenta de rastros: 1 Nivel: High
      Trojan.Win32.Generic!BT Cuenta de rastros: 1 Nivel: High
      Trojan.Win32.Generic!BT Cuenta de rastros: 1 Nivel: High
      Trojan.Win32.Generic!BT Cuenta de rastros: 1 Nivel: High

    Página 1 de 2 12 ÚltimoÚltimo