1 respuesta
BitDefender QuickScan Beta 32-bit v0.9.9.10
-------------------------------------------
Scan date: Fri Mar 19 17:48:18 2010
Machine ID: 289DDCED
No infection found.
---------------------
Processes
---------
<unsigned> Ares p2p for windows 1928 C:\Archivos de programa\Ares\Ares.exe
<unsigned> MessengerDiscovery 2 3216 C:\Archivos de programa\MessengerDiscovery 2\MessengerDiscovery 2.exe
<unsigned> Proxy Switcher 296 C:\Windows\Temp\RarSFX0\ProxySwitcher.exe
<unsigned> Sistema operativo Microsoft® Windows® 1672 C:\WINDOWS\Explorer.EXE
<unsigned> TaskSwitchXP 1884 C:\Archivos de programa\TaskSwitchXP\TaskSwitchXP.exe
<verified> AVG Anti-Spyware 3612 C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
<verified> AVG Anti-Spyware 1380 C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\guard.exe
<verified> ESET Smart Security 1876 C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe
<verified> ESET Smart Security 1844 C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe
<verified> Firefox 3616 C:\Archivos de programa\Mozilla Firefox\firefox.exe
<verified> GoogleToolbarNotifier 2008 C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
<verified> Microsoft Search Enhancement Pack 1992 C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
<verified> Microsoft® Windows® Operating System 2752 C:\WINDOWS\System32\alg.exe
<verified> Microsoft® Windows® Operating System 628 C:\WINDOWS\system32\csrss.exe
<verified> Microsoft® Windows® Operating System 708 C:\WINDOWS\system32\lsass.exe
<verified> Microsoft® Windows® Operating System 1448 C:\WINDOWS\system32\spoolsv.exe
<verified> Microsoft® Windows® Operating System 868 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 936 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1048 C:\WINDOWS\System32\svchost.exe
<verified> Microsoft® Windows® Operating System 1136 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1168 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1180 C:\WINDOWS\system32\svchost.exe
<verified> Sistema operativo Microsoft® Windows® 696 C:\WINDOWS\system32\services.exe
<verified> Sistema operativo Microsoft® Windows® 564 C:\WINDOWS\System32\smss.exe
<verified> Sistema operativo Microsoft® Windows® 2180 C:\WINDOWS\system32\wbem\wmiapsrv.exe
<verified> Sistema operativo Microsoft® Windows® 652 C:\WINDOWS\system32\winlogon.exe
<verified> Skype 1968 C:\Archivos de programa\Skype\Phone\Skype.exe
<verified> Windows Live Communications Platform 2360 C:\Archivos de programa\Windows Live\Contacts\wlcomm.exe
<verified> Windows Live Messenger 2020 C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe
<verified> Windows® Internet Explorer 700 C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
<verified> Windows® Internet Explorer 3284 C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
Network activity
----------------
Process ekrn.exe (1844) connected on port 80 (HTTP) - 173.194.5.36
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 40700 - 201.248.100.174
Process ekrn.exe (1844) connected on port 80 (HTTP) - 199.7.51.190
Process ekrn.exe (1844) connected on port 80 (HTTP) - 69.192.117.115
Process ekrn.exe (1844) connected on port 80 (HTTP) - 69.192.124.20
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 44800 - 201.254.27.184
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.157
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.157
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 91.103.140.2
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 60355 - 201.87.34.41
Process ekrn.exe (1844) connected on port 80 (HTTP) - 69.192.115.190
Process ekrn.exe (1844) connected on port 8976 - 201.243.39.86
Process ekrn.exe (1844) connected on port 80 (HTTP) - 69.192.124.20
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 59824 - 190.191.23.228
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.157
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 91.103.140.2
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.113
Process svchost.exe (936) listens on ports: 135 (RPC)
Process Ares.exe (1928) listens on ports: 37139
Autoruns and critical files
---------------------------
<unsigned> Ares p2p for windows C:\Archivos de programa\Ares\Ares.exe
<unsigned> Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
<unsigned> Microsoft® Windows® Operating System C:\WINDOWS\system32\wpdshserviceobj.dll
<unsigned> Proxy Switcher C:\Windows\Temp\RarSFX0\ProxySwitcher.exe
<unsigned> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\shell32.dll
<unsigned> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\stobject.dll
<unsigned> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\XPize_Logon.exe
<unsigned> TaskSwitchXP C:\Archivos de programa\TaskSwitchXP\TaskSwitchXP.exe
<verified> AVG Anti-Spyware C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
<verified> AVG Anti-Spyware C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
<verified> ESET Smart Security C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe
<verified> GoogleToolbarNotifier C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\browseui.dll
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\crypt32.dll
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\cscdll.dll
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\sclgntfy.dll
<verified> Sistema operativo Microsoft® Windows® c:\windows\system32\userinit.exe
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\wlnotify.dll
<verified> Skype C:\Archivos de programa\Skype\Phone\Skype.exe
<verified> UpdateTask.exe C:\Archivos de programa\Ask.com\UpdateTask.exe
<verified> Windows Live Messenger C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe
<verified> Windows® Internet Explorer C:\WINDOWS\system32\msfeedssync.exe
<verified> Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
Browser plugins
---------------
<unsigned> Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
<verified> AcroIEHelper Library c:\archivos de programa\archivos comunes\adobe\acrobat\activex\acroiehelper.dll
<verified> BitDefender QuickScan C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles/owz4hikz.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
<verified> BitDefender QuickScan C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles/owz4hikz.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
<verified> GoogleToolbarNotifier C:\Archivos de programa\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
<verified> Java(TM) Platform SE 6 U6 c:\archivos de programa\java\jre1.6.0_06\bin\ssv.dll
<verified> Microsoft Office Live Plug-in for Firef C:\Archivos de programa\Microsoft\Office Live\npOLW.dll
<verified> Microsoft® Windows Live Login Helper c:\archivos de programa\archivos comunes\microsoft shared\windows live\windowslivelogin.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
<verified> Mozilla Default Plug-in C:\Archivos de programa\Mozilla Firefox\plugins\npnul32.dll
<verified> MSN® Games by Zone.com C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
<verified> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
<verified> Silverlight Plug-In c:\Archivos de programa\Microsoft Silverlight\3.0.40624.0\npctrl.dll
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\mswsock.dll
<verified> Skype add-on for IE c:\archivos de programa\skype\toolbars\internet explorer\skypeieplugin.dll
<verified> Windows Live® Photo Gallery C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll
<verified> Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
Scan
----
<unsigned> MD5: 2094bc9a0fc9c0e15eea5f4a9581dd14 C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\pdfshell.dll
<unsigned> MD5: bc24cfb8f1f16ec9fe70da796a160f1f C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\pdfshell.ESP
<unsigned> MD5: d1ea7694103f5d5cf11148f9b3864c45 C:\Archivos de programa\Ares\Ares.exe
<unsigned> MD5: 6256684495c499b22dcdba266e4f2494 C:\Archivos de programa\Messenger Plus! Live\Detoured.dll
<unsigned> MD5: 55c499f8004d63dd8adac79b883c3dcf C:\Archivos de programa\MessengerDiscovery 2\FacebookChat.dll
<unsigned> MD5: 40a0bf95cb736aa613f1cc60de32f827 C:\Archivos de programa\MessengerDiscovery 2\MessengerDiscovery 2.exe
<unsigned> MD5: 675df665b29327821f4d1e2a1b7b9734 C:\Archivos de programa\MessengerDiscovery 2\MessengerDiscovery.dll
<unsigned> MD5: 462e2f4886a0b389d4fda12a15f8219a C:\Archivos de programa\Mozilla Firefox\freebl3.dll
<unsigned> MD5: 52d4d6ec27a57313ab9f90e242c3cfa4 C:\Archivos de programa\Mozilla Firefox\nssdbm3.dll
<unsigned> MD5: a87b04299a14747bbcbe8cb4147612c2 C:\Archivos de programa\Mozilla Firefox\softokn3.dll
<unsigned> MD5: aceb501dc6253d26039cde2fe82a5576 C:\Archivos de programa\TaskSwitchXP\TaskSwitchXP.exe
<unsigned> MD5: d223b2c353d7f5e31b9a9380f1b9bc21 C:\Archivos de programa\Windows Live\Messenger\winmm.dll
<unsigned> MD5: 6782482a8ca4b5b5dab4ef0ad78db08f C:\Archivos de programa\Windows Media Player\WMPNetwk.exe
<unsigned> MD5: 023707d932ba31314210e6844d33d500 C:\Archivos de programa\WinRAR\RarExt.dll
<unsigned> MD5: 2d9bee70f34804e100be045c8d9f1e03 C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.Resources.dll
<unsigned> MD5: 5c56f1ec6be61288fb67e711dcf5220c C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\system.Resources.dll
<unsigned> MD5: 34b0bb91b09af174154bbaf040f785d1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll
<unsigned> MD5: da082d7cc5a7aa678fb788bc918df4c1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll
<unsigned> MD5: fb26856e8f3ea6dfec9966cd758b328a C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll
<unsigned> MD5: 3704e1f3c1b9aeeac42273257e9b31c9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll
<unsigned> MD5: f19b6174910758a5c357307f75412df1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0898f6c1de8cb89413d206e3d6a3ce1d\System.Runtime.Remoting.ni.dll
<unsigned> MD5: 3bd2d7dc0f9edd459dd459dc1c1bd1ea C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll
<unsigned> MD5: 74d8a0ce2d39a418cc0c21606525d856 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll
<unsigned> MD5: fd38968f97b8b7c38a426f36e970d09e C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll
<unsigned> MD5: 7902e805358f27489e67d6dfa45e764b C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll
<unsigned> MD5: c6c729770d9c3a0ad4d2d28788e71684 C:\WINDOWS\Explorer.EXE
<unsigned> MD5: a54235d77f14c5dba7931be1ebfd1763 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
<unsigned> MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
<unsigned> MD5: c974bfebdef0470e89957b9f432c1138 C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
<unsigned> MD5: 7f8c02a65b9d239cfda6b0ff763d1d61 C:\WINDOWS\system32\batmeter.dll
<unsigned> MD5: 7a0db315dc490c1a46bccb0ba49119ec C:\WINDOWS\system32\clipsrv.exe
<unsigned> MD5: d3a0d61c0fb1eb3b356ff8b5098080d4 C:\WINDOWS\system32\cmd.exe
<unsigned> MD5: 23a4de3c19fc4c39dad85ef47afae4e0 C:\WINDOWS\system32\comdlg32.dll
<unsigned> MD5: bc40a2de9fb2c8a551a240f2359c8f30 C:\WINDOWS\system32\comres.dll
<unsigned> MD5: f41e8f9f1ece5a9cff554df23681e699 C:\WINDOWS\system32\credui.dll
<unsigned> MD5: 91b125637c9acd7b4981248887058f31 C:\WINDOWS\system32\cryptui.dll
<unsigned> MD5: 685b000a5f55c3b3f087c69be961d354 C:\WINDOWS\system32\cscui.dll
<unsigned> MD5: 97d44ee3e44cdc7035e3cb2ef20babdb C:\WINDOWS\system32\ctfmon.exe
<unsigned> MD5: e31a5ec3b52a3ebc9e86e9c8d58f8f78 C:\WINDOWS\system32\drivers\kernel86x.sys
<unsigned> MD5: cd2425fd848e5fa09c9a213da56817a9 C:\WINDOWS\System32\Drivers\Pcouffin.sys
<unsigned> MD5: 71e276f6d189413266ea22171806597b C:\WINDOWS\System32\Drivers\sptd.sys
<unsigned> MD5: c2bdea3b5e025fadb79fd3deb23b8f53 C:\WINDOWS\system32\DRIVERS\tcpip.sys
<unsigned> MD5: f15feafffbb3644ccc80c5da584e6311 C:\WINDOWS\system32\DRIVERS\WudfPf.sys
<unsigned> MD5: 28b524262bce6de1f7ef9f510ba3985b C:\WINDOWS\system32\DRIVERS\wudfrd.sys
<unsigned> MD5: 62a0b06ffc7acf71e5cf50c9dc328b45 C:\WINDOWS\system32\inetres.dll
<unsigned> MD5: 3aa281e94a161421c423471c61baacaf C:\WINDOWS\system32\mapi32.dll
<unsigned> MD5: 55c30168142479c602bd456ac4e230b0 C:\WINDOWS\system32\mfplat.dll
<unsigned> MD5: 6d17c6a55178b3863948d70bbaa0ab1b C:\WINDOWS\system32\msdtc.exe
<unsigned> MD5: cac544cc0f6df0a92a8fd6ce16c107b9 C:\WINDOWS\system32\msgina.dll
<unsigned> MD5: 8c22083ed515dc94d575438662f0be6a C:\WINDOWS\system32\msi.dll
<unsigned> MD5: c51b4a5c05a5475708e3c81c7765b71d C:\WINDOWS\system32\mspmsnsv.dll
<unsigned> MD5: f2c5ad0b86e9b50de1e80673cd0205e0 C:\WINDOWS\system32\msxml3.dll
<unsigned> MD5: 1c32b7c105189e413501ebb0d1c25067 C:\WINDOWS\system32\mydocs.dll
<unsigned> MD5: 31fb4b337dd09bdf99429d7dbb5fdd48 C:\WINDOWS\system32\netfxperf.dll
<unsigned> MD5: b670c30917199fc87be35f3b171d250e C:\WINDOWS\system32\netshell.dll
<unsigned> MD5: 7be85db60c977603c21cae861df3e99c C:\WINDOWS\system32\odbcint.dll
<unsigned> MD5: 9d45b2201d0ecf9f42136c7b99deb8b2 C:\WINDOWS\system32\portabledeviceapi.dll
<unsigned> MD5: 22358578cb321f3325496a3723029409 C:\WINDOWS\system32\portabledevicetypes.dll
<unsigned> MD5: 454c8c1b7f167ffb3cba92b8058873a6 C:\WINDOWS\system32\quartz.dll
<unsigned> MD5: 5a55cabb03c399ddf183d9ff697551d6 C:\WINDOWS\system32\rasdlg.dll
<unsigned> MD5: a6f7b3910acebfd5a91a00896dec8ccf C:\WINDOWS\system32\regedt32.exe
<unsigned> MD5: b31e39edf8b9926ff013bb85c1ddbad2 C:\WINDOWS\system32\setupapi.dll
<unsigned> MD5: 3615d9152fc2c2a4d9dee1c9384daa70 C:\WINDOWS\system32\sfc_os.dll
<unsigned> MD5: 2a7eb3a8dff3222708548b4927f1a456 C:\WINDOWS\system32\shdoclc.dll
<unsigned> MD5: 728dc62ad5ca9211534c4f5861b62ddd C:\WINDOWS\system32\shell32.dll
<unsigned> MD5: 439ed51a1907314c6f637aec5a0d64ba C:\WINDOWS\system32\stobject.dll
<unsigned> MD5: 34cc6e80e6f1e2faefe3407a66c982e6 C:\WINDOWS\system32\sxs.dll
<unsigned> MD5: 4e8bd710fc30fc5fecc8c4d4abdaa83c C:\WINDOWS\system32\themeui.dll
<unsigned> MD5: 60ec27b523f189f955af4819cc392914 C:\WINDOWS\system32\uxtheme.dll
<unsigned> MD5: 8255fceef3566c44e6f2bcfe15eb198f C:\WINDOWS\system32\wmadmod.dll
<unsigned> MD5: 7365b5ca9747c84178d42cca72486277 C:\WINDOWS\system32\wmasf.dll
<unsigned> MD5: 711ce861c22e64ab180ba9887ef8dda9 C:\WINDOWS\system32\wmvcore.dll
<unsigned> MD5: 045e228f71c31901084b64be59093499 C:\WINDOWS\system32\wpdshserviceobj.dll
<unsigned> MD5: 05231c04253c5bc30b26cbaae680ed89 C:\WINDOWS\System32\WUDFSvc.dll
<unsigned> MD5: 58898f52ec07f3ec41c9afb25f9b7cc9 C:\WINDOWS\system32\XPize_Logon.exe
<unsigned> MD5: 908884ada7ef4e601ee5bb0b5306d4c9 C:\WINDOWS\system32\xpsp2res.dll
<unsigned> MD5: 6b854ffc12e5e2c32683a03714cf6c5d C:\WINDOWS\Temp\RarSFX0\libeay32.dll
<unsigned> MD5: 37580b9354e984bf7c1a2b4ed7fa824b C:\WINDOWS\Temp\RarSFX0\libssl32.dll
<unsigned> MD5: ab4df8928e5180b710733366ab547812 C:\WINDOWS\Temp\RarSFX0\pcre.dll
<unsigned> MD5: bda4ef33a327040848dfe7f20d59e87a C:\Windows\Temp\RarSFX0\ProxySwitcher.exe
<unsigned> MD5: df8bd1b27dec5b497d98d263f6a04c97 C:\WINDOWS\Temp\RarSFX0\STLHash.dll
<unsigned> MD5: 4928ab3a304ddf05c354de3807a4a66b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
<unsigned> MD5: 686b224b4987c22b153fbb545fee9657 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
<unsigned> MD5: fe9ace2dabb257f28eaef57b48f87502 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
No file uploaded.
Scan finished - communication took 10 sec
Total traffic - 0.07 MB sent, 2.67 KB recvd
Scanned 1070 files and modules - 953 seconds
-------------------------------------------
Scan date: Fri Mar 19 17:48:18 2010
Machine ID: 289DDCED
No infection found.
---------------------
Processes
---------
<unsigned> Ares p2p for windows 1928 C:\Archivos de programa\Ares\Ares.exe
<unsigned> MessengerDiscovery 2 3216 C:\Archivos de programa\MessengerDiscovery 2\MessengerDiscovery 2.exe
<unsigned> Proxy Switcher 296 C:\Windows\Temp\RarSFX0\ProxySwitcher.exe
<unsigned> Sistema operativo Microsoft® Windows® 1672 C:\WINDOWS\Explorer.EXE
<unsigned> TaskSwitchXP 1884 C:\Archivos de programa\TaskSwitchXP\TaskSwitchXP.exe
<verified> AVG Anti-Spyware 3612 C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
<verified> AVG Anti-Spyware 1380 C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\guard.exe
<verified> ESET Smart Security 1876 C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe
<verified> ESET Smart Security 1844 C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe
<verified> Firefox 3616 C:\Archivos de programa\Mozilla Firefox\firefox.exe
<verified> GoogleToolbarNotifier 2008 C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
<verified> Microsoft Search Enhancement Pack 1992 C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
<verified> Microsoft® Windows® Operating System 2752 C:\WINDOWS\System32\alg.exe
<verified> Microsoft® Windows® Operating System 628 C:\WINDOWS\system32\csrss.exe
<verified> Microsoft® Windows® Operating System 708 C:\WINDOWS\system32\lsass.exe
<verified> Microsoft® Windows® Operating System 1448 C:\WINDOWS\system32\spoolsv.exe
<verified> Microsoft® Windows® Operating System 868 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 936 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1048 C:\WINDOWS\System32\svchost.exe
<verified> Microsoft® Windows® Operating System 1136 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1168 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1180 C:\WINDOWS\system32\svchost.exe
<verified> Sistema operativo Microsoft® Windows® 696 C:\WINDOWS\system32\services.exe
<verified> Sistema operativo Microsoft® Windows® 564 C:\WINDOWS\System32\smss.exe
<verified> Sistema operativo Microsoft® Windows® 2180 C:\WINDOWS\system32\wbem\wmiapsrv.exe
<verified> Sistema operativo Microsoft® Windows® 652 C:\WINDOWS\system32\winlogon.exe
<verified> Skype 1968 C:\Archivos de programa\Skype\Phone\Skype.exe
<verified> Windows Live Communications Platform 2360 C:\Archivos de programa\Windows Live\Contacts\wlcomm.exe
<verified> Windows Live Messenger 2020 C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe
<verified> Windows® Internet Explorer 700 C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
<verified> Windows® Internet Explorer 3284 C:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
Network activity
----------------
Process ekrn.exe (1844) connected on port 80 (HTTP) - 173.194.5.36
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 40700 - 201.248.100.174
Process ekrn.exe (1844) connected on port 80 (HTTP) - 199.7.51.190
Process ekrn.exe (1844) connected on port 80 (HTTP) - 69.192.117.115
Process ekrn.exe (1844) connected on port 80 (HTTP) - 69.192.124.20
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 44800 - 201.254.27.184
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.157
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.157
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 91.103.140.2
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 60355 - 201.87.34.41
Process ekrn.exe (1844) connected on port 80 (HTTP) - 69.192.115.190
Process ekrn.exe (1844) connected on port 8976 - 201.243.39.86
Process ekrn.exe (1844) connected on port 80 (HTTP) - 69.192.124.20
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.128
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 80 (HTTP) - 187.141.2.136
Process ekrn.exe (1844) connected on port 59824 - 190.191.23.228
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.157
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.166
Process ekrn.exe (1844) connected on port 80 (HTTP) - 91.103.140.2
Process ekrn.exe (1844) connected on port 80 (HTTP) - 74.125.19.113
Process svchost.exe (936) listens on ports: 135 (RPC)
Process Ares.exe (1928) listens on ports: 37139
Autoruns and critical files
---------------------------
<unsigned> Ares p2p for windows C:\Archivos de programa\Ares\Ares.exe
<unsigned> Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
<unsigned> Microsoft® Windows® Operating System C:\WINDOWS\system32\wpdshserviceobj.dll
<unsigned> Proxy Switcher C:\Windows\Temp\RarSFX0\ProxySwitcher.exe
<unsigned> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\shell32.dll
<unsigned> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\stobject.dll
<unsigned> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\XPize_Logon.exe
<unsigned> TaskSwitchXP C:\Archivos de programa\TaskSwitchXP\TaskSwitchXP.exe
<verified> AVG Anti-Spyware C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
<verified> AVG Anti-Spyware C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
<verified> ESET Smart Security C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe
<verified> GoogleToolbarNotifier C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\browseui.dll
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\crypt32.dll
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\cscdll.dll
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\sclgntfy.dll
<verified> Sistema operativo Microsoft® Windows® c:\windows\system32\userinit.exe
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\wlnotify.dll
<verified> Skype C:\Archivos de programa\Skype\Phone\Skype.exe
<verified> UpdateTask.exe C:\Archivos de programa\Ask.com\UpdateTask.exe
<verified> Windows Live Messenger C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe
<verified> Windows® Internet Explorer C:\WINDOWS\system32\msfeedssync.exe
<verified> Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
Browser plugins
---------------
<unsigned> Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
<verified> AcroIEHelper Library c:\archivos de programa\archivos comunes\adobe\acrobat\activex\acroiehelper.dll
<verified> BitDefender QuickScan C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles/owz4hikz.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
<verified> BitDefender QuickScan C:\Documents and Settings\Administrador\Datos de programa\Mozilla\Firefox\Profiles/owz4hikz.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
<verified> GoogleToolbarNotifier C:\Archivos de programa\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
<verified> Java(TM) Platform SE 6 U6 c:\archivos de programa\java\jre1.6.0_06\bin\ssv.dll
<verified> Microsoft Office Live Plug-in for Firef C:\Archivos de programa\Microsoft\Office Live\npOLW.dll
<verified> Microsoft® Windows Live Login Helper c:\archivos de programa\archivos comunes\microsoft shared\windows live\windowslivelogin.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
<verified> Mozilla Default Plug-in C:\Archivos de programa\Mozilla Firefox\plugins\npnul32.dll
<verified> MSN® Games by Zone.com C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
<verified> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
<verified> Silverlight Plug-In c:\Archivos de programa\Microsoft Silverlight\3.0.40624.0\npctrl.dll
<verified> Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\mswsock.dll
<verified> Skype add-on for IE c:\archivos de programa\skype\toolbars\internet explorer\skypeieplugin.dll
<verified> Windows Live® Photo Gallery C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll
<verified> Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
Scan
----
<unsigned> MD5: 2094bc9a0fc9c0e15eea5f4a9581dd14 C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\pdfshell.dll
<unsigned> MD5: bc24cfb8f1f16ec9fe70da796a160f1f C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\pdfshell.ESP
<unsigned> MD5: d1ea7694103f5d5cf11148f9b3864c45 C:\Archivos de programa\Ares\Ares.exe
<unsigned> MD5: 6256684495c499b22dcdba266e4f2494 C:\Archivos de programa\Messenger Plus! Live\Detoured.dll
<unsigned> MD5: 55c499f8004d63dd8adac79b883c3dcf C:\Archivos de programa\MessengerDiscovery 2\FacebookChat.dll
<unsigned> MD5: 40a0bf95cb736aa613f1cc60de32f827 C:\Archivos de programa\MessengerDiscovery 2\MessengerDiscovery 2.exe
<unsigned> MD5: 675df665b29327821f4d1e2a1b7b9734 C:\Archivos de programa\MessengerDiscovery 2\MessengerDiscovery.dll
<unsigned> MD5: 462e2f4886a0b389d4fda12a15f8219a C:\Archivos de programa\Mozilla Firefox\freebl3.dll
<unsigned> MD5: 52d4d6ec27a57313ab9f90e242c3cfa4 C:\Archivos de programa\Mozilla Firefox\nssdbm3.dll
<unsigned> MD5: a87b04299a14747bbcbe8cb4147612c2 C:\Archivos de programa\Mozilla Firefox\softokn3.dll
<unsigned> MD5: aceb501dc6253d26039cde2fe82a5576 C:\Archivos de programa\TaskSwitchXP\TaskSwitchXP.exe
<unsigned> MD5: d223b2c353d7f5e31b9a9380f1b9bc21 C:\Archivos de programa\Windows Live\Messenger\winmm.dll
<unsigned> MD5: 6782482a8ca4b5b5dab4ef0ad78db08f C:\Archivos de programa\Windows Media Player\WMPNetwk.exe
<unsigned> MD5: 023707d932ba31314210e6844d33d500 C:\Archivos de programa\WinRAR\RarExt.dll
<unsigned> MD5: 2d9bee70f34804e100be045c8d9f1e03 C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.Resources.dll
<unsigned> MD5: 5c56f1ec6be61288fb67e711dcf5220c C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\system.Resources.dll
<unsigned> MD5: 34b0bb91b09af174154bbaf040f785d1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll
<unsigned> MD5: da082d7cc5a7aa678fb788bc918df4c1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll
<unsigned> MD5: fb26856e8f3ea6dfec9966cd758b328a C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll
<unsigned> MD5: 3704e1f3c1b9aeeac42273257e9b31c9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll
<unsigned> MD5: f19b6174910758a5c357307f75412df1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0898f6c1de8cb89413d206e3d6a3ce1d\System.Runtime.Remoting.ni.dll
<unsigned> MD5: 3bd2d7dc0f9edd459dd459dc1c1bd1ea C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll
<unsigned> MD5: 74d8a0ce2d39a418cc0c21606525d856 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll
<unsigned> MD5: fd38968f97b8b7c38a426f36e970d09e C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll
<unsigned> MD5: 7902e805358f27489e67d6dfa45e764b C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll
<unsigned> MD5: c6c729770d9c3a0ad4d2d28788e71684 C:\WINDOWS\Explorer.EXE
<unsigned> MD5: a54235d77f14c5dba7931be1ebfd1763 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
<unsigned> MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
<unsigned> MD5: c974bfebdef0470e89957b9f432c1138 C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
<unsigned> MD5: 7f8c02a65b9d239cfda6b0ff763d1d61 C:\WINDOWS\system32\batmeter.dll
<unsigned> MD5: 7a0db315dc490c1a46bccb0ba49119ec C:\WINDOWS\system32\clipsrv.exe
<unsigned> MD5: d3a0d61c0fb1eb3b356ff8b5098080d4 C:\WINDOWS\system32\cmd.exe
<unsigned> MD5: 23a4de3c19fc4c39dad85ef47afae4e0 C:\WINDOWS\system32\comdlg32.dll
<unsigned> MD5: bc40a2de9fb2c8a551a240f2359c8f30 C:\WINDOWS\system32\comres.dll
<unsigned> MD5: f41e8f9f1ece5a9cff554df23681e699 C:\WINDOWS\system32\credui.dll
<unsigned> MD5: 91b125637c9acd7b4981248887058f31 C:\WINDOWS\system32\cryptui.dll
<unsigned> MD5: 685b000a5f55c3b3f087c69be961d354 C:\WINDOWS\system32\cscui.dll
<unsigned> MD5: 97d44ee3e44cdc7035e3cb2ef20babdb C:\WINDOWS\system32\ctfmon.exe
<unsigned> MD5: e31a5ec3b52a3ebc9e86e9c8d58f8f78 C:\WINDOWS\system32\drivers\kernel86x.sys
<unsigned> MD5: cd2425fd848e5fa09c9a213da56817a9 C:\WINDOWS\System32\Drivers\Pcouffin.sys
<unsigned> MD5: 71e276f6d189413266ea22171806597b C:\WINDOWS\System32\Drivers\sptd.sys
<unsigned> MD5: c2bdea3b5e025fadb79fd3deb23b8f53 C:\WINDOWS\system32\DRIVERS\tcpip.sys
<unsigned> MD5: f15feafffbb3644ccc80c5da584e6311 C:\WINDOWS\system32\DRIVERS\WudfPf.sys
<unsigned> MD5: 28b524262bce6de1f7ef9f510ba3985b C:\WINDOWS\system32\DRIVERS\wudfrd.sys
<unsigned> MD5: 62a0b06ffc7acf71e5cf50c9dc328b45 C:\WINDOWS\system32\inetres.dll
<unsigned> MD5: 3aa281e94a161421c423471c61baacaf C:\WINDOWS\system32\mapi32.dll
<unsigned> MD5: 55c30168142479c602bd456ac4e230b0 C:\WINDOWS\system32\mfplat.dll
<unsigned> MD5: 6d17c6a55178b3863948d70bbaa0ab1b C:\WINDOWS\system32\msdtc.exe
<unsigned> MD5: cac544cc0f6df0a92a8fd6ce16c107b9 C:\WINDOWS\system32\msgina.dll
<unsigned> MD5: 8c22083ed515dc94d575438662f0be6a C:\WINDOWS\system32\msi.dll
<unsigned> MD5: c51b4a5c05a5475708e3c81c7765b71d C:\WINDOWS\system32\mspmsnsv.dll
<unsigned> MD5: f2c5ad0b86e9b50de1e80673cd0205e0 C:\WINDOWS\system32\msxml3.dll
<unsigned> MD5: 1c32b7c105189e413501ebb0d1c25067 C:\WINDOWS\system32\mydocs.dll
<unsigned> MD5: 31fb4b337dd09bdf99429d7dbb5fdd48 C:\WINDOWS\system32\netfxperf.dll
<unsigned> MD5: b670c30917199fc87be35f3b171d250e C:\WINDOWS\system32\netshell.dll
<unsigned> MD5: 7be85db60c977603c21cae861df3e99c C:\WINDOWS\system32\odbcint.dll
<unsigned> MD5: 9d45b2201d0ecf9f42136c7b99deb8b2 C:\WINDOWS\system32\portabledeviceapi.dll
<unsigned> MD5: 22358578cb321f3325496a3723029409 C:\WINDOWS\system32\portabledevicetypes.dll
<unsigned> MD5: 454c8c1b7f167ffb3cba92b8058873a6 C:\WINDOWS\system32\quartz.dll
<unsigned> MD5: 5a55cabb03c399ddf183d9ff697551d6 C:\WINDOWS\system32\rasdlg.dll
<unsigned> MD5: a6f7b3910acebfd5a91a00896dec8ccf C:\WINDOWS\system32\regedt32.exe
<unsigned> MD5: b31e39edf8b9926ff013bb85c1ddbad2 C:\WINDOWS\system32\setupapi.dll
<unsigned> MD5: 3615d9152fc2c2a4d9dee1c9384daa70 C:\WINDOWS\system32\sfc_os.dll
<unsigned> MD5: 2a7eb3a8dff3222708548b4927f1a456 C:\WINDOWS\system32\shdoclc.dll
<unsigned> MD5: 728dc62ad5ca9211534c4f5861b62ddd C:\WINDOWS\system32\shell32.dll
<unsigned> MD5: 439ed51a1907314c6f637aec5a0d64ba C:\WINDOWS\system32\stobject.dll
<unsigned> MD5: 34cc6e80e6f1e2faefe3407a66c982e6 C:\WINDOWS\system32\sxs.dll
<unsigned> MD5: 4e8bd710fc30fc5fecc8c4d4abdaa83c C:\WINDOWS\system32\themeui.dll
<unsigned> MD5: 60ec27b523f189f955af4819cc392914 C:\WINDOWS\system32\uxtheme.dll
<unsigned> MD5: 8255fceef3566c44e6f2bcfe15eb198f C:\WINDOWS\system32\wmadmod.dll
<unsigned> MD5: 7365b5ca9747c84178d42cca72486277 C:\WINDOWS\system32\wmasf.dll
<unsigned> MD5: 711ce861c22e64ab180ba9887ef8dda9 C:\WINDOWS\system32\wmvcore.dll
<unsigned> MD5: 045e228f71c31901084b64be59093499 C:\WINDOWS\system32\wpdshserviceobj.dll
<unsigned> MD5: 05231c04253c5bc30b26cbaae680ed89 C:\WINDOWS\System32\WUDFSvc.dll
<unsigned> MD5: 58898f52ec07f3ec41c9afb25f9b7cc9 C:\WINDOWS\system32\XPize_Logon.exe
<unsigned> MD5: 908884ada7ef4e601ee5bb0b5306d4c9 C:\WINDOWS\system32\xpsp2res.dll
<unsigned> MD5: 6b854ffc12e5e2c32683a03714cf6c5d C:\WINDOWS\Temp\RarSFX0\libeay32.dll
<unsigned> MD5: 37580b9354e984bf7c1a2b4ed7fa824b C:\WINDOWS\Temp\RarSFX0\libssl32.dll
<unsigned> MD5: ab4df8928e5180b710733366ab547812 C:\WINDOWS\Temp\RarSFX0\pcre.dll
<unsigned> MD5: bda4ef33a327040848dfe7f20d59e87a C:\Windows\Temp\RarSFX0\ProxySwitcher.exe
<unsigned> MD5: df8bd1b27dec5b497d98d263f6a04c97 C:\WINDOWS\Temp\RarSFX0\STLHash.dll
<unsigned> MD5: 4928ab3a304ddf05c354de3807a4a66b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
<unsigned> MD5: 686b224b4987c22b153fbb545fee9657 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
<unsigned> MD5: fe9ace2dabb257f28eaef57b48f87502 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
No file uploaded.
Scan finished - communication took 10 sec
Total traffic - 0.07 MB sent, 2.67 KB recvd
Scanned 1070 files and modules - 953 seconds